Patenton — panteon of patents

(19)

RU

(11)

2 667 052

(13)

C2

(51)

IPC

G06F21/56(2013-01-01)

G06F21/50(2013-01-01)

(21) (22)

Application

2017105533, 2015-08-25

(24)

Start date

2015-08-25

(22)

Actual filing date

2015-08-25

(45)

Published

2018-09-13

(72)

Inventor

Hunt, SimonMankin, JenniferZimmerman, Jeffrey

(73)

Holder

Mcafee, Inc.

DETECTION OF HARMFUL SOFTWARE WITH CROSS-REVIEW Russian patent published in 2018 - IPC G06F21/56 G06F21/50 

Abstract RU 2667052 C2

FIELD: computer safety.

SUBSTANCE: invention relates to computer security. Computing device for determining a suspicious executable object is disclosed, comprising a storage device and one or more hardware and/or software logic elements, comprising a cross-view detection mechanism configured to monitor the first operation, executed by the executable in the memory at the first level of abstraction; monitoring, in fact, simultaneous second operation performed by the executable object in the memory at the second level of abstraction, second level of abstraction differs from the first level of abstraction; determination that the first operation, in essence, causes a different computational result than the second operation, definition comprises converting the first operation and the second operation into a comparable format; and designating the executable object as suspicious.

EFFECT: technical result is a more reliable definition of a suspicious executable object that can be malicious software.

23 cl, 5 dwg

Similar patents RU2667052C2

Title Year Author Number
SYSTEM AND METHOD OF INCREASING EFFICIENCY OF DETECTING UNKNOWN HARMFUL OBJECTS 2010
  • Mashevskij Jurij Vjacheslavovich
  • Vasilenko Roman Sergeevich
 RU2454714C1
METHOD FOR DELAYED ELIMINATION OF MALICIOUS CODE 2014
  • Rusakov Vjacheslav Evgenevich
  • Zajtsev Oleg Vladimirovich
 RU2583711C2
SYSTEM AND METHOD OF PROTECTING COMPUTER APPLICATIONS 2011
  • Rusakov Vjacheslav Evgen'Evich
  • Shirjaev Aleksandr Vasil'Evich
 RU2460133C1
SECURITY AGENT, OPERATING AT EMBEDDED SOFTWARE LEVEL WITH SUPPORT OF OPERATING SYSTEM SECURITY LEVEL 2013
  • Gusarov Igor Anatolevich
  • Nesmachnyj Jurij Vladimirovich
  • Dobrovolskij Sergej Vasilevich
  • Godunov Ilja Borisovich
 RU2583714C2
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE 2016
  • Golovkin Maksim Yurevich
  • Monastyrskij Aleksej Vladimirovich
  • Pintijskij Vladislav Valerevich
  • Pavlyushchik Mikhail Aleksandrovich
  • Butuzov Vitalij Vladimirovich
  • Karasovskij Dmitrij Valerievich
 RU2637997C1
EMULATOR AND METHOD FOR EMULATION 2020
  • Pintijskij Vladislav Valerevich
  • Anikin Denis Vyacheslavovich
  • Kirsanov Dmitrij Aleksandrovich
  • Trofimenko Sergej Vladimirovich
 RU2757409C1
SYSTEM AND METHOD FOR FILTERING FILES TO CONTROL APPLICATIONS 2014
  • Levchenko Vjacheslav Ivanovich
  • Judin Maksim Vitalevich
  • Polozov Pavel Leonidovich
 RU2584505C2
METHOD FOR AUTOMATIC ADJUSTMENT OF SECURITY MEANS 2012
  • Zajtsev Oleg Vladimirovich
 RU2514137C1
SYSTEM AND METHOD FOR DETECTING MALWARE BY CREATING ISOLATED ENVIRONMENT 2012
  • Jablokov Viktor Vladimirovich
  • Eliseev Evgenij Jur'Evich
 RU2535175C2
TECHNOLOGIES OF DESTRUCTION IN DELETION TO OPTIMISE SOLID-STATE DRIVE 2008
  • Shu Frehnk Dzh.
  • Obr Natan S.
 RU2456664C2

RU 2 667 052 C2

Authors

Hunt, Simon

Mankin, Jennifer

Zimmerman, Jeffrey

Dates

2018-09-13Published

2015-08-25Filed

download Download PDF read Similar patents