EP3999985A4 - Inline malware detection - Google Patents
Inline malware detection Download PDFInfo
- Publication number
- EP3999985A4 EP3999985A4 EP20843721.0A EP20843721A EP3999985A4 EP 3999985 A4 EP3999985 A4 EP 3999985A4 EP 20843721 A EP20843721 A EP 20843721A EP 3999985 A4 EP3999985 A4 EP 3999985A4
- Authority
- EP
- European Patent Office
- Prior art keywords
- inline
- malware detection
- malware
- detection
- inline malware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/561—Virus type analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Medical Informatics (AREA)
- Mathematical Physics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/517,465 US11636208B2 (en) | 2019-07-19 | 2019-07-19 | Generating models for performing inline malware detection |
US16/517,463 US11374946B2 (en) | 2019-07-19 | 2019-07-19 | Inline malware detection |
PCT/US2020/040928 WO2021015941A1 (en) | 2019-07-19 | 2020-07-06 | Inline malware detection |
Publications (2)
Publication Number | Publication Date |
---|---|
EP3999985A1 EP3999985A1 (en) | 2022-05-25 |
EP3999985A4 true EP3999985A4 (en) | 2023-12-13 |
Family
ID=74193725
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP20843721.0A Pending EP3999985A4 (en) | 2019-07-19 | 2020-07-06 | Inline malware detection |
Country Status (5)
Country | Link |
---|---|
EP (1) | EP3999985A4 (en) |
JP (2) | JP7411775B2 (en) |
KR (1) | KR20220053549A (en) |
CN (1) | CN114072798A (en) |
WO (1) | WO2021015941A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115378747B (en) * | 2022-10-27 | 2023-01-24 | 北京六方云信息技术有限公司 | Malicious data detection method, terminal device and storage medium |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010011411A1 (en) * | 2008-05-27 | 2010-01-28 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for detecting network anomalies |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9742796B1 (en) * | 2015-09-18 | 2017-08-22 | Palo Alto Networks, Inc. | Automatic repair of corrupt files for a detonation engine |
US10200391B2 (en) * | 2015-09-23 | 2019-02-05 | AVAST Software s.r.o. | Detection of malware in derived pattern space |
US10817608B2 (en) | 2017-04-07 | 2020-10-27 | Zscaler, Inc. | System and method for malware detection on a per packet basis |
US10754948B2 (en) | 2017-04-18 | 2020-08-25 | Cylance Inc. | Protecting devices from malicious files based on n-gram processing of sequential data |
US10902124B2 (en) * | 2017-09-15 | 2021-01-26 | Webroot Inc. | Real-time JavaScript classifier |
US10565844B2 (en) * | 2017-09-27 | 2020-02-18 | Johnson Controls Technology Company | Building risk analysis system with global risk dashboard |
-
2020
- 2020-07-06 CN CN202080051255.4A patent/CN114072798A/en active Pending
- 2020-07-06 EP EP20843721.0A patent/EP3999985A4/en active Pending
- 2020-07-06 JP JP2022502913A patent/JP7411775B2/en active Active
- 2020-07-06 KR KR1020227001606A patent/KR20220053549A/en active IP Right Grant
- 2020-07-06 WO PCT/US2020/040928 patent/WO2021015941A1/en unknown
-
2023
- 2023-12-25 JP JP2023218442A patent/JP2024023875A/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010011411A1 (en) * | 2008-05-27 | 2010-01-28 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for detecting network anomalies |
Non-Patent Citations (8)
Title |
---|
BEEBE NICOLE L ET AL: "Sceadan: Using Concatenated N-Gram Vectors for Improved File and Data Type Classification", IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, IEEE, USA, vol. 8, no. 9, 1 September 2013 (2013-09-01), pages 1519 - 1530, XP011526429, ISSN: 1556-6013, [retrieved on 20130814], DOI: 10.1109/TIFS.2013.2274728 * |
CHIH-TA LIN ET AL: "Feature Selection and Extraction for Malware Classification", JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, vol. 31, 1 January 2015 (2015-01-01), pages 965 - 992, XP055475966 * |
CHRISTIAN WRESSNEGGER ET AL: "A close look on n-grams in intrusion detection", ARTIFICIAL INTELLIGENCE AND SECURITY, ACM, 2 PENN PLAZA, SUITE 701 NEW YORK NY 10121-0701 USA, 4 November 2013 (2013-11-04), pages 67 - 76, XP058034229, ISBN: 978-1-4503-2488-5, DOI: 10.1145/2517312.2517316 * |
MOHD ZAKI MAS'UD ET AL: "A Comparative Study on Feature Selection Method for N-gram Mobile Malware Detection", INTERNATIONAL JOURNAL OF NETWORK SECURITY, 30 September 2017 (2017-09-30), XP093097820, Retrieved from the Internet <URL:http://ijns.jalaxy.com.tw/contents/ijns-v19-n5/ijns-2017-v19-n5-p727-733.pdf> [retrieved on 20231103], DOI: 10.6633/IJNS.201709.19(5).10 * |
OZA ADITYARAM ET AL: "HTTP Attack Detection using N-gram Analysis HTTP Attack Detection using N-gram Analysis", SAN JOSE STATE UNIVERSITY, 1 May 2013 (2013-05-01), XP093059288, Retrieved from the Internet <URL:https://scholarworks.sjsu.edu/cgi/viewcontent.cgi?article=1298&context=etd_projects> [retrieved on 20230629], DOI: 10.31979/etd.rbtj-p2jh * |
See also references of WO2021015941A1 * |
TAHAN GIL ET AL: "Mal-ID: Automatic Malware Detection Using Common Segment Analysis and Meta-Features", JOURNAL OF MACHINE LEARNING RESEARCH, 28 February 2012 (2012-02-28), XP093097882, Retrieved from the Internet <URL:https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=ac447b25cbb796fc159ae8d7895c76240f08449c> [retrieved on 20231103] * |
WEI-JEN LI ET AL: "Fileprints: identifying file types by n-gram analysis", SYSTEMS, MAN AND CYBERNETICS (SMC) INFORMATION ASSURANCE WORKSHOP, 200 5. PROCEEDINGS FROM THE SIXTH ANNUAL IEEE WEST POINT, NY, USA 15-17 JUNE 2005, PISCATAWAY, NJ, USA,IEEE, 15 June 2005 (2005-06-15), pages 64 - 71, XP010826316, ISBN: 978-0-7803-9290-8, DOI: 10.1109/IAW.2005.1495935 * |
Also Published As
Publication number | Publication date |
---|---|
JP7411775B2 (en) | 2024-01-11 |
EP3999985A1 (en) | 2022-05-25 |
JP2024023875A (en) | 2024-02-21 |
WO2021015941A1 (en) | 2021-01-28 |
CN114072798A (en) | 2022-02-18 |
KR20220053549A (en) | 2022-04-29 |
JP2022541250A (en) | 2022-09-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3857419A4 (en) | Detecting ransomware | |
EP3592768A4 (en) | Analyte detection | |
EP3884411A4 (en) | Cryptocurrency based malware and ransomware detection systems and methods | |
EP4017361A4 (en) | Micro-analyte detection device | |
GB202018989D0 (en) | Malware detection | |
EP3590063A4 (en) | Detecting malicious behavior within local networks | |
EP3622431A4 (en) | Crypto-ransomware compromise detection | |
EP3743780A4 (en) | Anomaly detection | |
EP3586206A4 (en) | Flitch tracking | |
EP3591899A4 (en) | Path detection | |
EP3940735A4 (en) | Detection device | |
EP4011542A4 (en) | Processing device | |
EP3588873A4 (en) | Path detection | |
EP3625349A4 (en) | Modified viruses | |
EP3799535A4 (en) | Plasma processor | |
EP4023386A4 (en) | Processing system | |
EP3913351A4 (en) | Detection system | |
EP4012449A4 (en) | Target detection device | |
EP3999985A4 (en) | Inline malware detection | |
EP3715803A4 (en) | Optical detection circuit | |
EP3408782A4 (en) | Malware detection | |
EP3999254A4 (en) | Stacked-package detection system | |
EP4049156A4 (en) | Malware identification | |
EP3408989A4 (en) | Detecting malware on spdy connections | |
EP4074823A4 (en) | Detection method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20211224 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
P01 | Opt-out of the competence of the unified patent court (upc) registered |
Effective date: 20230527 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: G06N 20/00 20190101ALI20230703BHEP Ipc: H04L 9/40 20220101ALI20230703BHEP Ipc: G06F 21/56 20130101AFI20230703BHEP |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: G06N 20/00 20190101ALI20230710BHEP Ipc: H04L 9/40 20220101ALI20230710BHEP Ipc: G06F 21/56 20130101AFI20230710BHEP |
|
A4 | Supplementary search report drawn up and despatched |
Effective date: 20231114 |
|
RIC1 | Information provided on ipc code assigned before grant |
Ipc: G06N 20/00 20190101ALI20231108BHEP Ipc: H04L 9/40 20220101ALI20231108BHEP Ipc: G06F 21/56 20130101AFI20231108BHEP |