Patent · US Active

Systems and methods for trichotomous malware classification

US10366233B1 · kind B1 · utility

7Cited by

0References

20Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Reuben Feinman · Mountain View, US
Javier Echauz · Roswell, US
Andrew B. Gardner · Roswell, US

Key dates

Filing date	Nov 18, 2016
Grant date	Jul 30, 2019
Priority date	—
Expiry date	Mar 25, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/20
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The disclosed computer-implemented method for trichotomous malware classification may include (1) identifying a sample potentially representing malware, (2) selecting a machine learning model trained on a set of samples to distinguish between malware samples and benign samples, (3) analyzing the sample using a plurality of stochastically altered versions of the machine learning model to produce a plurality of classification results, (4) calculating a variance of the plurality of classification results, and (5) classifying the sample based at least in part on the variance of the plurality of classification results. Various other methods, systems, and computer-readable media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.