Scalable training of random forests for high precise malware detection
US10885469B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 2, 2017 |
| Grant date | Jan 5, 2021 |
| Priority date | — |
| Expiry date | Jun 14, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2145
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
In one embodiment, a device trains a machine learning-based malware classifier using a first randomly selected subset of samples from a training dataset. The classifier comprises a random decision forest. The device identifies, using at least a portion of the training dataset as input to the malware classifier, a set of misclassified samples from the training dataset that the malware classifier misclassifies. The device retrains the malware classifier using a second randomly selected subset of samples from the training dataset and the identified set of misclassified samples. The device adjusts prediction labels of individual leaves of the random decision forest of the retrained malware classifier based in part on decision changes in the forest that result from assessing the entire training dataset with the classifier. The device sends the malware classifier with the adjusted prediction labels for deployment into a network.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.