The growth of computer networking has brought with it users engaged in unscrupulous activities. Such activities include creating and distributing malicious software, or malware, used to attack computers on the network. For example, malicious software may cause disruption in activities, exposure of confidential information, or even damage to computer systems exposed to the software. Malware may take many forms, such as an attachment to an e-mail, code embedded or hidden in a document or web object, and other types of executable files transmitted over a network, such as the Internet.
Entities desire to learn about malicious software as soon as possible to inhibit its spread and mitigate its effects on productivity and computer systems. Because such software is modified from version to version, not distributed from the same source, and may be distributed using various means, it can be difficult to quickly identify newly created malware and appreciate its connection to known instances of malicious code.
Therefore, it is desirable to introduce tools to identify and present associations between binary samples of data to identify trends in malicious software and to minimize the potential adverse consequences which could arise out of distribution of such malware.