Traditionally, security systems utilize scanning techniques to determine if data on a system is unwanted (e.g. malware, etc.). However, such scanning techniques have been associated with various limitations. For example, the security systems utilize signature scanning to determine if data is associated with malware. However, signature scanning is resource intensive since data on a system may have to be re-scanned whenever new signatures are available.
In addition, some security systems have utilized a whitelist database in an attempt to assist with signature scanning. However, such whitelist database techniques have also generally exhibited various limitations. For example, since data associated with an operating system or application is updated frequently, the security systems are unable to keep the whitelist database up to date. Furthermore, as yet another example, the security systems are unable to effectively determine which data should be added to the whitelist database.
There is thus a need for addressing these and/or other issues associated with the prior art.