Patent · US Active

Method and system for detecting malicious behavioral patterns in a computer, using machine learning

US8516584B2 · kind B2 · utility

39Cited by

4References

7Claims

0Family size

Assignee

DEUTSCHE TELEKOM AG · DE

Inventors

Robert Moskovitch · Ashkelon, IL
Dima Stopel · Herzliya, IL
Zvi Boger · Beer Sheva, IL
Yuval Shahar · Omer, IL
Yuval Elovici · Kiryat Malachi, IL

Key dates

Filing date	Jan 24, 2008
Grant date	Aug 20, 2013
Priority date	—
Expiry date	Oct 2, 2029

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Method for detecting malicious behavioral patterns which are related to malicious software such as a computer worm in computerized systems that include data exchange channels with other systems over a data network. According to the proposed method, hardware and/or software parameters that can characterize known behavioral patterns in the computerized system are determined. Known malicious code samples are learned by a machine learning process, such as decision trees, Naïve Bayes, Bayesian Networks, and artificial neural networks, and the results of the machine learning process are analyzed in respect to these behavioral patterns. Then, known and unknown malicious code samples are identified according to the results of the machine learning process.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.