Generic feature extraction for identifying malicious packages

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Rahul PANDITA · Arvada, US
• Max Schaefer · Mablethorpe, GB
• Albert Ziegler · Felton, GB

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/034
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Classifying packages based on generic feature extraction. A computer system identifies a set of training packages, including a first subset known to be malicious, and a second subset known to be benign. The computer system extracts a set of training feature vectors from the set of training packages by inputting each training package to a feature extraction model, which generates a training feature vector for each training package. The computer system trains a classification model using the set of training feature vectors. After training the classification model using the set of training feature vectors, a subject package is classified as malicious or benign based on extracting a feature vector for the subject package by inputting the subject package to the feature extraction model, and inputting the feature vector to the classification model.