Malware such as computer viruses, worms, Trojan horses, ransomware, spyware, adware, etc., causes significant harm to computer systems and inconvenience to their users. With the ever increasing use of computer systems and the Internet, malware proliferation has exploded, with some computer analysts estimating that the release rate of malicious code and other unwanted programs may be exceeding that of legitimate software applications.
Conventional malware mitigation generally either detects and prevents installation of malware, and/or detects and removes malware that has already compromised a system. For example, some anti-malware systems scan a computer system's storage for the presence of known malware.
In graphical user environments (GUIs), malware may attach itself to useful application by modifying the event handlers of GUI elements. Some malware, such as spyware, may be intentionally embedded in legitimate, useful, applications. The perceived usefulness of anti-malware systems is sometimes determined in part on whether the systems “breaks” existing applications. Notification and/or removal of a malware threat that has attached to, or is intentionally embedded in, a legitimate application's GUI, may cause the user to believe that the anti-malware system has flagged a false-positive. Such a perception of false-positives may cause users to unwisely ignore or discontinue some or all of the protective capabilities of the anti-malware system. Even where the user understand that a true-positive has been flagged, the user may perceive the anti-malware system as lacking where the user still wishes to use portions of the application. For instance, a user may want to use an application with intentionally embedded spyware without encountering the negative effects of the spyware disclosing information without informed consent.
Without new reliable ways to mitigate malware, critical computing infrastructure may be more routinely compromised. These compromises may result in real-world system downtime, inconveniences to organizations and users, economic loss and may even threaten human safety.
It would be desirable to address these issues.