-
1.发明授权公开(公告)号:US11790085B2
公开(公告)日:2023-10-17
申请号:US17461337
申请日:2021-08-30
Inventor: Jung-Tae Kim , Ji-Hyeon Song , Jong-Hyun Kim , Sang-Min Lee , Ik-Kyun Kim , Dae-Sung Moon
CPC classification number: G06F21/564 , G06N20/00
Abstract: Disclosed herein are an apparatus for detecting unknown malware using a variable-length operation code (opcode) and a method using the apparatus. The method includes collecting opcode information from a detection target, generating a multi-pixel image having a variable length by performing feature engineering on the opcode information; and detecting unknown malware by inputting the multi-pixel image to a deep-learning model based on AI.
-
公开(公告)号:US11783034B2
公开(公告)日:2023-10-10
申请号:US17100541
申请日:2020-11-20
Inventor: Jung-Tae Kim , Ji-Hyeon Song , Ik-Kyun Kim , Young-Su Kim , Jong-Hyun Kim , Jong-Geun Park , Sang-Min Lee , Jong-Hoon Lee
CPC classification number: G06F21/563 , G06N5/04 , G06N20/00 , G06F2221/033
Abstract: Disclosed herein are an apparatus and method for detecting a malicious script. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program is configured to extract token-type features, each of which corresponds to a lexical unit, and tree-node-type features of an abstract syntax tree from an input script, to train two learning models to respectively learn two pieces of learning data that are generated in consideration of features extracted respectively from the token-type features and the node-type features as having the highest frequency, and to detect whether the script is a malicious script based on the result of ensemble-based malicious script detection performed for the script, which is acquired using an ensemble detection model generated from the two learning models.
-
Search Results
2
records
(took 0.016 seconds)
