	US 11,941,123 B2
	Systems and methods for detecting malware using static and dynamic malware models
Mantas Briliauskas, Vilnius (LT); and Aleksandr Sevcenko, Vilnius (LT)
Assigned to UAB 360 IT, Vilnius (LT)
Filed by UAB 360 IT, Vilnius (LT)
Filed on Dec. 29, 2021, as Appl. No. 17/564,795.
Application 17/564,795 is a continuation of application No. 17/563,738, filed on Dec. 28, 2021.
Prior Publication US 2023/0205844 A1, Jun. 29, 2023
Int. Cl. G06F 21/56 (2013.01); G06F 18/214 (2023.01)

CPC G06F 21/566 (2013.01) [G06F 18/2148 (2023.01); G06F 21/562 (2013.01); G06F 21/565 (2013.01); G06F 2221/034 (2013.01)]

17 Claims

1. A method for detecting malware in files, the method comprising:

receiving a first set of labeled training data by a server, wherein the first set of training data comprises a plurality of files and each file of the plurality of files is labeled as either malware or not malware;

training a first malware model using at least some of the first set of training data by the server, wherein the first malware model is a static malware model;

training a second malware model using at least some of the first set oft raining data by the server, wherein the second malware model is a dynamic malware model;

providing the first malware model and the second malware model to each computing device of a plurality of computing devices through a network;

receiving at least a portion of a first file and a probability that the first file is malware from a first computing device of the plurality of computing devices by the server through the network, wherein the first file is not part of the plurality of files and the probability was generated using the second malware model;

retraining the first malware model using the at least a portion of a first file and a probability that the first file is malware by the server; and

providing the retrained first malware model to the first computing device.