GENERIC FEATURE EXTRACTION FOR IDENTIFYING MALICIOUS PACKAGES

Organization Name

Microsoft Technology Licensing, LLC

Inventor(s)

Rahul Pandita of Arvada CO (US)

Max Schaefer of Kidlington (GB)

Albert Ziegler of Uppsala (SE)

GENERIC FEATURE EXTRACTION FOR IDENTIFYING MALICIOUS PACKAGES - A simplified explanation of the abstract

This abstract first appeared for US patent application 17837703 titled 'GENERIC FEATURE EXTRACTION FOR IDENTIFYING MALICIOUS PACKAGES

Simplified Explanation

The patent application describes a computer system that classifies packages as either malicious or benign based on generic feature extraction. Here is a simplified explanation of the abstract:

• The computer system uses a set of training packages, some known to be malicious and some known to be benign.
• It extracts a set of training feature vectors from these packages using a feature extraction model.
• These training feature vectors are used to train a classification model.
• Once the classification model is trained, it can classify a subject package as malicious or benign.
• This is done by extracting a feature vector for the subject package using the feature extraction model and inputting it to the classification model.

Potential applications of this technology:

• Cybersecurity: This technology can be used to identify and classify malicious packages, helping to protect computer systems from malware and other threats.
• Software development: It can be used to analyze and classify packages during the development process, ensuring that only safe and trusted packages are used.
• Network security: By classifying packages, this technology can help in detecting and preventing network attacks and intrusions.

Problems solved by this technology:

• Efficient classification: The system automates the process of classifying packages, saving time and effort compared to manual analysis.
• Scalability: The system can handle a large number of packages, making it suitable for real-world scenarios with a high volume of data.
• Generic feature extraction: The feature extraction model can extract relevant features from different types of packages, making it adaptable to various contexts.

Benefits of this technology:

• Enhanced security: By accurately classifying packages, the system can improve the overall security of computer systems and networks.
• Time and cost savings: The automated classification process reduces the need for manual analysis, saving time and resources.
• Flexibility: The system can be trained on different sets of training packages, allowing it to adapt to evolving threats and new types of packages.

Original Abstract Submitted

Classifying packages based on generic feature extraction. A computer system identifies a set of training packages, including a first subset known to be malicious, and a second subset known to be benign. The computer system extracts a set of training feature vectors from the set of training packages by inputting each training package to a feature extraction model, which generates a training feature vector for each training package. The computer system trains a classification model using the set of training feature vectors. After training the classification model using the set of training feature vectors, a subject package is classified as malicious or benign based on extracting a feature vector for the subject package by inputting the subject package to the feature extraction model, and inputting the feature vector to the classification model.