Predictive Machine Learning

Trend Micro Predictive Machine Learning uses advanced machine learning technology to correlate threat information and perform in-depth file analysis to detect emerging unknown security risks through digital DNA fingerprinting, API mapping, and other file features. Predictive Machine Learning also performs a behavioral analysis on unknown or low-prevalence processes to determine if an emerging or unknown threat is attempting to infect your network.

Predictive Machine Learning is a powerful tool that helps protect your environment from unidentified threats and zero-day attacks.

Detection Type

Description

File

After detecting an unknown or low-prevalence file, the OfficeScan agent scans the file using the Advanced Threat Scan Engine (ATSE) to extract file features and sends the report to the Predictive Machine Learning engine, hosted on the Trend Micro Smart Protection Network. Through use of malware modeling, Predictive Machine Learning compares the sample to the malware model, assigns a probability score, and determines the probable malware type that the file contains.

Depending on how you configure Predictive Machine Learning, the OfficeScan agent can attempt to "Quarantine" the affected file to prevent the threat from continuing to spread across your network.

Process

After detecting an unknown or low-prevalence process, the OfficeScan agent monitors the process using the Contextual Intelligence Engine, and sends the behavioral report to the Predictive Machine Learning engine. Through use of behavioral malware modeling, Predictive Machine Learning compares the process behavior to the model, assigns a probability score, and determines the probable malware type the process is executing.

Process detection also monitors script execution. If the Contextual Intelligence Engine detects the execution of a suspicious script, Predictive Machine Learning takes the configured action.

Predictive Machine Learning performs script blocking on the following types of scripts:

  • cscript

  • jar

  • powershell

  • vbs

  • wscript

Depending on how you configure Predictive Machine Learning, the OfficeScan agent can "Terminate" the affected process or script and attempt to clean the file that executed the process or script.