Show metadata Hide metadata

(19)

(11)

2 649 794

(13)

(51)

IPC

G06F21/53(2013-01-01)

G06F21/56(2013-01-01)

(21) (22)

Application

2017115048, 2017-04-28

(24)

Start date

2017-04-28

(22)

Actual filing date

2017-04-28

(45)

Published

2018-04-04

(72)

Inventor

Pintijskij Vladislav ValerevichAnikin Denis VyacheslavovichKobychev Denis YurevichGolovkin Maksim YurevichButuzov Vitalij VladimirovichKarasovskij Dmitrij ValerievichKirsanov Dmitrij Aleksandrovich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

SYSTEM AND METHOD FOR LOG FORMING IN VIRTUAL MACHINE FOR ANTI-VIRUS FILE CHECKING Russian patent published in 2018 - IPC G06F21/53 G06F21/56

Abstract RU 2649794 C1

FIELD: information technology.

SUBSTANCE: invention relates to solutions for detecting malicious files. Method for deciding to recognize malicious file opened in virtual machine as environment for safe execution of files is disclosed, at that method comprises steps, when: a) during process flow created when file is opened, occurrence of event that is associated with change in at least one page of virtual memory is detected; b) during execution of process flow created when opening file, control transfer to at least one modified virtual memory page is detected; c) log to which following events are saved is created: events that occur during process stream, created when file is opened in modified memory page, and context of processor on which process flow, created when file is opened, is read when logged event occurs; d) saved events in created log are compared with processor context with at least one template; e) it is decided whether to recognize file as malicious, based on comparison results.

EFFECT: technical result is to increase security of computer system, which is achieved by deciding whether to recognize malicious file opened in virtual machine.

8 cl, 4 dwg

Similar patents RU2649794C1

Title	Year	Author	Number
SYSTEM AND METHOD OF FILE ANALYSIS FOR MALICIOUSNESS IN VIRTUAL MACHINE	2017	Pintijskij Vladislav Valerevich Anikin Denis Vyacheslavovich Kobychev Denis Yurevich Golovkin Maksim Yurevich Butuzov Vitalij Vladimirovich Karasovskij Dmitrij Valerievich Kirsanov Dmitrij Aleksandrovich	RU2665911C2
METHOD OF DETECTING MALICIOUS FILES THAT COUNTERACT ANALYSIS IN ISOLATED ENVIRONMENT	2018	Karasovskij Dmitrij Valerievich Shulmin Aleksej Sergeevich Kobychev Denis Yurevich	RU2708355C1
SYSTEM AND METHOD OF GENERATING LOG WHEN EXECUTING FILE WITH VULNERABILITIES IN VIRTUAL MACHINE	2018	Monastyrskij Aleksej Vladimirovich Pavlyushchik Mikhail Aleksandrovich Pintijskij Vladislav Valerevich Anikin Denis Vyacheslavovich Kirsanov Dmitrij Aleksandrovich	RU2724790C1
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE	2016	Golovkin Maksim Yurevich Monastyrskij Aleksej Vladimirovich Pintijskij Vladislav Valerevich Pavlyushchik Mikhail Aleksandrovich Butuzov Vitalij Vladimirovich Karasovskij Dmitrij Valerievich	RU2637997C1
SYSTEM AND METHOD FOR PERFORMING ANTI-VIRUS SCAN OF FILE ON VIRTUAL MACHINE	2016	Monastyrskij Aleksej Vladimirovich Butuzov Vitalij Vladimirovich Golovkin Maksim Yurevich Karasovskij Dmitrij Valerievich Pintijskij Vladislav Valerevich Kobychev Denis Yurevich	RU2628921C1
SYSTEM AND METHOD FOR CATEGORIZATION OF .NET APPLICATIONS	2018	Kuskov Vladimir Anatolevich Anikin Denis Vyacheslavovich Kirsanov Dmitrij Aleksandrovich	RU2756186C2
METHOD OF IMPLEMENTATING INSTRUCTIONS IN SYSTEMIC MEMORY	2016	Pintijskij Vladislav Valerevich Kirsanov Dmitrij Aleksandrovich Anikin Denis Vyacheslavovich	RU2623883C1
METHOD FOR TRANSFER OF CONTROL BETWEEN MEMORY AREAS	2014	Pintijskij Vladislav Valerevich Kirsanov Dmitrij Aleksandrovich Anikin Denis Vjacheslavovich	RU2580016C1
EMULATOR AND METHOD FOR EMULATION	2020	Pintijskij Vladislav Valerevich Anikin Denis Vyacheslavovich Kirsanov Dmitrij Aleksandrovich Trofimenko Sergej Vladimirovich	RU2757409C1
METHOD OF CREATING ANTIVIRUS RECORD WHEN DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY	2015	Pavlyushshik Mikhail Aleksandrovich Monastyrskij Aleksej Vladimirovich Nazarov Denis Aleksandrovich	RU2592383C1

RU 2 649 794 C1

Authors

Pintijskij Vladislav Valerevich

Anikin Denis Vyacheslavovich

Kobychev Denis Yurevich

Golovkin Maksim Yurevich

Butuzov Vitalij Vladimirovich

Karasovskij Dmitrij Valerievich

Kirsanov Dmitrij Aleksandrovich

Dates

2018-04-04—Published

2017-04-28—Filed