SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS Russian patent published in 2018 - IPC G06F21/55 

FIELD: information technology.

SUBSTANCE: invention relates to computer security. In the method for detecting signs of a computer attack, information about the object on the computer is collected, transmit a security notification to the detection means, including information about the security means and the collected information about the object, while retaining the received security notification in the object database, finding the object contained in the received security notification in the threat database, and add a label corresponding to the object in the threat database to the object database to the object in question, search for suspicious activity signs contained in the database of suspicious activity, based on the received security notification and the added object labels contained in said security notification, when a sign of suspicious activity is found, a label in the database of suspicious activity is added to the database of objects to the security notification, perform detection of signs of computer attack by detecting at least one signature of computer attacks from the database of computer attacks among the received objects, and security notifications, and labels of the mentioned objects, and notifications of security notifications from the object database.

EFFECT: improving the quality of identifying signs of computer attacks on the information system.

32 cl, 8 dwg, 1 tbl