US 11,720,676 B2
Methods and apparatus to create malware detection rules
Nicholas T. Smith, Hillsboro, OR (US)
Assigned to McAfee, LLC, Santa Clara, CA (US)
Filed by McAfee, LLC, Santa Clara, CA (US)
Filed on Jun. 19, 2019, as Appl. No. 16/446,196.
Prior Publication US 2020/0401697 A1, Dec. 24, 2020
Int. Cl. G06F 21/56 (2013.01); G06N 20/00 (2019.01); G06N 5/02 (2023.01)
CPC G06F 21/566 (2013.01) [G06N 5/027 (2013.01); G06N 20/00 (2019.01); G06F 2221/034 (2013.01)] 22 Claims
OG exemplary drawing
 
1. An apparatus to generate a rule set for detecting malware, the apparatus comprising:
a rule generator to, in response to a determination that a rule of the rule set resulted in an invalid classification of a first record, generate an augmented rule set based on a first training dataset, the augmented rule set to adjust the rule to remediate the invalid classification;
a matrix generator to create a matrix based on a classification of a second record of a second training data set, the classification to be generated using the augmented rule set;
a rule regulator to apply regularization to the augmented rule set based on the matrix to remove a number of rules from the augmented rule set to create a reduced rule set; and
a reduced rule set checker to validate the reduced rule set.