System and method for training a model for detecting malicious objects on a computer system
US11036858B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 2, 2019 |
| Grant date | Jun 15, 2021 |
| Priority date | — |
| Expiry date | Aug 14, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N20/20
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Methods and systems are described in the present disclosure for training a model for detecting malicious objects on a computer system. In an exemplary aspect, a method includes: selecting files from a database used for training a detection model, the selection is performed based on learning rules, performing an analysis on the files by classifying them in a hierarchy of maliciousness, forming behavior patterns based on execution of the files and parameters of the execution, training the detection model according to the analysis of the files and the behavior patterns, verifying the trained detection model using a test selection of files to test determinations of harmfulness of the test selection of files, and when the verification fails, retraining the detection model using a different set of files from the database, otherwise applying the detection model to a new set of files to determine maliciousness.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.