Building a ground truth dataset for a machine learning-based security application
US10623426B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 14, 2017 |
| Grant date | Apr 14, 2020 |
| Priority date | — |
| Expiry date | Apr 25, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N5/048
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Building a ground truth dataset for a machine learning-based security application. In one embodiment, a method may include identifying a set of network devices to add to a ground truth dataset. The method may also include, for each network device in the set of network devices, identifying a potentially malicious application stored on the network device, analyzing behavior of the potentially malicious application to determine whether the potentially malicious application has behaved maliciously, and if so, adding the network device to the ground truth dataset as an infected device or, if not, adding the network device to the ground truth dataset as a clean device. The method may further include training a machine learning classifier of a security application using the ground truth dataset, making a security action decision using the machine learning classifier, and performing a security action on a computer system based on the security action decision.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.