×

Recurrent neural networks for malware analysis

  • US 10,691,799 B2
  • Filed: 04/15/2016
  • Issued: 06/23/2020
  • Est. Priority Date: 04/16/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method comprising:

  • receiving or accessing executable code comprising instructions;

    disassembling the executable code to generate a trace of the instructions;

    applying a recurrent neural network (RNN) to the trace to generate a hidden state corresponding to each instruction to form a feature vector;

    generating a concatenation of the feature vector with hand-engineered features extracted from the executable code;

    determining, using a classifier and the concatenation, a likelihood that the executable code comprises malicious code; and

    disallowing, based on the determining, the code from executing;

    wherein the classifier is different from the RNN.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×