Malware detection system attack prevention
First Claim
Patent Images
1. A method for preventing attacks on a malware detection system, the method comprising:
- modeling a time series of directed graphs using incoming binary files during training of a machine learning system to detect malware attacks;
detecting, during a time-window of the time series, an anomaly based on a directed graph of the time series of directed graphs; and
providing an alert that the anomaly has corrupted the machine learning system; and
wherein vertices of the directed graph are functions corresponding to the incoming binary files and an edge of the directed graph is a call relationship between functions of respective vertices connected by the edge.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods may be used to prevent attacks on a malware detection system. A method may include modeling a time series of directed graphs using incoming binary files during training of a machine learning system and detecting, during a time-window of the dine series, an anomaly based on a directed graph of the time series of directed graphs. The method may include providing an alert that the anomaly has corrupted the machine learning system. The method may include preventing or remedying corruption of the machine learning system.
-
Citations
22 Claims
-
1. A method for preventing attacks on a malware detection system, the method comprising:
-
modeling a time series of directed graphs using incoming binary files during training of a machine learning system to detect malware attacks; detecting, during a time-window of the time series, an anomaly based on a directed graph of the time series of directed graphs; and providing an alert that the anomaly has corrupted the machine learning system; and wherein vertices of the directed graph are functions corresponding to the incoming binary files and an edge of the directed graph is a call relationship between functions of respective vertices connected by the edge. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A malware detection system for preventing poison attacks, the malware detection system comprising:
-
a processor of an anomaly detection system; and memory, the memory including instructions, which when executed by the processor, cause the processor to; model a time series of directed graphs using incoming binary files during training of a machine learning system to detect malware attacks; detect, during a time-window of the time series, an anomaly based on a directed graph of the time series of directed graphs; and provide an alert that the anomaly has corrupted the machine learning system; and wherein vertices of the directed graph are functions corresponding to the incoming binary files and an edge of the directed graph is a call relationship between functions of respective vertices connected by the edge. - View Dependent Claims (14, 15, 16, 17)
-
-
18. At least one non-transitory machine-readable medium including instructions for preventing attacks on a malware detection system, which when executed by a machine, cause the machine to:
-
model a time series of directed graphs using incoming binary files during training of a machine learning system to detect malware attacks; detect, during a time-window of the time series, an anomaly based on a directed graph of the time series of directed graphs; and provide an alert that the anomaly has corrupted the machine learning system; and wherein vertices of the directed graph are functions corresponding to the incoming binary files and an edge of the directed graph is a call relationship between functions of respective vertices connected by the edge. - View Dependent Claims (19, 20, 21, 22)
-
Specification