Assessing detectability of malware related traffic
US10630709B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 13, 2018 |
| Grant date | Apr 21, 2020 |
| Priority date | — |
| Expiry date | Oct 18, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N20/10
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
In one embodiment, a computing device trains a multi-class classifier (having a plurality of classes) on a training dataset, and evaluates the multi-class classifier on a testing dataset to determine a performance of each of the plurality of classes. The plurality of classes may then be partitioned into either learnable or unlearnable based on whether the performance each particular class surpasses a particular threshold, and then a predicting classifier can be trained on the training dataset, where data of the training dataset is labelled as either learnable or unlearnable based on the particular class to which the data corresponds. Accordingly, the computing device may then use the predicting classifier on a new class to predict whether samples associated with the new class are learnable or unlearnable, and may retrain the multi-class classifier with the samples associated with the new class in response to predicting that the samples are learnable.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.