Increasingly, computer systems have needed to protect themselves against undesirable computer code. Such undesirable computer code has generally taken the form of viruses, worms, Trojan horses, spyware, adware, and so forth. The damage and/or inconvenience capable of being incurred by these types of undesirable code has ranged from mild interference with a program, such as the display of an undesirable political message in a dialog box, to the complete destruction of contents on a hard drive, and even the theft of personal information.
Many security applications have been developed for combating the above undesirable computer code. Traditionally, such security applications operate in an isolated manner. Specifically, each component is specialized for its domain and is optimized to operate with high efficiency and low false alarm rates. As a result, few promising strategies have been developed to incorporate cooperation amongst the components in a universal and global way.
Some of the current approaches propose standards for security alert exchange protocols and data collection endpoints which are not flexible enough to cope with the introduction of arbitrary new components without reprogramming core functionality. Other approaches focus only on processing data within a single enterprise without trying to benefit form worldwide security alert information. Unfortunately, such systems leave much to be desired.
There is thus a need for overcoming these and/or other problems associated with the prior art.