-
公开(公告)号:US20240211596A1
公开(公告)日:2024-06-27
申请号:US18146092
申请日:2022-12-23
发明人: Dor Livne , Avner Duchovni , Erez Israel , Natan Katz , Michael Abramzon
CPC分类号: G06F21/563 , G06N3/08
摘要: A method and system are provided for detecting malicious code using graph neural networks. A call graph is created from the computer code by identifying functions in the computer code and vectorizing the identified functions using a stream of application programming interfaces (APIs) called by the functions and using tokens generated for the functions using a byte pair tokenizer. A trained graph neural network (GNN) and a trained attention neural network are applied to the call graph to generate an output graph with each node representing a function and each node assigned weights based on a probability distribution of the maliciousness of the corresponding function. A graph embedding is generated by calculating a weighted sum of the assigned weights and a trained deep neural network is applied to the graph embedding to generate a malicious score for the computer code identifying the computer code as malicious or benign.
-
公开(公告)号:US20240220613A1
公开(公告)日:2024-07-04
申请号:US18148183
申请日:2022-12-29
发明人: Erez Israel , Dan Karpati , Eitan Shterenbaum , Lior Goldman
IPC分类号: G06F21/55
CPC分类号: G06F21/554 , G06F2221/033
摘要: Methods and devices are provided for differentiating between benign DNS data and malicious DNS data included in DNS traffic using an autoencoder. The autoencoder receives input DNS data and is trained to successfully encode the input DNS data when the input DNS data is benign DNS data and to fail to encode the input DNS data when the input DNS data is malicious DNS data. The autoencoder is trained using a modified loss function having a large weight when successfully encoding malicious DNS data.
-
搜索结果
2 条记录 (耗时 0.011 秒)
