System and method for analyzing binary code for malware classification using artificial neural network techniques
US11108809B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 27, 2017 |
| Grant date | Aug 31, 2021 |
| Priority date | — |
| Expiry date | Mar 25, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system for detecting whether a file including content s associated with a cyber-attack is described. The content may include an executable file for example. The system includes an intelligence-driven analysis subsystem and a computation analysis subsystem. The intelligence-driven analysis subsystem is configured to (i) receive the file, (ii) inspect and compute features of the file for indicators associated with a cyber-attack, and (iii) produce a first output representing the detected indicators. The computational analysis subsystem includes an artificial neural network to (i) receive a network input being a first representation of at least one section of binary code from the file as input, and (ii) process the first representation of the section to produce a second output. The first output and the second output are used in determination a classification assigned to the file.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.