FIELD: physics.
SUBSTANCE: invention relates to computer security, specifically to creation of antivirus records. Method for creating an antivirus recording using a call log, having a record of API function calls recorded during execution of a file in a virtual machine, wherein when detecting a behaviour rule corresponding to a call log record, determining a file as malicious, then extracting from the detected behavioural rule of recording API function calls and creating an antivirus recording for a computing device security device, consisting of extracted records of API function calls, wherein said security device of the computing device is intended for antivirus scanning of the file.
EFFECT: technical result is wider range of technical means for creating an antivirus recording.
14 cl, 6 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS FILES | 2017 |
|
RU2673407C1 |
| SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE | 2016 |
|
RU2637997C1 |
| SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS | 2017 |
|
RU2661533C1 |
| SYSTEM AND METHOD FOR PERFORMING ANTI-VIRUS SCAN OF FILE ON VIRTUAL MACHINE | 2016 |
|
RU2628921C1 |
| EMULATOR AND METHOD FOR EMULATION | 2020 |
|
RU2757409C1 |
| METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS | 2020 |
|
RU2763115C1 |
| METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS | 2020 |
|
RU2762528C1 |
| SYSTEM AND METHOD FOR LOG FORMING IN VIRTUAL MACHINE FOR ANTI-VIRUS FILE CHECKING | 2017 |
|
RU2649794C1 |
| SYSTEM AND METHOD OF FILE ANALYSIS FOR MALICIOUSNESS IN VIRTUAL MACHINE | 2017 |
|
RU2665911C2 |
| SYSTEM AND METHOD OF GENERATING LOG WHEN EXECUTING FILE WITH VULNERABILITIES IN VIRTUAL MACHINE | 2018 |
|
RU2724790C1 |
