Systems and methods for detecting malware based on event dependencies
US10282546B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 21, 2016 |
| Grant date | May 7, 2019 |
| Priority date | — |
| Expiry date | Apr 15, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N3/09
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The disclosed computer-implemented method for detecting malware based on event dependencies may include (1) applying, to a malware detection system capable of analyzing event dependencies, an event sequence derived from the execution of an application, (2) obtaining, from the malware detection system, a malware confidence score for the event sequence which the malware detection system calculates after a certain event within the event sequence has executed based at least in part on one or more dependencies between the certain event and at least one other event within the event sequence, (3) determining that the malware confidence score exceeds a threshold, and (4) classifying the application as malicious in response to determining that the malware confidence score exceeds the threshold. Various other methods, systems, and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.