-
公开(公告)号:US11003773B1
公开(公告)日:2021-05-11
申请号:US15942082
申请日:2018-03-30
申请人: FireEye, Inc.
发明人: Chunsheng Fang , Wei Quan , Richard Lai , Robert Venal , Benjamin Chang
摘要: A method for generating rule recommendation utilized in a creation of malware detection rules is described. Meta-information associated with a plurality of events collected during a malware detection analysis of an object by a cybersecurity system is received and a first plurality of features is selected from the received meta-information. Machine learning (ML) models are applied to each of the first plurality of features to generate a score that represents a level of maliciousness for the feature and thereby a degree of usefulness of the feature in classifying the object as malicious or benign. Thereafter, a second plurality of features is selected as the salient features, which are used in creation of the malware detection rules in controlling subsequent operations of the cybersecurity system. The second plurality of features being lesser in number that the first plurality of features.
-
2.发明授权公开(公告)号:US10956477B1
公开(公告)日:2021-03-23
申请号:US16219780
申请日:2018-12-13
申请人: FireEye, Inc.
发明人: Chunsheng Fang , Daniel Bohannon
摘要: A method for detecting a cyberattack on a network device is described. The method features receiving script text and performing a normalization operation on the script text to produce a normalized script text. The normalized script text includes a plurality of analytic tokens each being an instance of a sequence of characters grouped together as a useful semantic unit for natural language processing (NLP). Thereafter, a NLP model is applied to the normalized script text to classify a script associated with the script text as malicious or benign. Responsive to the script being classified as malicious, generating an alert message provided to an administrator to identify the malicious script.
-
搜索结果
2 条记录 (耗时 0.012 秒)
