HEIDI: ML ON HYPERVISOR DYNAMIC ANALYSIS DATA FOR MALWARE CLASSIFICATION

HEIDI: ML ON HYPERVISOR DYNAMIC ANALYSIS DATA FOR MALWARE CLASSIFICATION

The present application discloses a method, system, and computer system for detecting malicious files. The method includes (a) receiving a sample for malware analysis, (b) applying a machine learning model to obtain a classification for the sample based at least in part on (i) memory artifact data a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Rao, Akshata Krishnamoorthy, Idrizovic, Esmid, Chhetri, Sujit Rokka, Hewlett II, William Redington, Jung, Robert, Raygoza, Daniel
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present application discloses a method, system, and computer system for detecting malicious files. The method includes (a) receiving a sample for malware analysis, (b) applying a machine learning model to obtain a classification for the sample based at least in part on (i) memory artifact data associated with the sample, and (ii) at least one of dynamic execution log data for the sample and static file structures associated with the sample, and (c) determining whether the sample is malicious based at least in part on the classification.