Show metadata Hide metadata

(19)

(11)

2 628 922

(13)

(51)

IPC

G06F9/44(2006-01-01)

G06F7/00(2006-01-01)

(21) (22)

Application

2016139469, 2016-10-10

(24)

Start date

2016-10-10

(22)

Actual filing date

2016-10-10

(45)

Published

2017-08-22

(72)

Inventor

Kryukov Andrej VladimirovichLiskin Aleksandr ViktorovichIvanov Anton Mikhajlovich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

METHOD FOR DETERMINING SIMILARITY OF COMPOSITE FILES Russian patent published in 2017 - IPC G06F9/44 G06F7/00

Abstract RU 2628922 C1

FIELD: physics.

SUBSTANCE: method for determining the similarity of composite files contains the steps of: a) determining by means of the calculation tool, whether the first file is a compound file; b) allocating the first set of attributes from the header of the first composite file by means of the calculation tool, if it was determined in the previous step that the first file is composite; c) allocating the second set of attributes from, at least, one directory entry of the first composite file by means of the calculation tool, if it was determined in the previous step that the first file is composite; d) calculating the hash of the first composite file using the first and the second set of attributes by means of the calculation tool; e) performing a-d steps for the second composite file; f) recognizing the first and the second compound files to be similar by means of the calculation tool, if the calculated file hashes are the same.

EFFECT: detecting similar compound files, which is achieved by recognizing composite files to be similar, if the calculated hashes of compound files are the same.

7 cl, 4 dwg

Similar patents RU2628922C1

Title	Year	Author	Number
METHOD OF DETECTING HARMFUL COMPOSITE FILES	2016	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2634178C1
METHOD OF COMPOSITE FILE ACCESS CONTROL	2017	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2659739C1
SYSTEM AND METHOD FOR TWO-STAGE CLASSIFICATION OF FILES	2018	Romanenko Aleksej Mikhajlovich Prokudin Sergej Viktorovich Liskin Aleksandr Viktorovich	RU2708356C1
SYSTEM AND METHOD OF FORMATION OF ANTI-VIRUS RECORDS USED TO DETECT MALICIOUS FILES ON USER'S COMPUTER	2015	Prokudin Sergej Viktorovich	RU2617654C2
SYSTEM AND METHOD OF REDUCING NUMBER OF FALSE TRIGGERING OF CLASSIFICATION ALGORITHMS	2018	Prokudin Sergej Viktorovich Chistyakov Aleksandr Sergeevich Romanenko Aleksej Mikhajlovich	RU2706883C1
METHOD OF CREATING ANTIVIRUS RECORD WHEN DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY	2015	Pavlyushshik Mikhail Aleksandrovich Monastyrskij Aleksej Vladimirovich Nazarov Denis Aleksandrovich	RU2592383C1
METHOD OF DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY	2015	Pavlyushshik Mikhail Aleksandrovich Monastyrskij Aleksej Vladimirovich Nazarov Denis Aleksandrovich	RU2589862C1
SYSTEM AND METHOD OF SIMILAR FILES DETERMINING	2015	Antonov Aleksej Evgenevich Romanenko Aleksej Mikhajlovich	RU2614561C1
METHOD FOR FASTER FULL ANTIVIRUS SCANNING OF FILES ON MOBILE DEVICE	2019	Chebyshev Viktor Vladimirovich Glavatskikh Dmitrij Nikolaevich Filatov Konstantin Mikhajlovich Kuskov Vladimir Anatolevich	RU2726878C1
METHOD FOR SELECTIVE REPEATED ANTIVIRUS SCANNING OF FILES ON MOBILE DEVICE	2019	Chebyshev Viktor Vladimirovich Glavatskikh Dmitrij Nikolaevich Filatov Konstantin Mikhajlovich Kuskov Vladimir Anatolevich	RU2726877C1

RU 2 628 922 C1

Authors

Kryukov Andrej Vladimirovich

Liskin Aleksandr Viktorovich

Ivanov Anton Mikhajlovich

Dates

2017-08-22—Published

2016-10-10—Filed