Processing

Please wait...

Settings

Settings

Goto Application

Offices all Languages en Stemming true Single Family Member false Include NPL false
RSS feed can only be generated if you have a WIPO account

Save query

A private query is only visible to you when you are logged-in and can not be used in RSS feeds

Query Tree

Refine Options

Offices
All
Specify the language of your search keywords
Stemming reduces inflected words to their stem or root form.
For example the words fishing, fished,fish, and fisher are reduced to the root word,fish,
so a search for fisher returns all the different variations
Returns only one member of a family of patents
Include Non-Patent literature in results

Full Query

AIapplicationfieldSecurityCybersecurity

Side-by-side view shortcuts

General
Go to Search input
CTRL + SHIFT +
Go to Results (selected record)
CTRL + SHIFT +
Go to Detail (selected tab)
CTRL + SHIFT +
Go to Next page
CTRL +
Go to Previous page
CTRL +
Results (First, do 'Go to Results')
Go to Next record / image
/
Go to Previous record / image
/
Scroll Up
Page Up
Scroll Down
Page Down
Scroll to Top
CTRL + Home
Scroll to Bottom
CTRL + End
Detail (First, do 'Go to Detail')
Go to Next tab
Go to Previous tab

Analysis

1.2619589Fuzz testing of machine learning models to detect malicious activity on a computer
GB 13.12.2023
Int.Class G06N 20/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
20Machine learning
Appl.No 202304691 Applicant SOPHOS LTD Inventor CRAIG PARADIS
A method that trains a machine learning model (e.g., a neural network, a deep learning model, or other type) to classify an activity related to software threat management (e.g. labelling/classifying types of potentially malicious activity). The method uses one or more ML model types and a training dataset with unlabelled examples and also uses a generative model to generate an additional dataset with additional unlabelled examples and trains the ML model using the training and additional datasets to generate labels for each example in the two datasets. The training adjusts parameters of the ML model based on the accuracy of the generated labels. The accuracy of the generated labels may be evaluated based on a comparison of a corresponding groundtruth label for each labelled example (or class, e.g., malicious/not malicious; trojan, virus, worm, backdoor, adware, data leakage or other malicious activity), wherein the groundtruth label may not be provided as input to the model. A coloring (colouring) system in a user interface (fig 5) may be used to label software objects for improved tracking and detection of potentially harmful activity. A method for fuzz testing of the machine learning model is also described.
2.WO/2022/101909METHODS AND SYSTEMS FOR TRUSTED UNKNOWN MALWARE DETECTION AND CLASSIFICATION IN LINUX CLOUD ENVIRONMENTS
WO 19.05.2022
Int.Class G06F 9/455
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
Appl.No PCT/IL2021/051343 Applicant B. G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY Inventor NISSIM, Nir
A method for detection of unknown malware in Linux cloud environment, the method including: within a hypervisor, acquiring a raw data set comprising one or more volatile memory dumps of a Linux cloud server, wherein the volatile memory dumps are associated with a current state of the virtual machine's volatile memory, extracting one or more features from the raw data set (either by utilizing knowledge based features or by utilizing Deep Learning CNN architectures), and classifying, using at least one classifier, the one or more features, to determine if one or more of the features are associated with a malware, thereby detecting malware in a Linux cloud environment and distinguishing between a benign or malicious state of the server.
3.20230409715METHODS AND SYSTEMS FOR TRUSTED UNKNOWN MALWARE DETECTION AND CLASSIFICATION IN LINUX CLOUD ENVIRONMENTS
US 21.12.2023
Int.Class G06F 21/56
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
Appl.No 18035748 Applicant B. G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY Inventor Nir NISSIM

A method for detection of unknown malware in Linux cloud environment, the method including: within a hypervisor, acquiring a raw data set comprising one or more volatile memory dumps of a Linux cloud server, wherein the volatile memory dumps are associated with a current state of the virtual machine's volatile memory, extracting one or more features from the raw data set (either by utilizing knowledge based features or by utilizing Deep Learning CNN architectures), and classifying, using at least one classifier, the one or more features, to determine if one or more of the features are associated with a malware, thereby detecting malware in a Linux cloud environment and distinguishing between a benign or malicious state of the server.

4.20210295209Explainability of an unsupervised learning algorithm outcome
US 23.09.2021
Int.Class G06N 20/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
20Machine learning
Appl.No 16826341 Applicant McAfee, LLC Inventor German Lancioni

There is disclosed in one example a malware analysis server, including: a hardware platform including a processor and a memory; a machine learning model; a store of known objects previously classified by the machine learning model; and instructions encoded within the memory to instruct the processor to: receive a test sample; apply the machine learning model to the test sample to provide the test sample with classified features; compute pairwise distances between the test sample and a set of known objects from the store of known objects; select a group of near neighbor samples from the set of known objects; select a group of far neighbor samples from the set of known objects; and generate an explanation for the test sample according to the near neighbor samples and far neighbor samples.

5.12274503Myopia ocular predictive technology and integrated characterization system
US 15.04.2025
Int.Class A61B 3/14
AHUMAN NECESSITIES
61MEDICAL OR VETERINARY SCIENCE; HYGIENE
BDIAGNOSIS; SURGERY; IDENTIFICATION
3Apparatus for testing the eyes; Instruments for examining the eyes
10Objective types, i.e. instruments for examining the eyes independent of the patients perceptions or reactions
14Arrangements specially adapted for eye photography
Appl.No 18778027 Applicant COGNITIVECARE INC. Inventor Venkata Narasimham Peri

According to an embodiment, disclosed is a system comprising a processor wherein the processor is configured to receive an input data comprising an image of an ocular region of a user, clinical data of the user, and external factors; extract, using an image processing module comprising adaptive filtering techniques, ocular characteristics, combine, using a multimodal fusion module, the input data to determine a holistic health embedding; detect, based on a machine learning model and the holistic health embedding, a first output comprising likelihood of myopia, and severity of myopia; predict, based on the machine learning model and the holistic health embedding, a second output comprising an onset of myopia and a progression of myopia in the user; and wherein the machine learning model is a pre-trained model; and wherein the system is configured for myopia prognosis powered by multimodal data.

6.20230216882Quantum computing machine learning for security threats
US 06.07.2023
Int.Class H04L 9/40
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communications; Network security protocols
40Network security protocols
Appl.No 17647090 Applicant International Business Machines Corporation Inventor Kelly Nicole Ryver

Embodiments are disclosed for a method for a security model. The method includes generating a machine learning model that determines probabilities of a plurality of specific techniques, tactics, and procedures (TTPs) for a security domain. The method also includes generating a machine learning model that maps multiple TTPs to a polytope for the security domain. Additionally, the method includes generating a polytope visualization having multiple visualized points in a multi-dimensional space. The visualized points represent corresponding TTPs of a same type and associated probabilities. Further, a disposition of each of the visualized points is based on the determined probabilities and the mapped plurality of TTPs.

7.20220180975METHODS AND SYSTEMS FOR DETERMINING GENE EXPRESSION PROFILES AND CELL IDENTITIES FROM MULTI-OMIC IMAGING DATA
US 09.06.2022
Int.Class G16B 40/30
GPHYSICS
16INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
BBIOINFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR GENETIC OR PROTEIN-RELATED DATA PROCESSING IN COMPUTATIONAL MOLECULAR BIOLOGY
40ICT specially adapted for biostatistics; ICT specially adapted for bioinformatics-related machine learning or data mining, e.g. knowledge discovery or pattern finding
30Unsupervised data analysis
Appl.No 17553691 Applicant The Broad Institute, Inc. Inventor Aviv Regev

The present disclosure relates to systems and method of determining transcriptomic profile from omics imaging data. The systems and methods train machine learning methods with intrinsic and extrinsic features of a cell and/or tissue to define transcriptomic profiles of the cell and/or tissue. Applicants utilize a convolutional autoencoder to define cell subtypes from images of the cells.

8.20160371490Systems and methods for data driven malware task identification
US 22.12.2016
Int.Class G06F 21/56
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
Appl.No 15186278 Applicant ARIZONA BOARD OF REGENTS ON BEHALF OF ARIZONA STATE UNIVERSITY Inventor Paulo Shakarian

Embodiments of a system and method for identifying malware tasks using a controlled environment to run malicious software to generate analysis reports, a parser to extract features from the analysis reports and a cognitively inspired learning algorithm to predict tasks associated with the malware are disclosed.

9.20200257799Methods and apparatus for using machine learning on multiple file fragments to identify malware
US 13.08.2020
Int.Class G06F 21/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Appl.No 16853803 Applicant Sophos Limited Inventor Joshua Daniel Saxe

In some embodiments, a method includes processing at least a portion of a received file into a first set of fragments and analyzing each fragment from the first set of fragments using a machine learning model to identify within each fragment first information potentially relevant to whether the file is malicious. The method includes forming a second set of fragments by combining adjacent fragments from the first set of fragments and analyzing each fragment from the second set of fragments using the machine learning model to identify second information potentially relevant to whether the file is malicious. The method includes identifying the file as malicious based on the first information within at least one fragment from the first set of fragments and the second information within at least one fragment from the second set of fragments. The method includes performing a remedial action based on identifying the file as malicious.

10.09558352Malicious software detection in a computing system
US 31.01.2017
Int.Class G06F 11/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
11Error detection; Error correction; Monitoring
Appl.No 14698432 Applicant Palantir Technologies Inc. Inventor Drew Dennison

A computer system identifies malicious Uniform Resource Locator (URL) data items from a plurality of unscreened data items that have not been previously identified as associated with malicious URLs. The system can execute a number of pre-filters to identify a subset of URLs in the plurality of data items that are likely to be malicious. A scoring processor can score the subset of URLs based on a plurality of input vectors using a suitable machine learning model. Optionally, the system can execute one or more post-filters on the score data to identify data items of interest. Such data items can be fed back into the system to improve machine learning or can be used to provide a notification that a particular resource within a local network is infected with malicious software.