FIELD: information technology.
SUBSTANCE: invention relates to protection against computer threats, namely, to systems and methods for assessment of categorisation rule reliability. Method of recognition of the categorisation rule as a reliable one the following steps: a) creation, with the help of a means for categorisation rule creation, of at least one categorisation rule, which is used for training of at least one algorithm of intellectual analysis of data; at that, for creation of a categorisation rules use is made of files from the database for training; note here, that categorisation rule enables to determine the identity of the file, to which it is applied, to one of determined within the rules category of files; b) filtration by means of training algorithms of at least one formed at the earlier stage of categorisation rule, which is used for training of at least one algorithm of intellectual analysis of data; at that, the result of filtration is extraction of a set of categorisation rules, every of which splits multiple files for training into subsets of files corresponding to set within the rule rules categories of files, so that at least one such subset corresponding to the category of files is a uniform totality of files; at that, the uniform totality of files contains only similar files; c) training by training algorithms of at least one algorithm of intellectual analysis for further determination of a degree of reliability of the categorisation rule using a selected at the previous stage set of categorisation rules and totality of files for training, which includes at least one set of similar files; d) creation, using the means for creation of characterisation rule at least one rule of categorisation; e) collection using a means for statistics collection of statistics on use of at least one of the created categorisation rule; at that, statistics on use of categorisation rules represents information on totality of files of the category, which are defined within the said categorisation rule; f) determination with the help of a determining means of reliability of at least one degree of reliability of the categorisation rule based on statistics of categorisation rule using one algorithm of intellectual analysis of data; g) acception, with the help of the rule for determination of reliability, of the categorisation rule as reliable if a combination of degrees of reliability of the rules defined at step d), exceeds the set numeric threshold.
EFFECT: automation of analysis of reliability of a categorisation rule based on comparing the combination of degrees of reliability of the categorisation rule with the set numerical threshold.
12 cl, 5 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEM AND METHOD FOR TWO-STAGE CLASSIFICATION OF FILES | 2018 |
|
RU2708356C1 |
| SYSTEM AND METHOD OF MAKING FLEXIBLE CONVOLUTION FOR MALWARE DETECTION | 2013 |
|
RU2580036C2 |
| SYSTEM AND METHOD OF SIMILAR FILES DETERMINING | 2015 |
|
RU2614561C1 |
| SYSTEM AND METHOD OF REDUCING NUMBER OF FALSE TRIGGERING OF CLASSIFICATION ALGORITHMS | 2018 |
|
RU2706883C1 |
| SYSTEM AND METHOD OF DETECTING DIRECTED ATTACK ON CORPORATE INFRASTRUCTURE | 2013 |
|
RU2587426C2 |
| METHOD OF CONTROLLING APPLICATIONS | 2015 |
|
RU2587424C1 |
| SYSTEM AND METHOD OF CLASSIFYING OBJECTS OF COMPUTER SYSTEM | 2018 |
|
RU2724710C1 |
| METHOD AND SYSTEM FOR ANALYSING OPERATION OF SOFTWARE DETECTION RULES | 2013 |
|
RU2568285C2 |
| SYSTEM AND METHOD FOR OPTIMISING COMPUTER RESOURCE USAGE | 2011 |
|
RU2475819C1 |
| SYSTEM AND METHOD FOR CATEGORIZING APPLICATION ON COMPUTING DEVICE | 2019 |
|
RU2747514C2 |
