The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 28, 2020
Filed:
Jul. 24, 2017
Crowdstrike, Inc., Irvine, CA (US);
Sven Krasser, Los Angeles, CA (US);
David Elkind, Arlington, VA (US);
Patrick Crenshaw, Atlanta, GA (US);
Kirby James Koster, Lino Lakes, MN (US);
CrowdStrike, Inc., Irvine, CA (US);
Abstract
Example techniques herein determine that a trial data stream is associated with malware ('dirty') using a local computational model (CM). The data stream can be represented by a feature vector. A control unit can receive a first, dirty feature vector (e.g., a false miss) and determine the local CM based on the first feature vector. The control unit can receive a trial feature vector representing the trial data stream. The control unit can determine that the trial data stream is dirty if a broad CM or the local CM determines that the trial feature vector is dirty. In some examples, the local CM can define a dirty region in a feature space. The control unit can determine the local CM based on the first feature vector and other clean or dirty feature vectors, e.g., a clean feature vector nearest to the first feature vector.