FIELD: physics.
SUBSTANCE: invention relates to the field of detection of malicious files. A method of detecting malicious files comprises steps of: selecting a set of file attributes, which contains at least simple file attributes; simple feature is a feature, the extraction of which does not require significant computational costs; calculating a flexible hash of a file based on the selected set of file attributes; flexible hash is resistant to changes of features from the selected set of features; selecting a classifier corresponding to the calculated flexible hash of the file from the set of classifiers consisting of at least one classifier; classifier corresponds to a flexible hash, when for training classifier used at least files, values of flexible hashes of which coincide with value of said flexible hash; relating the file to one of the file categories using the classifier selected at the previous step; file is considered malicious if it is classified as malicious files.
EFFECT: technical result is reducing the number of errors of the first and second delivery when detecting malicious files.
14 cl, 5 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEM AND METHOD OF REDUCING NUMBER OF FALSE TRIGGERING OF CLASSIFICATION ALGORITHMS | 2018 |
|
RU2706883C1 |
| METHOD OF COMPOSITE FILE ACCESS CONTROL | 2017 |
|
RU2659739C1 |
| METHOD OF DETECTING HARMFUL COMPOSITE FILES | 2016 |
|
RU2634178C1 |
| METHOD FOR DETECTING MALICIOUS FILES BASED ON FILE FRAGMENTS | 2019 |
|
RU2747464C2 |
| METHOD FOR DETERMINING SIMILARITY OF COMPOSITE FILES | 2016 |
|
RU2628922C1 |
| METHOD OF DETECTING MALICIOUS FILES USING LINK GRAPH | 2023 |
|
RU2823749C1 |
| SYSTEM AND METHOD FOR CATEGORIZING APPLICATION ON COMPUTING DEVICE | 2019 |
|
RU2747514C2 |
| SYSTEM AND METHOD OF DETECTING THE HARMFUL CIL-FILE | 2017 |
|
RU2660643C1 |
| SYSTEM AND METHOD FOR REDUCING LOAD ON MALWARE DETECTION SERVICE | 2019 |
|
RU2739833C1 |
| METHOD FOR SEARCHING FOR SAMPLES OF MALICIOUS MESSAGES | 2019 |
|
RU2750627C2 |
