Identifying malicious activities from system execution traces.

Every day, massive amounts of system events from software agents deployed at endpoint devices across the world are received by the IBM Trusteer security group. The software associated with each event is verified with respect to third-party malware inspection services such as VirusTotal. Unfortunately, many events are associated with software that is unrecognized by inspection services. As a result...