As society becomes increasingly interconnected and dependent on computing systems, so does the importance of cyber security and the prevention of malware. Beyond just the home computer, smart-phones, routers, printers, and all kinds of devices now run operating systems that could be potentially infected. This represents an explosion in the potential attack surface for a malicious actor. The tools currently available to security professions are improving, but limited. Each tool is designed for one software platform, making their scope limited. Adapting these tools to new platforms and hosts requires years of effort and introduces a significant lag time to protecting any new platforms that will arise in the future. Further, malware often involves an adversary intentionally violating format specification and rules. These violations may be intended to slow reverse engineering efforts, hide intent or attribution, or simply be part of an exploit that is part of the malware's functionality.

In this thesis, we develop a new approach for tackling problems related to malware detection and cyber security in general. Specifically, we develop new methods inspired by compression algorithms that support a wide range of tasks. The compression background allows the methods we develop to be applied to any file format, operating system, or platform. This provides a single method which can be used in all circumstances, and dramatically reduces the potential lag time to protect new platforms. Not only does this provide a wide range of flexibility, but we will also show that our approach significantly improves upon the existing methods available to practitioners today.