System and method of detecting malicious files using a trained machine learning model
A malicious file and model detection technology, applied in the field of anti-virus, can solve the problems of inability to handle detection, training and retraining of characteristics and characteristics of teaching models without disclosure, and achieve the effect of improving accuracy
Active Publication Date: 2019-04-26
AO KASPERSKY LAB
View PDF5 Cites 3 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0015] Although the techniques described above are good at detecting specific characteristics similar to those of known malicious files (i.e., data describing specific characteristics of files from a specific file group, such as the presence of a graphical interface, encryption of data, transmission of data over a computer network etc.), but the techniques described above cannot handle the detection of malicious files with characteristic signatures different from those of known malicious files (even if the behavior is similar)
Furthermore, the aforementioned techniques do not disclose the aspects of machine teaching of the model (e.g., testing and teaching of the model), and training and retraining of feature features (depending on the results of the aforementioned testing)
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0039] Exemplary aspects are described herein in the context of systems, methods, and computer program products for detecting malicious files using trained machine learning models. Those of ordinary skill in the art will appreciate that the following description is illustrative only and is not intended to be limiting in any way. Other aspects will readily suggest themselves to those skilled in the art with the benefit of the invention. Reference will now be made in detail to implementations of the exemplary aspects as illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings and the following description to refer to the same or like items.
[0040] The following terms will be used throughout the present disclosure, drawings and claims.
[0041] Malicious File - A file whose execution is known to cause unauthorized destruction of computer information, block, modify, copy, or neutralize a protective module.
...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The present disclosure is directed to a system and method of detecting malicious files by using a trained machine learning model. The system may comprise a hardware processor configured to form at least one behavior pattern, calculate the convolution of all behavior patterns, select from a database of detection models at least two models for detection of malicious files on the basis of the behavior patterns, calculate the degree of harmfulness of a file being executed on the basis of an analysis of the convolution and the at least two models for detection of malicious files, form, on the basisof the degrees of harmfulness, a decision-making pattern, recognize the file being executed as malicious if the degree of similarity between the formulated decision-making pattern and at least one ofa predetermined decision-making patterns from a database of decision-making patterns previously formulated on the basis of an analysis of malicious files, exceeds a predetermined threshold value.
Description
technical field [0001] The present invention relates to antivirus technology, and more particularly to systems and methods for detecting malicious files using trained machine learning models. Background technique [0002] The rapid development of computer technology in the last decade and the widespread availability of various computing devices (personal computers, laptops, tablets, smartphones, etc.) strong impetus for use in money transfers and electronic document transactions). While the number of computing devices and the software that runs on those devices has grown, the number of malicious programs has also increased rapidly. [0003] Currently, there are a large variety of malicious programs. Some of them malicious programs steal personal and confidential data (such as logins and passwords, banking information, electronic documents) from the user of the device. Other malicious programs cause user devices to form so-called botnets for attacks such as denial of servi...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N3/02
CPCG06F21/562G06N3/02G06F21/566G06F21/564G06F2221/034G06N5/047G06N20/00
Inventor 亚历山大·S·奇斯特亚科夫叶卡捷琳娜·M·洛巴切瓦阿列克谢·M·罗曼恩科
Owner AO KASPERSKY LAB