Patent search ap:("Intel Corporation") AND inv:"Prajesh Ambili Rajendran" Page 1

1.

发明授权
Method and apparatus to identify hardware performance counter events for detecting and classifying malware or workload using artificial intelligence 有权

公开(公告)号：US11790087B2

公开(公告)日：2023-10-17

申请号：US17132248

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Deepak Kumar Mishra , Prajesh Ambili Rajendran , Taj un nisha N , Rahuldeva Ghosh , Paul Carlson , Zheng Zhang

IPC: G06F21/55 , G06F21/56 , G06N20/00

CPC classification number: G06F21/566 , G06F21/564 , G06F21/568 , G06N20/00

Abstract: A method comprises generating a first set of hardware performance counter (HPC) events that is ranked based on an ability of an individual HPC event to profile a malware class, generating a second set of HPC event combinations that is ranked based on an ability of a set of at least two joint HPC events to profile a malware class, generating a third set of extended HPC event combinations, profiling one or more malware events and one or more benign applications to obtain a detection accuracy parameter for each malware event, applying a machine learning model to rank the third set of HPC event combinations based on malware detection accuracy, and applying a genetic algorithm to the third set of HPC event combinations to identify a subset of the third set of extended combinations of HPC events to be used for malware detection and classification.

2.

发明申请
METHOD AND APPARATUS TO IDENTIFY HARDWARE PERFORMANCE COUNTER EVENTS FOR DETECTING AND CLASSIFYING MALWARE OR WORKLOAD USING ARTIFICIAL INTELLIGENCE 有权

公开(公告)号：US20210110038A1

公开(公告)日：2021-04-15

申请号：US17132248

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Deepak Kumar Mishra , Prajesh Ambili Rajendran , Taj un nisha N , Rahuldeva Ghosh , Paul Carlson , Zheng Zhang

IPC: G06F21/56 , G06N20/00

Abstract: A method comprises generating a first set of hardware performance counter (HPC) events that is ranked based on an ability of an individual HPC event to profile a malware class, generating a second set of HPC event combinations that is ranked based on an ability of a set of at least two joint HPC events to profile a malware class, generating a third set of extended HPC event combinations, profiling one or more malware events and one or more benign applications to obtain a detection accuracy parameter for each malware event, applying a machine learning model to rank the third set of HPC event combinations based on malware detection accuracy, and applying a genetic algorithm to the third set of HPC event combinations to identify a subset of the third set of extended combinations of HPC events to be used for malware detection and classification.

Patent Agency Ranking