Consumers and businesses face a growing tide of malicious software that threatens the stability and performance of their computers and the security of their data. Computer programmers with malicious motivations have created and continue to create viruses, Trojan horses, worms, and other programs (collectively known as “malware”) in an attempt to compromise computer systems. In an attempt to evade detection, malicious programmers may inject malware into or among legitimate programs.
Many security software companies attempt to combat malware by creating and deploying malware signatures to their customers on a regular basis. However, a significant amount of malware has not yet been identified and, therefore, may not be represented in traditional malware signature databases, particularly since malware authors may regularly modify their malware in an attempt to circumvent commonly employed signature-based malware-detection mechanisms. Malware authors may apply obfuscation techniques to quickly generate countless variants of a malware sample with little effort. As malware variants proliferate, security software companies may struggle to keep up in the race to identify, analyze, and create signatures for detecting new variants.
The instant disclosure, therefore, identifies and addresses a need for systems and methods for detecting malware using static analysis.