US 11,750,621 B2
Learning of malicious behavior vocabulary and threat detection through behavior matching
Petr Somol, Marianske Lazne (CZ); Martin Kopp, Beround (CZ); Jan Kohout, Roudnice Nad Labem (CZ); Jan Brabec, Rakovnik (CZ); Marc René Jacques Marie Dupont, Prague (CZ); Cenek Skarda, Prague (CZ); Lukas Bajer, Somerset, WI (US); and Danila Khikhlukha, Prague (CZ)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Mar. 26, 2020, as Appl. No. 16/831,197.
Prior Publication US 2021/0306350 A1, Sep. 30, 2021
Int. Cl. H04L 9/40 (2022.01); G06N 3/08 (2023.01); G06N 3/045 (2023.01)
CPC H04L 63/14 (2013.01) [G06N 3/045 (2023.01); G06N 3/08 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
obtaining, by a device, input features for a neural network-based model;
pre-defining, by the device, a set of neurons of the model to represent known behaviors associated with the input features;
constraining, by the device, weights for a plurality of outputs of the model; and
training, by the device, the neural network-based model using the constrained weights for the plurality of outputs of the model, by including the pre-defined set of neurons in the neural network-based model, and by excluding the pre-defined set of neurons from being updated during the training.