Show metadata Hide metadata

(19)

(11)

2 651 196

(13)

(51)

IPC

G06F21/56(2013-01-01)

(21) (22)

Application

2017121120, 2017-06-16

(24)

Start date

2017-06-16

(22)

Actual filing date

2017-06-16

(45)

Published

2018-04-18

(72)

Inventor

Monastyrskij Aleksej VladimirovichPavlyushchik Mikhail AleksandrovichRomanenko Aleksej MikhajlovichGolovkin Maksim Yurevich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

METHOD OF THE ANOMALOUS EVENTS DETECTING BY THE EVENT DIGEST POPULARITY Russian patent published in 2018 - IPC G06F21/56

Abstract RU 2651196 C1

FIELD: information technologies.

SUBSTANCE: invention relates to occurring in the operating system abnormal events detecting methods. Starting the agent recording events that occur in the operating system. Using at least one installed in the operating system interceptor detecting an event that has occurred in the operating system. Recording the detected by the interceptor event and using the agent receiving the specified event context from the computer device. From the obtained context selecting the event signs by means of the digest formation and based on the selected signs forming the event digest. Formed event digest popularity is determined by means of comparison. By the comparison means recognizing the detected as abnormal one, if the specified event digest popularity is below the threshold value.

EFFECT: technical result is provision of the abnormal events detection occurring in the client's operating system during the software execution.

22 cl, 5 dwg

Similar patents RU2651196C1

Title	Year	Author	Number
METHOD FOR DETECTING ANOMALOUS EVENTS ON BASIS OF CONVOLUTION ARRAY OF SAFETY EVENTS	2017	Monastyrskij Aleksej Vladimirovich Pavlyushchik Mikhail Aleksandrovich Romanenko Aleksej Mikhajlovich Golovkin Maksim Yurevich	RU2673711C1
SYSTEM AND METHOD OF GENERATING LOG WHEN EXECUTING FILE WITH VULNERABILITIES IN VIRTUAL MACHINE	2018	Monastyrskij Aleksej Vladimirovich Pavlyushchik Mikhail Aleksandrovich Pintijskij Vladislav Valerevich Anikin Denis Vyacheslavovich Kirsanov Dmitrij Aleksandrovich	RU2724790C1
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2762528C1
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE	2016	Golovkin Maksim Yurevich Monastyrskij Aleksej Vladimirovich Pintijskij Vladislav Valerevich Pavlyushchik Mikhail Aleksandrovich Butuzov Vitalij Vladimirovich Karasovskij Dmitrij Valerievich	RU2637997C1
WEB PROPERTY MODIFICATION DETECTION SYSTEM AND METHOD	2018	Skvortsov Vladimir Aleksandrovich Kolotinskij Evgenij Borisovich	RU2702081C2
SYSTEM AND METHOD OF DETECTING FRAUDULENT ONLINE TRANSACTIONS	2014	Golovanov Sergej Jur'Evich Monastyrskij Aleksej Vladimirovich	RU2571721C2
SYSTEM AND METHOD OF DETECTING THREAT IN CODE EXECUTED BY VIRTUAL MACHINE	2012	Pavljushchik Mikhail Aleksandrovich	RU2522019C1
SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS	2017	Gordejchik Sergej Vladimirovich Sapronov Konstantin Vladimirovich Parshin Yurij Gennadevich Kheirkhabarov Tejmur Samedovich Soldatov Sergej Vladimirovich	RU2661533C1
SYSTEM AND METHOD OF MAKING FLEXIBLE CONVOLUTION FOR MALWARE DETECTION	2013	Antonov Aleksej Evgenevich Romanenko Aleksej Mikhajlovich	RU2580036C2
SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD	2018	Gordejchik Sergej Vladimirovich Soldatov Sergej Vladimirovich Sapronov Konstantin Vladimirovich	RU2697954C2

RU 2 651 196 C1

Authors

Monastyrskij Aleksej Vladimirovich

Pavlyushchik Mikhail Aleksandrovich

Romanenko Aleksej Mikhajlovich

Golovkin Maksim Yurevich

Dates

2018-04-18—Published

2017-06-16—Filed