Show metadata Hide metadata

(19)

(11)

2 583 712

(13)

(51)

IPC

G06F21/56(2013-01-01)

(21) (22)

Application

2014121039/08, 2014-05-26

(24)

Start date

2014-05-26

(22)

Actual filing date

2014-05-26

(45)

Published

2016-05-10

(72)

Inventor

Zakorzhevskij Vjacheslav VladimirovichAseev Evgenij AlekseevichKrjukov Andrej VladimirovichIvanov Anton Mikhajlovich

(73)

Holder

Zakrytoe Aktsionernoe Obshchestvo Kasperskogo"

SYSTEM AND METHOD OF DETECTING MALICIOUS FILES OF CERTAIN TYPE Russian patent published in 2016 - IPC G06F21/56

Abstract RU 2583712 C2

FIELD: information technology.

SUBSTANCE: invention relates to antivirus technologies, and more specifically to systems of detecting malicious files of a certain type. Result is achieved by using a method of creating a signature to detect malicious files of a certain format, which comprises steps of: detecting a suspicious file and recognising its format, based on which said file is checked using an antivirus and a collection of safe files. Suspicious file is checked using a virtual machine in case suspicious file is not safe based on comparison with safe collection of files or malicious after anti-virus scan. After analysis of results of checking suspicious file using a virtual machine is created a tree structure of signatures for detected malicious files, which is used for storage of signatures. Creating a signature for detected file, if analysis results show that suspicious file is malicious and stored signature in said tree structure of signatures.

EFFECT: technical result consists in providing possibility of detecting malicious code in files of a certain type by means of corresponding signatures.

2 cl, 5 dwg

Similar patents RU2583712C2

Title	Year	Author	Number
METHOD FOR EXCLUDING PROCESSES OF ANTIVIRUS SCANNING ON THE BASIS OF DATA ON FILE	2015	Levchenko Vyacheslav Ivanovich Yudin Maksim Vitalevich	RU2595510C1
SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD	2018	Gordejchik Sergej Vladimirovich Soldatov Sergej Vladimirovich Sapronov Konstantin Vladimirovich	RU2697954C2
METHOD OF DETECTING UNKNOWN PROGRAMS BY LOAD PROCESS EMULATION	2011	Parshin Jurij Gennad'Evich Pintijskij Vladislav Valer'Evich	RU2472215C1
METHOD FOR AUTOMATIC GENERATION OF HEURISTIC ALGORITHMS FOR SEARCHING FOR MALICIOUS OBJECTS	2012	Zajtsev Oleg Vladimirovich	RU2510530C1
METHOD FOR AUTOMATIC ADJUSTMENT OF SECURITY MEANS	2012	Zajtsev Oleg Vladimirovich	RU2514137C1
METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2763115C1
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2762528C1
METHOD OF DETECTING HARMFUL COMPOSITE FILES	2016	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2634178C1
METHOD OF COMPOSITE FILE ACCESS CONTROL	2017	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2659739C1
SYSTEM AND METHOD OF DETECTING THE HARMFUL CODE IN THE ADDRESS PROCESS SPACE	2017	Pavlyushchik Mikhail Aleksandrovich	RU2665910C1

RU 2 583 712 C2

Authors

Zakorzhevskij Vjacheslav Vladimirovich

Aseev Evgenij Alekseevich

Krjukov Andrej Vladimirovich

Ivanov Anton Mikhajlovich

Dates

2016-05-10—Published

2014-05-26—Filed