公开(公告)号：WO2018048716A1

公开(公告)日：2018-03-15

申请号：PCT/US2017/049631

申请日：2017-08-31

Applicant: CYLANCE INC.

Inventor： ZHAO, Xuan ,  WOLFF, Matthew ,  BROCK, John ,  WALLACE, Brian ,  WORTMAN, Andrew ,  LUAN, Jian ,  AZARAFROOZ, Mahdi ,  DAVIS, Andrew ,  WOJNOWICZ, Michael ,  SOEDER, Derek ,  BEVERIDGE, David ,  PETERSEN, Eric ,  JIN, Ming ,  PERMEH, Ryan

IPC: G06N3/02

CPC classification number: G06N3/0445 ,  G06F21/563 ,  G06N3/02

Abstract: Systems are provided to classify an instruction sequence with a machine learning model. An instruction sequence is processed with a trained machine learning model configured to detect one or more interdependencies amongst a plurality of tokens in the instruction sequence and to determine a classification for the instruction sequence based on the one or more interdependencies amongst the plurality of tokens. The classification of the instruction sequence can then be provided as an output. Related methods and articles of manufacture, including computer program products, are also provided.

Abstract translation: 提供系统以用机器学习模型分类指令序列。 利用经训练的机器学习模型来处理指令序列，该模型经配置以检测指令序列中的多个令牌之间的一个或一个以上相互依赖性且基于多个令牌之间的一个或一个以上相互依赖性来确定指令序列的分类。 然后可以提供指令序列的分类作为输出。 还提供了相关方法和制造产品，包括计算机程序产品。

公开(公告)号：WO2018045165A1

公开(公告)日：2018-03-08

申请号：PCT/US2017/049607

申请日：2017-08-31

Applicant: CYLANCE INC.

Inventor： ZHAO, Xuan ,  WOLFF, Matthew ,  BROCK, John ,  WALLACE, Brian ,  WORTMAN, Andrew ,  LUAN, Jian ,  AZARAFROOZ, Mahdi ,  DAVIS, Andrew ,  WOJNOWICZ, Michael ,  SOEDER, Derek ,  BEVERIDGE, David ,  OLIINYK, Yaroslav ,  PERMEH, Ryan

IPC: G06F21/56

CPC classification number: G06F21/562 ,  G06N3/0454 ,  G06N3/084

Abstract: Systems method are provided for training and utilizing a machine learning model to detect malicious container files. A container file is processed with a trained machine learning model that is trained to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious. Based on such a determination, an indication can be provided indicating whether the container file includes one or more files rendering the container file malicious. Related methods and articles of manufacture, including computer program products, are also provided.

Abstract translation: 提供系统方法来训练和利用机器学习模型来检测恶意容器文件。 使用经过训练的机器学习模型来处理容器文件，该模型经训练以确定容器文件的分类，所述分类指示容器文件是否包括使容器文件恶意的至少一个文件。 基于这样的确定，可以提供指示容器文件是否包括使得容器文件恶意的一个或多个文件的指示。 还提供了相关方法和制造产品，包括计算机程序产品。