Patenton — panteon of patents

(19)

RU

(11)

2 491 615

(13)

C1

(51)

IPC

G06F11/00(2006-01-01)

G06F21/56(2013-01-01)

(21) (22)

Application

2012106466/08, 2012-02-24

(24)

Start date

2012-02-24

(22)

Actual filing date

2012-02-24

(45)

Published

2013-08-27

(72)

Inventor

Golovkin Maksim Jur'Evich

(73)

Holder

Zakrytoe Aktsionernoe Obshchestvo Kasperskogo"

SYSTEM AND METHOD OF CREATING SOFTWARE DETECTION RECORDS Russian patent published in 2013 - IPC G06F11/00 G06F21/56 

Abstract RU 2491615 C1

FIELD: information technology.

SUBSTANCE: method includes steps of: emulating object execution; recording performed operations in a journal with memory during emulation of object execution; merging said operations with memory into at least one serial set; determining high-level operations that were performed during emulation of object execution on the operations with memory merged into at least one serial set; creating software detection records based on high-level operation information.

EFFECT: improved detection of unknown packers by using detection records created based on information on high-level operations, execution of which said unknown packer is responsible.

12 cl, 4 dwg

Similar patents RU2491615C1

Title Year Author Number
METHOD FOR ENHANCEMENT OF OPERATIONAL EFFICIENCY OF HARDWARE ACCELERATION OF APPLICATION EMULATION 2012
  • Belov Sergej Jur'Evich
 RU2514142C1
METHOD OF EMULATING SYSTEM FUNCTION CALLS FOR EVADING EMULATION COUNTERMEASURES 2012
  • Belov Sergej Jur'Evich
 RU2514141C1
METHOD OF DETECTING UNKNOWN PROGRAMS BY LOAD PROCESS EMULATION 2011
  • Parshin Jurij Gennad'Evich
  • Pintijskij Vladislav Valer'Evich
 RU2472215C1
SYSTEM AND METHOD OF CHECKING EXECUTABLE CODE BEFORE EXECUTION THEREOF 2012
  • Pavljushchik Mikhail Aleksandrovich
 RU2510074C2
SYSTEM AND METHOD OF CREATING RULES FOR FILTERING INSIGNIFICANT EVENTS FOR EVENT LOG ANALYSIS 2012
  • Zajtsev Oleg Vladimirovich
 RU2514139C1
GENERAL UNPACKING OF APPLICATIONS FOR DETECTING MALICIOUS PROGRAMS 2014
  • Gupta, Deepak
 RU2658132C1
GENERAL UNPACKING OF APPLICATIONS FOR DETECTING MALICIOUS PROGRAMS 2014
  • Gupta Dipak
 RU2632163C2
METHOD OF DETECTING MALICIOUS EXECUTABLES, CONTAINING INTERPRETER, BY COMBINING EMULATORS 2015
  • Zakorzhevskij Vyacheslav Vladimirovich
  • Vinogradov Dmitrij Valerevich
  • Pintijskij Vladislav Valerevich
  • Kirsanov Dmitrij Aleksandrovich
 RU2622627C2
EMULATOR AND METHOD FOR EMULATION 2020
  • Pintijskij Vladislav Valerevich
  • Anikin Denis Vyacheslavovich
  • Kirsanov Dmitrij Aleksandrovich
  • Trofimenko Sergej Vladimirovich
 RU2757409C1
METHOD OF INVOKING SYSTEM FUNCTIONS IN CONDITIONS OF USE OF AGENTS FOR PROTECTING OPERATING SYSTEM KERNEL 2014
  • Yudin Maksim Vitalevich
  • Tarasenko Aleksandr Sergeevich
  • Levchenko Vyacheslav Ivanovich
  • Kumagin Igor Yurevich
 RU2585978C2

RU 2 491 615 C1

Authors

Golovkin Maksim Jur'Evich

Dates

2013-08-27Published

2012-02-24Filed

download Download PDF read Similar patents