Anti-virus software is a key security technology on todays end user systems. Current anti-virus engines use two complementary techniques to detect malware. One is to statically scan potential malware sample files for certain patterns which are known ("malware signatures"). The other is to dynamically detect typical malicious behavior (e.g., modifications of registry keys, DLL injections etc.) upon execution of a sample. No anti-virus product can reliably detect malware. Rather, all products are plagued by false positives and false negatives. An interesting approach to improve the...