Patenton — panteon of patents

(19)

RU

(11)

2 680 736

(13)

C1

(51)

IPC

G06F21/56(2013-01-01)

G06F21/53(2013-01-01)

H04L29/06(2006-01-01)

(21) (22)

Application

2018101763, 2018-01-17

(24)

Start date

2018-01-17

(22)

Actual filing date

2018-01-17

(45)

Published

2019-02-26

(72)

Inventor

Kislitsin Nikita IgorevichAndreev Nikolay Nikolaevich

(73)

Holder

Group-Ib Tds Ltd.

MALWARE FILES IN NETWORK TRAFFIC DETECTION SERVER AND METHOD Russian patent published in 2019 - IPC G06F21/56 G06F21/53 H04L29/06 

Abstract RU 2680736 C1

FIELD: information technologies.

SUBSTANCE: invention relates to the field of information security, namely to the malicious files in the network traffic detection. Malicious files in the network traffic detection server contains communication module, which is designed with possibility to receive the network traffic from the data network, filtering module, which is designed with possibility of the communication module connection to receive the captured network traffic therefrom and plurality of files extraction from the received network traffic, the extracted files analysis with enabling of at least one suspicious file detection from the said plurality of files, connected to the filtering module the system monitoring module, which is designed with possibility of each received suspicious file running on the virtual machine, characterized by the state parameters specified set, registration of changes in the said virtual machine state parameters specified set, connected to the system monitoring module processing module, which is designed with possibility of the state parameters obtained changes analysis using the analysis rules specified set, with enabling of the said launched file classification as the malicious files, if the state parameters analyzed changes are characteristic for the malicious files.

EFFECT: increase in the computing resources using efficiency while providing the automated protection.

38 cl, 2 dwg

Similar patents RU2680736C1

Title Year Author Number
COMPUTING DEVICE AND METHOD FOR DETECTING MALICIOUS DOMAIN NAMES IN NETWORK TRAFFIC 2018
  • Kislitsin Nikita Igorevich
 RU2668710C1
SYSTEM AND METHOD OF DETECTING CHANGED SYSTEM FILES FOR CHECKING FOR MALWARE IN A CLOUD SERVICE 2019
  • Parshin Yurij Gennadevich
  • Vorontsov Dmitrij Viktorovich
  • Spravtsev Yurij Vladimirovich
  • Kirzhemanov Andrej Leonidovich
 RU2739832C1
METHOD AND SYSTEM FOR SEARCHING FOR SIMILAR MALWARE BASED ON RESULTS OF THEIR DYNAMIC ANALYSIS 2020
  • Prudkovskij Nickolay Sergeevich
  • Volkov Dmitry Aleksandrovich
 RU2738344C1
METHOD AND A COMPUTING DEVICE FOR DETECTING SUSPICIOUS USERS IN MESSAGING SYSTEMS 2018
  • Kalinin Aleksandr Sergeevich
  • Astanov Zafar Takhirovich
 RU2708508C1
METHOD AND A COMPUTER FOR INFORMING ON MALICIOUS WEB RESOURCES 2018
  • Kalinin Alexander Sergeevich
 RU2701040C1
COMPUTING APPARATUS AND METHOD FOR IDENTIFYING COMPROMISED APPARATUSES BASED ON DNS TUNNELLING DETECTION 2021
  • Afonin Anton Viktorovich
 RU2777348C1
METHOD FOR EXCLUDING PROCESSES OF ANTIVIRUS SCANNING ON THE BASIS OF DATA ON FILE 2015
  • Levchenko Vyacheslav Ivanovich
  • Yudin Maksim Vitalevich
 RU2595510C1
ARTIFICIAL INTELLIGENCE BASED COMPUTER SECURITY SYSTEM 2017
  • Hasan, Syed Kamran
 RU2750554C2
SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD 2018
  • Gordejchik Sergej Vladimirovich
  • Soldatov Sergej Vladimirovich
  • Sapronov Konstantin Vladimirovich
 RU2697954C2
METHOD OF PROVIDING SAFE EXECUTION OF SCRIPT FILE 2014
  • Ladikov Andrej Vladimirovich
  • Solodovnikov Andrej Jurevich
 RU2584507C1

RU 2 680 736 C1

Authors

Kislitsin Nikita Igorevich

Andreev Nikolay Nikolaevich

Dates

2019-02-26Published

2018-01-17Filed

download Download PDF read Similar patents