METHODS AND APPARATUS FOR USING MACHINE LEARNING TO CLASSIFY MALICIOUS INFRASTRUCTURE
Embodiments disclosed include methods and apparatus for detecting a reputation of infrastructure associated with potentially malicious content. In some embodiments, an apparatus includes a memory and a processor. The processor is configured to identify an Internet Protocol (IP) address associated wi...
Gespeichert in:
Hauptverfasser: | , , |
---|---|
Format: | Patent |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Embodiments disclosed include methods and apparatus for detecting a reputation of infrastructure associated with potentially malicious content. In some embodiments, an apparatus includes a memory and a processor. The processor is configured to identify an Internet Protocol (IP) address associated with potentially malicious content and define each row of a matrix by applying a different subnet mask from a plurality of subnet masks to a binary representation of the IP address to define that row of the matrix. The processor is further configured to provide the matrix as an input to a machine learning model, and receive, from the machine learning model, a score associated with a maliciousness of the IP address. |
---|