Patent · US Active

Unknown malicious program behavior detection using a graph neural network

US11463472B2 · kind B2 · utility

2Cited by

0References

17Claims

0Family size

Assignee

NEC CORPORATION · JP

Inventors

Zhengzhang Chen · Princeton Junction, US
Ding Li · Superior, US
Zhichun Li · Princeton, US
Shen-De Wang · Hengshan, TW

Key dates

Filing date	Oct 15, 2019
Grant date	Oct 4, 2022
Priority date	—
Expiry date	Jan 14, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method for detecting malicious program behavior includes performing program verification based on system activity data, analyzing unverified program data identified from the program verification to detect abnormal events, including analyzing host-level events to detect abnormal host-level events by learning a program representation as a graph embedding through an attentional architecture based on an invariant graph between different system entities, generating detection results based on the analysis, and performing at least one corrective action based on the detection results.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.