A conventional processing system may include hardware resources, such as a central processing unit (CPU) and random access memory (RAM), as well as software resources, such as an operating system (OS) and one or more end-user programs or applications. Some of the most common end-user applications are email applications and web browser applications. Such applications allow users with different data processing systems to share information with each other via networks, such as the Internet.
The information technology (IT) infrastructure in many parts of the world has advanced to the stage that it now supports international communication through applications such as email clients, web browsers, and instant messaging (IM) programs. Unfortunately, some individuals have developed, and continue to develop, viruses, worms, and other types of software which interfere with such communications, which adversely affect the data processing systems used for such communications, or both. For purposes of the disclosure the term “virus” is used in general to refer to viruses, worms, and any other related type of software.
A conventional approach to combating viruses involves software that scans the data that comes in to a data processing system, and compares that data against a predefined list of known viruses or virus signatures. If certain attributes of the incoming data match the attributes of a virus on the list of known viruses, remedial measures are taken. One disadvantage of this conventional approach, however, is that it does not protect against viruses that aren't in the list. The data processing system therefore remains susceptible to new viruses, until such time as the attributes of the new viruses are discovered, and the list of known viruses is updated accordingly.