http://www.inforisktoday.com/interviews/dhs-eyes-malware-provenance-to-identify-malicious-code-i-3101