Systems and methods for detecting malware
US10133865B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 15, 2016 |
| Grant date | Nov 20, 2018 |
| Priority date | — |
| Expiry date | Jul 26, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The disclosed computer-implemented method for detecting malware may include (1) identifying a plurality of programs represented in machine code, (2) deriving a plurality of opcode n-grams from opcode sequences within the plurality of programs, (3) training an autoencoder by using the plurality of opcode n-grams as input, (4) discovering a set of features within the autoencoder after training the autoencoder, each feature within the set of features comprising a linear combination of opcode n-grams from the plurality of opcode n-grams, and (5) classifying a potentially malicious program as malicious by using the set of features discovered within the autoencoder to analyze the potentially malicious program. Various other methods, systems, and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.