Patent · US Active

Identifying malicious activity using data complexity anomalies

US11017079B2 · kind B2 · utility

0Cited by

4References

5Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Jonathan Edward Andersson · Round Rock, US
Josiah Dede Hagen · Austin, US

Key dates

Filing date	May 24, 2018
Grant date	May 25, 2021
Priority date	—
Expiry date	Jan 17, 2039

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Examples relate to identifying malicious activity using data complexity anomalies. In one example, a computing device may: receive a byte stream that includes a plurality of bytes; determine, for a least one subset of the byte stream, a measure of complexity of the subset; determine that the measure of complexity meets a predetermined threshold measure of complexity for a context associated with the byte stream; and in response to determining that the measure of complexity meets the threshold, provide an indication that the byte stream complexity is anomalous.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.