Fortinet, Inc.
ADAPTIVE FILTERING OF MALWARE USING MACHINE-LEARNING BASED CLASSIFICATION AND SANDBOXING

Abstract:

Systems and methods for adaptive filtering of malware using a machine-learning model and sandboxing are provided. According to one embodiment, a processing resource of a sandbox appliance receives a file. A feature vector associated with the file is generated by extracting multiple static features from the file. The file is classified based on the feature vector by applying a machine-learning model. When the classification of the file is unknown, representing insufficient information is available to identify the file as malicious or benign, sandbox processing is caused to be performed on the file.