Patenton — panteon of patents

(19)

RU

(11)

2 523 114

(13)

C2

(51)

IPC

G06F21/51(2013-01-01)

(21) (22)

Application

2012113255/08, 2012-04-06

(24)

Start date

2012-04-06

(22)

Actual filing date

2012-04-06

(45)

Published

2014-07-20

(72)

Inventor

Golovanov Sergej Jur'Evich

(73)

Holder

Zakrytoe Aktsionernoe Obshchestvo Kasperskogo"

METHOD OF ANALYSING MALICIOUS ACTIVITY ON INTERNET, DETECTING MALICIOUS NETWORK NODES AND NEIGHBOURING INTERMEDIATE NODES Russian patent published in 2014 - IPC G06F21/51 

Abstract RU 2523114 C2

FIELD: physics, computer engineering.

SUBSTANCE: present invention relates to antiviruses and specifically to methods of detecting malicious infrastructure. A method of detecting intermediate nodes in a computer network through which malware is distributed, wherein the intermediate nodes are connected to the Internet, to which malicious nodes are also connected. The present method employs a system of computer tools, services for detecting a traffic route in a network, a WHOIS service for accessing login information about an owner of a domain or IP address, followed by constructing flow chart of distribution of malware from a malicious site over data link channels, evaluating the usage rate of the link channel for distributing malware, detecting and blocking an intermediate node used illegally; the method further allows the unblocking of the intermediate node if the intensity of distribution of malware considerably drops over time or ceases to pose a threat to the site which directly contained the malware.

EFFECT: detecting malicious infrastructure by analysing links between network nodes, constructing a flow chart of communication between network nodes and automatic analysis of the strength of the link between nodes.

17 cl, 9 dwg, 3 tbl

Similar patents RU2523114C2

Title Year Author Number
METHOD OF ANALYSING AND DETECTING MALICIOUS INTERMEDIATE NODES IN NETWORK 2012
  • Golovanov Sergej Jur'Evich
 RU2495486C1
METHOD AND SYSTEM FOR DETECTING THE INFRASTRUCTURE OF A MALICIOUS SOFTWARE OR A CYBERCRIMINAL 2020
  • Volkov Dmitrij Aleksandrovich
  • Mileshin Filipp Alekseevich
 RU2722693C1
METHOD FOR CLASSIFYING OBJECTS TO PREVENT SPREAD OF MALICIOUS ACTIVITY 2023
  • Parinov Denis Igorevich
  • Vlasova Viktoriia Vladimirovna
  • Romanenko Aleksei Mikhailovich
  • Antonov Aleksei Evgenevich
 RU2808385C1
METHOD AND COMPUTING DEVICE FOR DETECTING TARGET MALICIOUS WEB RESOURCE 2022
  • Rozhnov Ilia Olegovich
 RU2791824C1
METHOD OF INCREASING RELIABILITY OF DETECTING MALICIOUS SOFTWARE 2012
  • Golovanov Sergej Jur'Evich
 RU2485577C1
METHOD FOR SEARCHING FOR SAMPLES OF MALICIOUS MESSAGES 2019
  • Regentov Georgij Aleksandrovich
 RU2750627C2
METHOD AND A COMPUTER FOR INFORMING ON MALICIOUS WEB RESOURCES 2018
  • Kalinin Alexander Sergeevich
 RU2701040C1
METHOD FOR DISTRIBUTED PERFORMANCE OF COMPUTER SECURITY TASKS 2011
  • Dukhvalov Andrej Petrovich
  • Mashevskij Jurij Vjacheslavovich
  • Tikhomirov Anton Vladimirovich
 RU2494453C2
METHOD OF SELECTING SAFE ROUTE IN COMMUNICATION NETWORK OF GENERAL USE 2016
  • Anisimov Vasilij Vyacheslavovich
  • Volkova Evgeniya Valerevna
  • Mulyukova Ilyuza Radikovna
  • Starodubtsev Yurij Ivanovich
  • Fedorov Vadim Gennadevich
  • Chukarikov Aleksandr Gennadevich
 RU2640627C1
SYSTEM AND METHOD FOR DETECTING MALICIOUS ACTIVITY ON A COMPUTER SYSTEM 2018
  • Sumenkov Igor Igorevich
  • Golovanov Sergej Yurevich
 RU2697958C1

RU 2 523 114 C2

Authors

Golovanov Sergej Jur'Evich

Dates

2014-07-20Published

2012-04-06Filed

download Download PDF read Similar patents