Consumers and businesses face a growing tide of malicious software that threatens the stability and performance of their computers and the security of their data. Computer programmers with malicious motivations have created and continue to create viruses, Trojan horses, worms and other programs in an attempt to compromise computer systems. These malicious programs are often referred to as malware. In an attempt to evade detection, malicious programmers may inject malware into or among legitimate programs.
Many security software companies attempt to combat malware by creating and deploying malware signatures (e.g., hash functions that identify malware) to their customers on a regular basis. However, new malware (along with variants of old malware) continually emerge, leaving a significant amount of malware that cannot be detected using traditional signature-based malware-detection methods.
Unfortunately, ever-increasing volumes of new malware and malware variants create ever-larger sets of malware for vendors to analyze. This may consume the time of malware analysts and/or may consume computing resources. Additionally, growing sets of malware signatures may increase the size of anti-malware products, increase the duration of malware scans, and/or increase bandwidth consumption during signature-definition updates.