18390042. IDENTIFY MALICIOUS SOFTWARE simplified abstract (GOOGLE LLC)
Contents
- 1 IDENTIFY MALICIOUS SOFTWARE
IDENTIFY MALICIOUS SOFTWARE
Organization Name
Inventor(s)
Richard Cannings of Santa Cruz CA (US)
Sai Deep Tetali of Mountain View CA (US)
Mo Yu of Mountain View CA (US)
Salvador Mandujano of San Jose CA (US)
IDENTIFY MALICIOUS SOFTWARE - A simplified explanation of the abstract
This abstract first appeared for US patent application 18390042 titled 'IDENTIFY MALICIOUS SOFTWARE
Simplified Explanation
The method described in the abstract involves using a feed-forward neural network to analyze the interactions of a software application with various uniform resource identifiers (URIs) in order to determine if the application is potentially harmful. By comparing the vector representation of the software application with those of a pool of training applications, similarity scores are generated to identify potential threats.
- Identifying malicious software using neural network analysis:
- Receive and execute software application - Identify URIs the application interacts with - Generate vector representation using neural network - Determine similarity scores with training applications - Flag potentially harmful applications based on similarity thresholds
Potential Applications
The technology can be applied in cybersecurity to detect and prevent the spread of malicious software, protecting systems and networks from potential threats.
Problems Solved
This technology addresses the challenge of identifying and categorizing potentially harmful software applications that may pose security risks to users and systems.
Benefits
- Enhanced cybersecurity measures - Early detection of malicious software - Improved protection against cyber threats
Potential Commercial Applications
- Cybersecurity companies - Software development firms - IT security departments
Possible Prior Art
One possible prior art in this field is the use of machine learning algorithms to detect malware and other security threats in software applications.
Unanswered Questions
How does the neural network handle new or previously unseen threats?
The abstract does not specify how the neural network adapts to new threats that may not be present in the pool of training applications.
What is the computational overhead of implementing this method in real-time systems?
The abstract does not provide information on the computational resources required to execute this method in real-time systems.
Original Abstract Submitted
A method for identifying malicious software includes receiving and executing a software application, identifying a plurality of uniform resource identifiers the software application interacts with during execution of the software application, and generating a vector representation for the software application using a feed-forward neural network configured to receive the plurality of uniform resource identifiers as feature inputs. The method also includes determining similarity scores for a pool of training applications, each similarity score associated with a corresponding training application and indicating a level of similarity between the vector representation for the software application and a respective vector representation for the corresponding training application. The method also includes flagging the software application as belonging to a potentially harmful application category when one or more of the training applications have similarity scores that satisfy a similarity threshold and include a potentially harmful application label.
