Show metadata Hide metadata

(19)

(11)

2 634 173

(13)

(51)

IPC

G06F21/56(2013-01-01)

G06F21/71(2013-01-01)

(21) (22)

Application

2016125280, 2016-06-24

(24)

Start date

2016-06-24

(22)

Actual filing date

2016-06-24

(45)

Published

2017-10-24

(72)

Inventor

Golovkin Maksim YurevichRomanenko Aleksej MikhajlovichMonastyrskij Aleksej Vladimirovich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

SYSTEM AND DETECTING METHOD OF REMOTE ADMINISTRATION APPLICATION Russian patent published in 2017 - IPC G06F21/56 G06F21/71

Abstract RU 2634173 C1

FIELD: information technology.

SUBSTANCE: system contains an activity analysis tool, a dependency detection tool, a search tool, an analysis tool. The activity analysis tool is designed to intercept events that occurred in the computer system, while the computer system event represents a set of actions performed by the application in the computer system. The analysis tool is also designed to determine the parameters of each intercepted event, at the same time the parameters of computer system event represent a set of different properties of the computer system event, time elapsed between registering the selected event and subsequent recording of the intercepted event, and passing certain parameters of the intercepted events to the dependency detection tool.

EFFECT: ensuring the counteraction to unauthorized administration of the computer system through detection of remote administration applications.

2 cl, 3 dwg

Similar patents RU2634173C1

Title	Year	Author	Number
SYSTEM AND METHOD FOR DETERMINATION OF EVENT CLASSIFICATION RULE ON USER TERMINAL DEVICE	2020	Shvetsov Dmitrij Vladimirovich Yazovskij Daniil Aleksandrovich Vorobev Vitalij Sergeevich	RU2772404C2
SYSTEM AND METHOD OF CONTROLLING ACCESS TO CORPORATE NETWORK RESOURCES FOR PERSONAL COMPUTERS	2011	Kulaga Andrej Aleksandrovich Tarasenko Aleksandr Sergeevich Shijafetdinov Damir Rafekovich Vasil'Ev Sergej Alekseevich	RU2460132C1
SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS	2017	Gordejchik Sergej Vladimirovich Sapronov Konstantin Vladimirovich Parshin Yurij Gennadevich Kheirkhabarov Tejmur Samedovich Soldatov Sergej Vladimirovich	RU2661533C1
METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2763115C1
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2762528C1
SYSTEM AND METHOD OF CLASSIFYING OBJECTS OF COMPUTER SYSTEM	2018	Chistyakov Aleksandr Sergeevich Romanenko Aleksej Mikhajlovich Shevelev Aleksandr Sergeevich	RU2724710C1
SYSTEM AND METHOD OF MODIFYING APPLICATION FUNCTIONALITY	2014	Ovcharik Vladislav Ivanovich Kondratov Vitalij Viktorovich Kirikova Evgenija Pavlovna	RU2573783C1
SYSTEM AND METHOD OF DETERMINING TRUST WHEN UPDATING LICENSED SOFTWARE	2012	Solodovnikov Andrej Jur'Evich Kruglov Kirill Nikolaevich	RU2495487C1
SYSTEM AND METHOD OF DETECTION OF MALICIOUS FILES USING A TRAINED MALWARE DETECTION PATTERN	2017	Chistyakov Aleksandr Sergeevich Lobacheva Ekaterina Maksimovna Romanenko Aleksej Mikhajlovich	RU2654151C1
SYSTEM AND METHOD OF MANAGING COMPUTING RESOURCES FOR DETECTING MALICIOUS FILES	2017	Chistyakov Aleksandr Sergeevich Lobacheva Ekaterina Maksimovna Romanenko Aleksej Mikhajlovich	RU2659737C1

RU 2 634 173 C1

Authors

Golovkin Maksim Yurevich

Romanenko Aleksej Mikhajlovich

Monastyrskij Aleksej Vladimirovich

Dates

2017-10-24—Published

2016-06-24—Filed