1. Technical Field
Embodiments of the present disclosure generally relate to network security and, more particularly, to detection of malicious payload.
2. Description of the Related Art
In networks, malicious code (commonly referred to as anomalies or malware) may intrude and steal system resources. Such malware is often polymorphic in nature, avoiding detection by altering the content of their payload in an effort to avoid detection.
Advanced detection techniques utilize Automatic Signature Extraction (ASE) algorithms that are capable of extracting common signatures for malware packets, even if some portion of the content is altered. Unfortunately, such malware may spread rapidly, propagating too many network nodes before detection.
Therefore, what is needed is a technique to rapidly detect malware.