| CPC G06F 21/552 (2013.01) [G06N 3/08 (2013.01); G06F 2221/034 (2013.01)] | 16 Claims |
|
1. A computer-implemented method for training a neural network for detecting cybersecurity threats to a digital system, the method comprising:
receiving multi-modal data for training the neural network;
processing a first portion of the multi-modal data of a first modality using a first modality-specific layer of the neural network to generate one or more first embedding vectors representing features of the first portion of the multi-modal data;
processing at least a second portion of the multi-modal data of a second modality—different from the first modality—using a second modality-specific layer of the neural network to generate one or more second embedding vectors representing features of the second portion of the multi-modal data;
training a first layer and at least a second layer of the neural network, such that the first and second layers of the neural network are configured to generate, from the first embedding vectors and the second embedding vectors, respectively, corresponding custom embedding vectors that represent corresponding portions of the multi-modal data in a shared embedding space;
training, based on a plurality of the custom embedding vectors, at least a third layer of the neural network, the third layer being trained to identify patterns across multiple modalities, wherein:
the first layer, the second layer, and the third layer are jointly trained based on a common loss function generated as a weighted combination of a first loss function and at least a second loss function, the first and second loss functions selected based on characteristics of the first and second modality,
the common loss function is adjusted during the joint training, wherein adjusting the common loss function comprises adding a third loss function in the weighted combination, and
the neural network is trained to generate an indication whether or not multi-modal attempts to access the digital system are unauthorized.
|