There are particular files that are common to many computer systems and therefore are often the target of malicious code. This malicious code, or malware, may propagate on a user's system through a variety of means. For example, malware may inject copies of itself into computer files or into the memory buffers in a running process, or may add a library to the memory of a running process which can then be used to further infect the system and other networked systems. While computer security services make every effort to identify and respond to threats as they appear, new threats that have not yet been identified are a constant danger to computer systems.
Automated tools have been developed for detecting anomalous behavior on a network that may indicate malicious code activity on the network. For instance, a significant quantity of network traffic that exceeds the expected amount of traffic may be used to identify unauthorized communications from infected files. Some newer malware is designed to communicate only intermittently and in amounts characteristic of normal traffic in order to be more difficult to detect by these tools.
In view of the foregoing, it may be understood that there may be significant problems and shortcomings associated with current data security technologies.