Proactive detection of malicious software, is a constant battle between anti-malware improvements and malware improvements, with each reacting to changes in the tactics and capabilities of the other, with attackers constantly evolving and evading existing defenses. Many approaches have been attempted in response to the problem of malware, each of which have positive and negative aspects. Some of the approaches previously tried include file inspection, file reputation checking, behavioral monitoring, whitelisting, host-based intrusion prevention systems, network-based intrusion prevention systems, access protection, application control, sandboxing, etc. But malware continues to find ways to evade all of those techniques. Improved techniques for detecting malware would be desirable.