公开(公告)号：US20240354406A1

公开(公告)日：2024-10-24

申请号：US18305940

申请日：2023-04-24

Applicant: Avast Software s.r.o.

Inventor： Václav Belák ,  Martin Bálek ,  Tomáš Strenácik ,  Bretislav Šopík

IPC: G06F21/55 ,  G06N3/08

CPC classification number: G06F21/554 ,  G06N3/08 ,  G06F2221/034

Abstract: A method of detecting likely malicious activity in a sequence of computer instructions includes identifying a set of behaviors of the computer instructions and representing the identified behaviors as a graph. The graph is provided to a graph neural network that is trained to generate a geometric representation of the sequence of computer instructions, and a degree of relatedness between the geometric representation of the computer instructions and a set of base graphs including base graphs known to be malicious is determined. The sequence of computer instructions is determined to likely be malicious or clean based on a degree of relatedness between the geometric representation of the computer instructions and one or more base graphs known to be malicious.