Show metadata Hide metadata

(19)

(11)

2 673 711

(13)

(51)

IPC

G06F21/55(2013-01-01)

(21) (22)

Application

2017121121, 2017-06-16

(24)

Start date

2017-06-16

(22)

Actual filing date

2017-06-16

(45)

Published

2018-11-29

(72)

Inventor

Monastyrskij Aleksej VladimirovichPavlyushchik Mikhail AleksandrovichRomanenko Aleksej MikhajlovichGolovkin Maksim Yurevich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

METHOD FOR DETECTING ANOMALOUS EVENTS ON BASIS OF CONVOLUTION ARRAY OF SAFETY EVENTS Russian patent published in 2018 - IPC G06F21/55

Abstract RU 2673711 C1

FIELD: computer equipment.

SUBSTANCE: invention relates to computer engineering. Method for generating a set of convolutions of safe events in which an agent is launched in the operating system of at least one knowingly safe computer device, registering events of at least one type occurring in the operating system of the computer device, where at least the types of events are: start of processes; loading modules; file operations; register operations; detect interceptors installed in the operating system, an event that has occurred in the operating system; register the agent with the detected event and receive from the computer device the context of the specified event; allocate from the received context of the event the signs of the event and form the convolution of the detected event on the basis of the selected features; add convolution to a set of convolutions of safe events.

EFFECT: technical result is to ensure the formation of convolutions of safe events.

45 cl, 5 dwg

Similar patents RU2673711C1

Title	Year	Author	Number
METHOD OF THE ANOMALOUS EVENTS DETECTING BY THE EVENT DIGEST POPULARITY	2017	Monastyrskij Aleksej Vladimirovich Pavlyushchik Mikhail Aleksandrovich Romanenko Aleksej Mikhajlovich Golovkin Maksim Yurevich	RU2651196C1
SYSTEM AND METHOD OF GENERATING LOG WHEN EXECUTING FILE WITH VULNERABILITIES IN VIRTUAL MACHINE	2018	Monastyrskij Aleksej Vladimirovich Pavlyushchik Mikhail Aleksandrovich Pintijskij Vladislav Valerevich Anikin Denis Vyacheslavovich Kirsanov Dmitrij Aleksandrovich	RU2724790C1
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE	2016	Golovkin Maksim Yurevich Monastyrskij Aleksej Vladimirovich Pintijskij Vladislav Valerevich Pavlyushchik Mikhail Aleksandrovich Butuzov Vitalij Vladimirovich Karasovskij Dmitrij Valerievich	RU2637997C1
SYSTEM AND METHOD OF MAKING FLEXIBLE CONVOLUTION FOR MALWARE DETECTION	2013	Antonov Aleksej Evgenevich Romanenko Aleksej Mikhajlovich	RU2580036C2
METHOD OF CREATING SCRIPT OF POPULAR ACTIVATION EVENTS	2015	Eliseev Evgenij Yurevich Yablokov Viktor Vladimirovich	RU2679783C2
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2762528C1
METHOD OF RECALL OF ORIGINAL FUNCTION AFTER ITS INTERCEPTION WITH SAVING OF STACK OF PARAMETERS	2013	Ledenev Aleksandr Vjacheslavovich	RU2546588C2
SYSTEM AND METHOD OF SIMILAR FILES DETERMINING	2015	Antonov Aleksej Evgenevich Romanenko Aleksej Mikhajlovich	RU2614561C1
WEB PROPERTY MODIFICATION DETECTION SYSTEM AND METHOD	2018	Skvortsov Vladimir Aleksandrovich Kolotinskij Evgenij Borisovich	RU2702081C2
SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD	2018	Gordejchik Sergej Vladimirovich Soldatov Sergej Vladimirovich Sapronov Konstantin Vladimirovich	RU2697954C2

RU 2 673 711 C1

Authors

Monastyrskij Aleksej Vladimirovich

Pavlyushchik Mikhail Aleksandrovich

Romanenko Aleksej Mikhajlovich

Golovkin Maksim Yurevich

Dates

2018-11-29—Published

2017-06-16—Filed