Networked computers are vulnerable to malicious computer code attacks, such as worms, viruses and Trojan horses. As used herein, “malicious computer code” is any code that enters a computer without an authorized user's knowledge and/or without an authorized user's consent.
More specifically, e-mail worms are a growing plague on today's Internet users. As evidenced by the success of recent worms such as MyDoom, current solutions do not always adequately contain such threats.
Much current anti-malicious code software scans executable images looking for known malicious code signatures. Many users of security software do not keep up to date with respect to their anti-malicious code product and its signatures. In any case, signatures do not exist for newly released worms until they have been identified and analyzed. Therefore, even the subset of security software subscribers who are up to date with respect to their anti-malicious code product and its signatures would benefit from technology that protects them during the period between threat appearance and signature delivery.
What is needed are methods, systems and computer readable media that provide protection from malicious code from its onset through and beyond the production of traditional signatures for anti-malicious code products. Additionally, it would be desirable for the methods, systems and computer readable media to identify worm originating source processes, and to generate network scalable warnings thereof.