	US 11,856,003 B2
	Innocent until proven guilty (IUPG): adversary resistant and false positive resistant deep learning models
Brody James Kutt, Santa Clara, CA (US); Oleksii Starov, Santa Clara, CA (US); Yuchen Zhou, Newark, CA (US); and William Redington Hewlett, II, Mountain View, CA (US)
Assigned to Palo Alto Networks, Inc., Santa Clara, CA (US)
Filed by Palo Alto Networks, Inc., Santa Clara, CA (US)
Filed on May 26, 2021, as Appl. No. 17/331,549.
Claims priority of provisional application 63/034,843, filed on Jun. 4, 2020.
Prior Publication US 2021/0385232 A1, Dec. 9, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06N 3/04 (2023.01)

CPC H04L 63/14 (2013.01) [G06N 3/04 (2013.01); H04L 63/20 (2013.01)]

22 Claims

1. A system, comprising:

a processor configured to:

store on a networked device a set comprising one or more innocent until proven guilty (IUPG) models for static analysis of a sample;

determine a file type associated with the sample and to select an IUPG model from the set of one or more IUPG models based on the determined file type associated with the file;

perform a static analysis of content associated with the sample, wherein performing the static analysis of the content includes using the selected IUPG model; and

determine that the sample is malicious based at least in part on the static analysis of the content associated with the sample, and in response to determining that the sample is malicious, perform an action based on a security policy; and

a memory coupled to the processor and configured to provide the processor with instructions.