18066987. DETECTING UPLOADS OF MALICIOUS FILES TO CLOUD STORAGE simplified abstract (MICROSOFT TECHNOLOGY LICENSING, LLC)

From WikiPatents
Jump to navigation Jump to search

DETECTING UPLOADS OF MALICIOUS FILES TO CLOUD STORAGE

Organization Name

MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor(s)

Tamer Salman of Haifa (IL)

Andrey Karpovsky of Kiryat Motzkin (IL)

DETECTING UPLOADS OF MALICIOUS FILES TO CLOUD STORAGE - A simplified explanation of the abstract

This abstract first appeared for US patent application 18066987 titled 'DETECTING UPLOADS OF MALICIOUS FILES TO CLOUD STORAGE

Simplified Explanation

The patent application describes a method for clustering files uploaded to a cloud storage medium based on their similarity in file features, such as distance in a feature space. This clustering is then used to determine the threat status of unknown files by calculating the distance between the unknown file and a file cluster. If a deep scan is needed and identifies the unknown file as malicious, a cybersecurity action is triggered.

  • Explanation of the patent/innovation:
 * Files uploaded to a cloud storage medium are clustered based on similarity in file features.
 * The distance between an unknown file and a file cluster is calculated in a feature space.
 * A deep scan is performed on the unknown file if necessary, based on the distance calculated.
 * If the deep scan identifies the unknown file as malicious, a cybersecurity action is triggered.
      1. Potential Applications:

- Cybersecurity software - Cloud storage platforms

      1. Problems Solved:

- Identifying and isolating malicious files in cloud storage - Automating threat detection processes

      1. Benefits:

- Enhanced cybersecurity measures - Efficient file management in cloud storage

      1. Potential Commercial Applications of this Technology:
        1. Enhancing Cybersecurity Measures in Cloud Storage Platforms
      1. Possible Prior Art:

There are existing cybersecurity solutions that use clustering algorithms to detect threats in file uploads to cloud storage platforms. These solutions may involve similar methods of clustering files based on their features and analyzing unknown files for potential threats.

        1. Unanswered Questions:
        2. How does the method handle false positives in threat detection?

The patent application does not specifically address how false positives in threat detection are handled. It would be important to understand the accuracy of the system in distinguishing between benign and malicious files.

        1. What is the computational overhead of performing deep scans on unknown files?

The patent application does not provide information on the computational resources required to perform deep scans on unknown files. Understanding the impact on system performance would be crucial for practical implementation.


Original Abstract Submitted

Files uploaded to a cloud storage medium are considered. The files may include a mixture of files known to be malicious and known to be benign. The files are clustered using similarity of file features, e.g., based on distance in a feature space. File clusters may then be used to determine a threat status of an unknown file (a file whose threat status is unknown initially). A feature of the unknown file in the feature space is determined, and a distance in the feature space between the file and a file cluster is calculated. The distance between the unknown file and the file cluster is used to determine whether or not to perform a deep scan on the unknown file. If such a need is identified, and the deep scan indicates the unknown file is malicious, a cybersecurity action is triggered.

Retrieved from "http://wikipatents.org/index.php?title=18066987._DETECTING_UPLOADS_OF_MALICIOUS_FILES_TO_CLOUD_STORAGE_simplified_abstract_(MICROSOFT_TECHNOLOGY_LICENSING,_LLC)&oldid=43193"