Changeflow GovPing Telecom & Technology USPTO Grants Patent for Malware Detector Using NLP
Routine Notice Added Final

USPTO Grants Patent for Malware Detector Using NLP

Favicon for changeflow.com ChangeBridge: Patent Grants - AI & Computing (G06N)
Published March 24th, 2026
Detected March 24th, 2026
Email

Summary

The USPTO has granted patent US12585935B2 to Palo Alto Networks, Inc. for a malware detector that utilizes Natural Language Processing (NLP) on dynamic malware analysis reports. The patent describes a system that aggregates text-based features from these reports to classify files and generate a malware detection output.

View original document View source feed page

What changed

The United States Patent and Trademark Office (USPTO) has granted patent US12585935B2 to Palo Alto Networks, Inc. The patent covers a novel malware detection system that employs Natural Language Processing (NLP) techniques on dynamic malware analysis reports. The system preprocesses these reports to extract text-based features, including individual tokens and n-grams, which are then fed into trained neural networks and boosting models to classify files and generate a malware detection output.

This patent grant signifies a new technological development in cybersecurity, specifically in the automated detection of malware. While patents do not impose direct regulatory obligations on other entities, they can influence industry standards and practices. Companies operating in the cybersecurity space, particularly those developing AI-driven threat detection solutions, should be aware of this patented technology. The assignee, Palo Alto Networks, Inc., now holds exclusive rights to this specific implementation, which may impact competitive product development and licensing strategies within the industry.

Source document (simplified)

← USPTO Patent Grants

Execution behavior analysis text-based ensemble malware detector

Grant US12585935B2 Kind: B2 Mar 24, 2026

Assignee

Palo Alto Networks, Inc.

Inventors

Sujit Rokka Chhetri, William Redington Hewlett, II

Abstract

A malware detector has been designed that uses a combination of NLP techniques on dynamic malware analysis reports for malware classification of files. The malware detector aggregates text-based features identified in different pre-processing pipelines that correspond to different types of properties of a dynamic malware analysis report. From a dynamic malware analysis report, the pre-processing pipelines of the malware detector generate a first feature set based on individual text tokens and a second feature set based on n-grams. The malware detector inputs the first feature set into a trained neural network having an embedding layer. The malware detector then extracts a dense layer from the trained neural network and aggregates the extracted layer with the second feature set to form an input for a trained boosting model. The malware detector inputs the cross-pipeline feature values into the trained boosting model to generate a malware detection output.

CPC Classifications

G06N 20/00 G06N 3/08 G06N 3/09 G06N 3/045 G06N 3/0464 G06N 3/04 G06N 3/084 G06N 20/20 G06F 21/561 G06F 21/56 G06F 21/562 G06F 21/566

Filing Date

2021-02-10

Application No.

17172519

Claims

23

View original document →

Named provisions

Execution behavior analysis text-based ensemble malware detector

Related changes

Favicon for changeflow.com USPTO Patent Grant for Policy Neural Network Agent Control
Routine Mar 25, 2026 ChangeBridge: Patent Grants - AI & Computing (G06N) Telecom & Technology
Favicon for changeflow.com USPTO Patent Grant: Object Detection Method Using Cropped Images
Routine Mar 25, 2026 ChangeBridge: Patent Grants - AI & Computing (G06N) Telecom & Technology
Favicon for changeflow.com USPTO Patent Grant for Analog Resistive Processing Unit System
Routine Mar 25, 2026 ChangeBridge: Patent Grants - AI & Computing (G06N) Telecom & Technology
Favicon for oig.hhs.gov HHS FISMA Compliance Report: Not Effective, 10 Recommendations Made
Priority review Mar 25, 2026 HHS OIG Reports & Publications Healthcare
Favicon for changeflow.com EPO Patent EP3286707A1: Authentication Server for Electronic Devices
Routine Mar 25, 2026 ChangeBridge: EPO Bulletin - Business Methods (G06Q) Banking & Finance
Favicon for changeflow.com EPO Patent EP4028954A1: Continuous Learning for Fraud Detection
Routine Mar 25, 2026 ChangeBridge: EPO Bulletin - Business Methods (G06Q) Banking & Finance

Source

Favicon for changeflow.com
ChangeBridge: Patent Grants - AI & Computing (G06N) changeflow.com/changebridge/uspto-patent-grants/G06N
Telecom & Technology
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
USPTO
Published
March 24th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Minor
Document ID
US12585935B2

Who this affects

Applies to
Technology companies
Industry sector
5112 Software & Technology
Activity scope
Malware Detection
Geographic scope
United States US

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Artificial Intelligence Data Privacy

Browse Categories

Agriculture & Food Safety 61 AI Regulation 3 Banking & Finance 238 Consumer Protection 41 Courts & Legal 323 Data Privacy & Cybersecurity 64 Defense & National Security 48 Education 20 Energy 105 Environment 83 Government & Legislation 264 Healthcare 131 Housing 16 Immigration 9 Insurance 56 Labor & Employment 111 Legal & Courts 1 Pharma & Drug Safety 99 Securities & Markets 80 Tax 64 Telecom & Technology 48 Trade & Sanctions 124 Transportation 56

Get Telecom & Technology alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when ChangeBridge: Patent Grants - AI & Computing (G06N) publishes new changes.

Free. Unsubscribe anytime.