Prevention of false positive detection of malware

Assignee

• Malwarebytes Inc. · US

Inventors

• Sunil Thomas · Palm Harbor, US
• Tina LaVonne Barfield · Pinellas Park, US
• Adam Hyder · Los Altos, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/033
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system manages the rate of false positive detections of malware by controlling release of malware definition updates. The system determines a cohort of target devices for distributing an initial release of an update of malware definitions and sends the update exclusively to the target devices. The system then obtains telemetry data which include information associated with usage of the target devices following the update. The system analyzes the telemetry data for instances of false positive detections of malware arising from the update to the malware definitions. Based on the analysis of the telemetry data, the system determines whether to further distribute the update outside of the cohort of target client devices or to roll back the update provided to the cohort. The system executes the decision to further distribute the update or to roll back the update.