Unlock instant, AI-driven research and patent intelligence for your innovation.

System and method of machine training model of detecting malicious files

A detection model and machine learning technology, applied in the field of anti-virus technology, can solve the problems of undisclosed machine learning model model testing, model retraining and then forming characteristic attributes, and inability to detect well

Active Publication Date: 2019-01-25
AO KASPERSKY LAB
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Although known techniques are good at detecting files with specific characteristic attributes similar to those of known malicious files (i.e., describing things such as the presence of a graphical interface, data encryption, data transmission over a computer network, etc.) from a specific file group Malicious files with specific characteristics of data), but known techniques are not good at detecting malicious files that (albeit behave similarly) have characteristic attributes that are different from those of known malicious files
In addition, the above techniques do not disclose aspects of model testing, model retraining, and formation and reformulation of feature attributes that rely on the results of the above tests for machine learning models.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method of machine training model of detecting malicious files
  • System and method of machine training model of detecting malicious files
  • System and method of machine training model of detecting malicious files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029]This document describes exemplary aspects of systems, methods, and computer program products for machine learning malicious file detection models. Those of ordinary skill in the art will appreciate that the following description is exemplary only and is not intended to be limiting in any way. Other aspects will readily occur to those skilled in the art having the benefit of this disclosure. Reference will now be made in detail to implementations of the exemplary aspects illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings and the following description to refer to the same or like items.

[0030] A number of definitions and concepts used to describe variant aspects of the present disclosure will be introduced below.

[0031] Malicious file: means a file whose execution is known to result in the unauthorized destruction, blocking, modification, duplication of computer information, or disables protect...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Disclosed are systems and methods for machine learning of a model for detecting malicious files. The described system samples files from a database of files and trains a detection model for detectingmalicious files on the basis of an analysis of the sampled files. The described system forms behavior logs based on executable commands intercepted during execution of the sampled files, and generatesbehavior patterns based on the behavior log. The described system determines a convolution function based on the behavior patterns, and trains a detection model for detecting malicious files by calculating parameters of the detection model using the convolution function on the behavior patterns. The trained detection model may be used to detect malicious files by utilizing the detection model ona system behavior log generated during execution of suspicious files.

Description

technical field [0001] The present disclosure relates to antivirus technology. More specifically, the present invention relates to methods, systems, and computer-readable media for machine learning malware detection models. Background technique [0002] The rapid development of computer technology in recent decades, and the widespread distribution of various computing devices such as personal computers, laptops, tablets, and smartphones, has become an important issue in countless problems and various situations, from surfing the Internet to bank transfers and electronic document transportation. Great motivation to use such a device in the field of activity. While the number of computing devices and the software running on those devices has grown, the number of malicious programs has also increased rapidly. [0003] There are currently a large number of various malicious programs. Some of these malicious programs steal personal confidential data such as logins and password...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/56
CPCG06F21/552G06F21/566G06F21/565G06F21/57G06F2221/034G06N20/00
Inventor 亚历山大·S·克里斯提科夫叶卡捷琳娜·M·洛巴切瓦阿列克谢·M·罗曼恩科
Owner AO KASPERSKY LAB