公开(公告)号：US20230244916A1

公开(公告)日：2023-08-03

申请号：US17720294

申请日：2022-04-14

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： Jack Wilson STOKES, III ,  Jurijs NAZAROVS ,  Melissa TURCOTTE ,  Justin CARROLL ,  Itai GRADY ASHKENAZY

IPC: G06N3/04 ,  G06N3/08 ,  G06F21/56

CPC classification number: G06N3/0472 ,  G06F21/561 ,  G06N3/08

Abstract: The techniques disclosed herein identify ransomware attacks as they are occurring, improving the security and functionality of computer systems. Ransomware attacks are identified using a new probabilistic machine learning model that better handles the unique properties of ransomware data. Ransomware data includes a list of computing operations, some of which are labeled as being associated with ransomware attacks. In contrast to deterministic machine learning techniques that learn weights, probabilistic machine learning techniques learn the parameters of a distribution function. In some configurations, a radial Spike and Slab distribution function is used within a Bayesian neural network framework to better handle sparse, missing, and imbalanced data. Once trained, the machine learning model may be provided with real-time operations, e.g., from a cloud service security module, from which to infer whether a ransomware attack is taking place.