Brock D Bose

US Patent:

20210256127, Aug 19, 2021

Filed:

Apr 16, 2021

Appl. No.:

17/301868

Inventors:

- Philadelphia PA, US
Ryan Peters - Fairfax VA, US
Donald Steiner - McLean VA, US
Bhargav R. Avasarala - Arlington VA, US
Brock D. Bose - Alexandria VA, US
John C. Day - Palm Bay FL, US

International Classification:

G06F 21/56
G06N 5/02
G06K 9/62

Abstract:

Improved systems and methods for automated machine-learning, zero-day malware detection. Embodiments include a system and method for detecting malware using multi-stage file-typing and, optionally pre-processing, with fall-through options. The system and method receive a set of training files which are each known to be either malign or benign, partition the set of training files into a plurality of categories based on file-type, in which the partitioning file-types a subset of the training files into supported file-type categories, train file-type specific classifiers that distinguish between malign and benign files for the supported file-type categories of files, associate supported file-types with a file-type processing chain that includes a plurality of file-type specific classifiers corresponding to the supported file-types, train a generic file-type classifier that applies to file-types that are not supported file-types, and construct a composite classifier using the file-type specific classifiers and the generic file-type classifier.

US Patent:

20210248623, Aug 12, 2021

Filed:

Feb 11, 2020

Appl. No.:

16/787263

Inventors:

- St. Louis MO, US
Brock Bose - Denver CO, US
Yizhe Xu - Seattle WA, US

Assignee:

Charter Communications Operating, LLC - St. Louis MO

International Classification:

G06Q 30/00
G06Q 50/26
G06N 7/00
H04N 21/258

Abstract:

Methods and systems for determining watch-time variability are described. A method for determining watch-time variability includes obtaining account and streaming data for streams viewed on an account using an account password, generating a probability of account viewing distribution, generating an account entropy based on the probability of account viewing distribution, grouping the streams into two or more groups, where the grouping uses an account-stream characteristic which has a probabilistic utility to indicate account password sharing. generating a group entropy for each of the two or more groups, determining a watch-time variability based on the account entropy and each group entropy, where the watch-time variability measures the increase in disorder when the two or more groups are unrelated with respect to the account-stream characteristic, and providing an indication of account password sharing to limit activity on the account.

US Patent:

20160203318, Jul 14, 2016

Filed:

Mar 21, 2016

Appl. No.:

15/076073

Inventors:

- Falls Church VA, US
Brock D. BOSE - Alexandria VA, US
John C. DAY - Palm Bay FL, US
Donald STEINER - McLean VA, US

International Classification:

G06F 21/56

Abstract:

Improved systems and methods for automated machine-learning, zero-day malware detection. Embodiments include a method for improved zero-day malware detection that receives a set of training files which are each known to be either malign or benign, partitions the set of training files into a plurality of categories, and trains category-specific classifiers that distinguish between malign and benign files in a category of files. The training may include selecting one of the plurality of categories of training files, identifying features present in the training files in the selected category of training files, evaluating the identified features to determine the identified features most effective at distinguishing between malign and benign files, and building a category-specific classifier based on the evaluated features. Embodiments also include by a system and computer-readable medium with instructions for executing the above method.

US Patent:

20140090061, Mar 27, 2014

Filed:

Sep 26, 2013

Appl. No.:

14/038682

Inventors:

- Falls Church VA, US
Brock D. BOSE - Alexandria VA, US
John C. DAY - Palm Bay FL, US
Donald STEINER - McLean VA, US

Assignee:

Northrop Grumman Systems Corporation - Falls Church VA

International Classification:

G06F 21/56

US Classification:

726 24

Abstract:

Improved systems and methods for automated machine-learning, zero-day malware detection. Embodiments include a method for improved zero-day malware detection that receives a set of training files which are each known to be either malign or benign, partitions the set of training files into a plurality of categories, and trains category-specific classifiers that distinguish between malign and benign files in a category of files. The training may include selecting one of the plurality of categories of training files, identifying features present in the training files in the selected category of training files, evaluating the identified features to determine the identified features most effective at distinguishing between malign and benign files, and building a category-specific classifier based on the evaluated features. Embodiments also include by a system and computer-readable medium with instructions for executing the above method.