The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 11574052 B1

Date of Patent:

Feb. 07, 2023

Filed:

Jan. 31, 2019

Methods and apparatus for using machine learning to detect potentially malicious obfuscated scripts

Applicant:

Sophos Limited, Abingdon, GB;

Inventor:

Richard Harang, Alexandria, VA (US);

Assignee:

Sophos Limited, Abingdon, GB;

Attorney:

Cooley LLP

Primary Examiner:

Hee K Song

Int. Cl.

CPC ...

G06F 21/56 (2013.01); G06F 16/35 (2019.01); G06K 9/62 (2022.01); G06N 3/04 (2006.01);

U.S. Cl.

CPC ...

G06F 21/563 (2013.01); G06F 16/35 (2019.01); G06K 9/6217 (2013.01); G06N 3/04 (2013.01);

Abstract

In some embodiments, an apparatus includes a memory and a processor. The processor can further be configured to extract a set of scripts from potentially malicious a file. The processor can further be configured to concatenate a representation of each script from the set of scripts with a representation of the remaining scripts from the set of scripts to define a script string. The processor can further be configured to define a feature vector based on the set of n-gram representations of the script string for input of the feature vector to a neural network for output. The processor can further be configured to identify, based on the output from the neural network, a maliciousness classification of the file.

Find Patent Forward Citations