公开(公告)号：US10922407B2

公开(公告)日：2021-02-16

申请号：US16194536

申请日：2018-11-19

Applicant: International Business Machines Corporation

Inventor： Raymund Lin ,  Charlie Wu ,  Youngja Park

IPC: G06F21/56

Abstract: Examples of techniques for discriminant power based threat detection are described herein. An aspect includes identifying a plurality of detector names associated with an indicator of compromise, wherein each of the plurality of detector names has a respective associated discriminant power. Another aspect includes determining a plurality of malware families, wherein each malware family of the plurality of malware families is linked to at least one detector name of the plurality of detector names. Another aspect includes, for each malware family of the plurality of malware families, determining a sum of the associated discriminant power of any detector names that are linked to the malware family. Another aspect includes determining that the indicator of compromise belongs to a malware family of the plurality of malware families that has a highest sum.

公开(公告)号：US20200159920A1

公开(公告)日：2020-05-21

申请号：US16194536

申请日：2018-11-19

Applicant: International Business Machines Corporation

Inventor： Raymund Lin ,  Charlie Wu ,  Youngja Park

IPC: G06F21/56

Abstract: Examples of techniques for discriminant power based threat detection are described herein. An aspect includes identifying a plurality of detector names associated with an indicator of compromise, wherein each of the plurality of detector names has a respective associated discriminant power. Another aspect includes determining a plurality of malware families, wherein each malware family of the plurality of malware families is linked to at least one detector name of the plurality of detector names. Another aspect includes, for each malware family of the plurality of malware families, determining a sum of the associated discriminant power of any detector names that are linked to the malware family. Another aspect includes determining that the indicator of compromise belongs to a malware family of the plurality of malware families that has a highest sum.

公开(公告)号：US11645566B2

公开(公告)日：2023-05-09

申请号：US16812743

申请日：2020-03-09

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： June-Ray Lin ,  Charlie Wu ,  Cheng-Ta Lee

IPC: G06N7/00 ,  G06F16/901 ,  G06F16/245 ,  G06N7/01

CPC classification number: G06N7/01 ,  G06F16/245 ,  G06F16/9024

Abstract: Embodiments for graph computing are provided. A graph including a plurality explicit nodes and at least one implicit node is generated. A first of the plurality of explicit nodes and a second of the plurality of explicit nodes are traversed between utilizing deductive reasoning. A third of the plurality of explicit nodes and a fourth of the plurality of explicit nodes are traversed between through the at least one implicit node utilizing inductive reasoning.