SYSTEM AND METHOD OF CLASSIFICATION OF OBJECTS Russian patent published in 2019 - IPC G06F21/56 

FIELD: data processing.

SUBSTANCE: invention relates to the field of detection of malicious files. Classification system of the analyzed objects is disclosed, which contains: a) means of sampling a data block, intended for: sampling at least one data block contained in the analyzed object, using the analysis model, while the analysis model is a set of rules for searching data blocks, so that each found data block increases the probability of classifying the object being analyzed as malicious; transferring the selected data blocks to the static analysis tool; b) means of static analysis of the object, intended for: forming for each received data block a set of attributes describing the said data block; calculating the convolution of the generated feature sets; transferring the generated convolution to the means of calculating the degree of harmfulness; c) means of calculating the degree of harmfulness, designed to: calculate the degree of harmfulness of the object being analyzed based on the analysis of the resulting convolution using the model of detecting malicious objects; transferring the calculated degree of harmfulness to the classification tool; d) classification tool designed to: recognize the object being analyzed to be safe, in the case when the obtained degree of harmfulness does not exceed a predetermined threshold value and the mentioned degree of harmfulness is calculated on the basis of all the data blocks contained in the analyzed object; recognition of the object being analyzed as malicious, in the case when the obtained degree of harmfulness exceeds a predetermined threshold value.

EFFECT: technical result consists in the classification of objects using the detection model of malicious objects.

24 cl, 7 dwg