Trained to find the bad

In 2017, BluVector was issued the patent for detecting zero-day malware leveraging supervised machine learning (U.S. Patent 9,665,713). At a high level, supervised machine learning algorithms work by building a model based on “labeled” training data. Labeled means that someone has assigned a category of interest to each training instance. As with all instances of machine learning, training data is critical. Leveraging 8 years of work with the US Intel Community and their threat data (as part of Northrop Grumman), BluVector has unmatched access to some of the most robust training data available.

Unlike unsupervised machine learning, which is leveraged by most security vendors today, BluVector Machine Learning Engine (MLE) algorithms were pre-trained to immediately identify malicious content embedded within common file formats like Office documents, archives, executables, .pdf and system updates. The result: 99.1%+ detection accuracy upon installation.

BluVector Supervised Machine Learning Overview

BluVector has 35+ individual file classifiers and classifies all files on a probability continuum that spans “benign” to “unknown” to “malicious”. Malware can be encapsulated in any number of packages – including office documents, executables, macros contained within a document, embedded JavaScript, and seemingly legitimate system updates.

Because this malware is increasingly used for destructive purposes, it is critical to intercept and analyze these files at the point of network delivery. BluVector has developed a method of detection using its patented supervised machine learning engine to detect file-based malware in milliseconds on the network. Even if the malware has never been seen before. BluVector MLE looks at the content of a file itself for a combination of characteristics that represent good or malicious software and is able to accurately identify attributes of files designed to perform the functions typical of malware.