Deep learning on execution trace data for exploit detection
US10915631B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 15, 2018 |
| Grant date | Feb 9, 2021 |
| Priority date | — |
| Expiry date | Jul 20, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N20/10
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Technologies disclosed herein provide for converting a first data of a first control flow packet to a first pixel, where the first data indicates one or more branches taken during a known execution of an application, generating an array of pixels using the first pixel and one or more other pixels associated with one or more other control flow packets generated from the known execution, transforming the array of pixels into a series of images, and using a machine learning algorithm with inputs to train a behavior model to identify a malicious behavior in an unknown execution of the application. The inputs include one or more images of the series of images and respective image labels assigned to the one or more images. More specific embodiments include extracting the first control flow packet from an execution trace representing at least part of the known execution.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.