Mandiant, Inc.
SYSTEM AND METHOD FOR HETEROGENEOUS TRANSFERRED LEARNING FOR ENHANCED CYBERSECURITY THREAT DETECTION

Abstract:

A method includes training a first machine learning model with a first dataset, to produce a first trained machine learning model to infer cybersecurity-oriented file properties and/or detect cybersecurity threats within a first domain. The first dataset includes labeled files associated with the first domain. The first trained machine learning model includes multiple layers, some of which are trainable. A second trained machine learning model is generated, via a transfer learning process, using (1) at least one trainable layer from the multiple trainable layers of the first trained machine learning model, and (2) a second dataset different from the first dataset. The second dataset includes labeled files associated with a second domain. The first domain has a different syntax, different semantics, and/or a different structure than that of the second domain. The second trained machine learning model (e.g., a deep neural network model) is then available for use in inferring cybersecurity-oriented properties of the file in the second domain and/or detecting cybersecurity threats in the second domain.