Some network security applications function to detect malicious files stored on network devices before the malicious files can be executed or otherwise employed in damaging the network or network devices. Examples of malicious files include files that contain viruses or malware.
For example, a network security application may attempt to identify a malicious file by comparing a suspicious file that is suspected of being malicious to a list of files known to be malicious. If the suspicious file matches any of the files in the list of files known to be malicious, the network security application may identify the suspicious file as a malicious file. However, purveyors of malicious files have attempted to avoid detection of their malicious files by causing variations of their malicious files to have minor differences which cause the malicious files to not match up exactly with the files in a list of malicious files. The proliferation of these variations of malicious files has rendered many network security applications incapable of accurately detecting many malicious files, which leaves network devices vulnerable to undetected malicious files.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one example technology area where some embodiments described herein may be practiced.