Deep learning-based analysis of signals for threat detection
US12141280B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 30, 2020 |
| Grant date | Nov 12, 2024 |
| Priority date | — |
| Expiry date | May 1, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06N3/09
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Embodiments of the present disclosure provide systems, methods, and non-transitory computer storage media for identifying malicious behavior using a trained deep learning model. At a high level, embodiments of the present disclosure utilize a trained deep learning model that takes a sequence of ordered signals as input to generate a score that indicates whether the sequence is malicious or benign. Initially, process data is collected from a client. After the data is collected, a virtual process tree is generated based on parent and child relationships associated with the process data. Subsequently, embodiments of the present disclosure aggregate signal data with the process data such that each signal is associated with a corresponding process in a chronologically ordered sequence of events. The ordered sequence of events is vectorized and fed into the trained deep learning model to generate a score indicating the level of maliciousness of the sequence of events.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.