MALWARE DETECTION SYSTEM ATTACK PREVENTION
First Claim
Patent Images
1. A malware detection system, the malware detection system comprising:
- a processor; and
memory, the memory including instructions, which when executed by the processor, cause the processor to;
construct a time series of directed graphs using incoming files, during training of a machine learning system used to detect malware attacks, wherein a structure of the time series of directed graphs is based on relationships between entities recorded in the incoming files;
detect, during a time window of the time series, an anomaly based on the time series of directed graphs; and
provide an indication that the anomaly was detected.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods may be used to prevent attacks on a malware detection system. A method may include modeling a time series of directed graphs using incoming binary files during training of a machine learning system and detecting, during a time-window of the time series, an anomaly based on a directed graph of the time series of directed graphs. The method may include providing an alert that the anomaly has corrupted the machine learning system. The method may include preventing or remedying corruption of the machine learning system.
-
Citations
12 Claims
-
1. A malware detection system, the malware detection system comprising:
-
a processor; and memory, the memory including instructions, which when executed by the processor, cause the processor to; construct a time series of directed graphs using incoming files, during training of a machine learning system used to detect malware attacks, wherein a structure of the time series of directed graphs is based on relationships between entities recorded in the incoming files; detect, during a time window of the time series, an anomaly based on the time series of directed graphs; and provide an indication that the anomaly was detected. - View Dependent Claims (2, 3, 4)
-
-
5. A method for implementing a malware detection system, the method comprising:
-
constructing a time series of directed graphs using incoming files, during training of a machine learning system used to detect malware attacks, wherein a structure of the time series of directed graphs is based on relationships between entities recorded in the incoming files; detecting, during a time window of the time series, an anomaly based on the time series of directed graphs; and providing an indication that the anomaly was detected. - View Dependent Claims (6, 7, 8)
-
-
9. At least one non-transitory machine-readable medium including instructions for preventing attacks on a malware detection system, which when executed by a machine, cause the machine to:
-
construct a time series of directed graphs using incoming files, during training of a machine learning system used to detect malware attacks, wherein a structure of the time series of directed graphs is based on relationships between entities recorded in the incoming files; detect, during a time window of the time series, an anomaly based on the time series of directed graphs; and provide an indication that the anomaly was detected. - View Dependent Claims (10, 11, 12)
-
Specification