Patenton — panteon of patents

(19)

RU

(11)

2 722 692

(13)

C1

(51)

IPC

G06F21/56(2013-01-01)

(21) (22)

Application

2020107922, 2020-02-21

(24)

Start date

2020-02-21

(22)

Actual filing date

2020-02-21

(45)

Published

2020-06-03

(72)

Inventor

Prudkovskij Nikolaj Sergeevich

(73)

Holder

Obshchestvo S Ogranichennoj Otvetstvennostyu Ajbi Tds»

METHOD AND SYSTEM FOR DETECTING MALICIOUS FILES IN A NON-ISOLATED MEDIUM Russian patent published in 2020 - IPC G06F21/56 

Abstract RU 2722692 C1

FIELD: computer equipment.

SUBSTANCE: present technical solution relates to computer engineering, particularly to a method and system for detecting malicious files in a non-isolated medium. A computer-implemented method for detecting malicious files in a non-isolated medium comprises: a preparatory step, where: generating a collection of files, which contains at least one malicious executable file and at least one non-malicious executable file; analyzing at least one executable file, wherein: extracting data from binary and disassembled types of executable file, based on which parameters are created for further training classifier, wherein additionally by statistical method determining parameters characteristic of malicious files and / or vice versa is not malicious; wherein first and second flow graph is extracted; based on obtained parameters first and second feature vector are constructed; creating an ensemble of classifiers from: first trained classifier based on first feature vector, a second trained classifier based on a second feature vector; third classifier, trained based on first flow graph, fourth classifier, trained on second flow graph, wherein for each classifier a decision priority is determined in advance; working stage, at which: obtaining, at least, one executable file; trained at the preparatory stage classifier ensemble, to detect malicious executable files; analysis result is output.

EFFECT: disclosed is a method of detecting malicious files.

15 cl, 1 tbl, 5 dwg

Similar patents RU2722692C1

Title Year Author Number
METHOD AND SYSTEM FOR STATIC ANALYSIS OF EXECUTABLE FILES BASED ON PREDICTIVE MODELS 2020
  • Prudkovskij Nikolaj Sergeevich
 RU2759087C1
METHOD AND SYSTEM FOR SEARCHING FOR SIMILAR MALWARE BASED ON RESULTS OF THEIR DYNAMIC ANALYSIS 2020
  • Prudkovskij Nickolay Sergeevich
  • Volkov Dmitry Aleksandrovich
 RU2738344C1
METHOD OF DETECTING MALICIOUS FILES USING LINK GRAPH 2023
  • Kogtenkov Aleksei Aleksandrovich
  • Romanenko Aleksei Mikhailovich
  • Antonov Aleksei Evgenevich
 RU2823749C1
METHOD AND SYSTEM FOR DETERMINING MALICIOUS ACTIVITY BY ANALYZING THE BEHAVIOUR OF OBJECTS IN NON-INSULATED ENVIRONMENT 2020
  • Perfilev Sergej Sergeevich
  • Andreev Nikolaj Nikolaevich
 RU2743620C1
COMPUTER SYSTEM AND METHOD FOR DETECTING MALWARE USING MACHINE LEARNING 2021
  • Dichiu Daniel
  • Dincu Andreea
  • Botarleanu Robert-Mihail
  • Zamfir Sorina N.
  • Bosinceanu Elena A.
  • Prejbeanu Razvan
 RU2802860C1
METHOD AND SYSTEM FOR CLUSTERING EXECUTABLE FILES 2021
  • Pomerantsev Ilya Sergeevich
 RU2778979C1
COMPUTING APPARATUS AND METHOD FOR IDENTIFYING COMPROMISED APPARATUSES BASED ON DNS TUNNELLING DETECTION 2021
  • Afonin Anton Viktorovich
 RU2777348C1
METHOD AND SYSTEM FOR DETERMINING SOFTWARE BELONGING BY ITS SOURCE CODE 2019
  • Slipenchuk Pavel Vladimirovich
  • Pomerantsev Ilya Sergeevich
 RU2728498C1
SYSTEM AND METHOD OF SIMILAR FILES DETERMINING 2015
  • Antonov Aleksej Evgenevich
  • Romanenko Aleksej Mikhajlovich
 RU2614561C1
METHOD AND SYSTEM FOR ELIMINATING VULNERABILITIES IN PROGRAM CODE 2023
  • Vyshegorodtsev Kirill Evgenevich
  • Kuzmin Aleksandr Mikhajlovich
 RU2821220C1

RU 2 722 692 C1

Authors

Prudkovskij Nikolaj Sergeevich

Dates

2020-06-03Published

2020-02-21Filed

download Download PDF read Similar patents