Hardware-assisted malware detection using explainable machine learning

Assignee

• University of Florida Research Foundation, INC. · US

Inventors

• Prabhat Kumar Mishra · Gainesville, US
• Zhixin Pan · Gainesville, US
• Jennifer Sheldon · San Mateo, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06N3/09
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

The present disclosure describes systems and methods for hardware-assisted malware detection. One such system comprises a memory; and a hardware processor of a computing device operatively coupled to the memory. The hardware processor is configured to execute a software application suspected of being malware; monitor behavior of the software application at run-time; and acquire an input time sequence of data records based on a trace analysis of the software application, wherein the input time sequence comprises a plurality of features of the software application. The hardware processor is further configured to classify the software application as being a malicious software application based on the plurality of features of the software application; and output a ranking of a subset plurality of features by their respective contributions towards the classification of the software application as being malicious software.