1. Field of the Invention
This invention pertains in general to computer security and in particular to detection and prevention of surreptitious downloads of malicious software.
2. Description of the Related Art
Modern computer systems are often susceptible to a number of different problems, problems which are exacerbated by the increasing complexity of computer systems. One such problem relates to system security. There exists a wide variety of security threats posed by malicious software—collectively referred to as “malware”—that secretly performs operations not desired by the computer user. Such operations include theft of important data (e.g. financial records), modification or destruction of system or user files, execution of “backdoor” programs, and downloading of other malicious executable files. These operations are of particular concern in the context of web browsing, since most users perform web browsing on a frequent basis and are typically not aware that such actions pose a security threat.
Unfortunately, malware proves difficult to detect. The increased incidence of polymorphic viruses and other malware has made it increasingly difficult to detect such malware using existing signature-based detection systems. Even in the case of non-polymorphic malware detectable through signature-based approaches, it takes time to analyze the malware and to formulate a signature used to detect it, and additional time before the signature is incorporated into the malware scanning software of a given user. Thus, in the case of signature-based approaches, there is a time period after the first time that a new piece of malware is first discovered, during which the malware scanning software of a given user will fail to detect the malware.