Show metadata Hide metadata

(19)

(11)

2 708 356

(13)

(51)

IPC

G06F21/56(2013-01-01)

(21) (22)

Application

2018123697, 2018-06-29

(24)

Start date

2018-06-29

(22)

Actual filing date

2018-06-29

(45)

Published

2019-12-05

(72)

Inventor

Romanenko Aleksej MikhajlovichProkudin Sergej ViktorovichLiskin Aleksandr Viktorovich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

SYSTEM AND METHOD FOR TWO-STAGE CLASSIFICATION OF FILES Russian patent published in 2019 - IPC G06F21/56

Abstract RU 2708356 C1

FIELD: physics.

SUBSTANCE: invention relates to the field of detection of malicious files. A method of detecting malicious files comprises steps of: selecting a set of file attributes, which contains at least simple file attributes; simple feature is a feature, the extraction of which does not require significant computational costs; calculating a flexible hash of a file based on the selected set of file attributes; flexible hash is resistant to changes of features from the selected set of features; selecting a classifier corresponding to the calculated flexible hash of the file from the set of classifiers consisting of at least one classifier; classifier corresponds to a flexible hash, when for training classifier used at least files, values of flexible hashes of which coincide with value of said flexible hash; relating the file to one of the file categories using the classifier selected at the previous step; file is considered malicious if it is classified as malicious files.

EFFECT: technical result is reducing the number of errors of the first and second delivery when detecting malicious files.

14 cl, 5 dwg

Similar patents RU2708356C1

Title	Year	Author	Number
SYSTEM AND METHOD OF REDUCING NUMBER OF FALSE TRIGGERING OF CLASSIFICATION ALGORITHMS	2018	Prokudin Sergej Viktorovich Chistyakov Aleksandr Sergeevich Romanenko Aleksej Mikhajlovich	RU2706883C1
METHOD OF COMPOSITE FILE ACCESS CONTROL	2017	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2659739C1
METHOD OF DETECTING HARMFUL COMPOSITE FILES	2016	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2634178C1
METHOD FOR DETECTING MALICIOUS FILES BASED ON FILE FRAGMENTS	2019	Kostin Rayu	RU2747464C2
METHOD FOR DETERMINING SIMILARITY OF COMPOSITE FILES	2016	Kryukov Andrej Vladimirovich Liskin Aleksandr Viktorovich Ivanov Anton Mikhajlovich	RU2628922C1
SYSTEM AND METHOD FOR CATEGORIZING APPLICATION ON COMPUTING DEVICE	2019	Kuskov Vladimir Anatolevich Buchka Nikita Aleksandrovich Kivva Anton Andreevich Volkov Oleg Pavlovich Lukasevich Dmitrij Yurevich Roginskij Evgenij Andreevich Filatov Konstantin Mikhajlovich Latokhin Dmitrij Vladimirovich	RU2747514C2
SYSTEM AND METHOD OF DETECTING THE HARMFUL CIL-FILE	2017	Krylov Vladimir Vladimirovich Liskin Aleksandr Viktorovich Antonov Aleksej Evgenevich	RU2660643C1
SYSTEM AND METHOD FOR REDUCING LOAD ON MALWARE DETECTION SERVICE	2019	Kuskov Vladimir Anatolevich Buchka Nikita Aleksandrovich Kivva Anton Andreevich Volkov Oleg Pavlovich Lukasevich Dmitrij Yurevich Roginskij Evgenij Andreevich Filatov Konstantin Mikhajlovich Latokhin Dmitrij Vladimirovich	RU2739833C1
METHOD FOR SEARCHING FOR SAMPLES OF MALICIOUS MESSAGES	2019	Regentov Georgij Aleksandrovich	RU2750627C2
SYSTEM AND METHOD OF FORMATION OF ANTI-VIRUS RECORDS USED TO DETECT MALICIOUS FILES ON USER'S COMPUTER	2015	Prokudin Sergej Viktorovich	RU2617654C2

RU 2 708 356 C1

Authors

Romanenko Aleksej Mikhajlovich

Prokudin Sergej Viktorovich

Liskin Aleksandr Viktorovich

Dates

2019-12-05—Published

2018-06-29—Filed