Systems and methods of malware detection
US12238124B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 14, 2023 |
| Grant date | Feb 25, 2025 |
| Priority date | — |
| Expiry date | Jun 14, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L41/16
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods for detecting suspicious malware by analyzing data such as transfer protocol data or logs from a host within an enterprise is provided. The systems and methods include a database for storing current data and historical data obtained from the network and a detection module and an optional display. The embodiments herein extract information from non-encrypted transfer protocol metadata, determine a plurality of features, utilize an outlier detection model that is based on historical behaviors, calculate a suspiciousness score, and create alerts for analysis by users when the score exceeds a threshold. In doing so, the systems and methods of the present invention improve the ability to identify suspicious outliers or potential malware on an iterative basis over time.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.