Patenton — panteon of patents

(19)

RU

(11)

2 728 497

(13)

C1

(51)

IPC

G06F8/74(2018-01-01)

G06F8/75(2018-01-01)

G06F21/56(2013-01-01)

(21) (22)

Application

2019139628, 2019-12-05

(24)

Start date

2019-12-05

(22)

Actual filing date

2019-12-05

(45)

Published

2020-07-29

(72)

Inventor

Slipenchuk Pavel VladimirovichPomerantsev Ilya Sergeevich

(73)

Holder

Obshchestvo S Ogranichennoj Otvetstvennostyu Ajbi Tds"

METHOD AND SYSTEM FOR DETERMINING BELONGING OF SOFTWARE BY ITS MACHINE CODE Russian patent published in 2020 - IPC G06F8/74 G06F8/75 G06F21/56 

Abstract RU 2728497 C1

FIELD: computer equipment.

SUBSTANCE: method of determining membership of a software (SW) to a certain family of programs based on its machine code, in which a file is obtained, comprising a machine code SW; determining format of obtained file; retrieving and storing code of functions present in the obtained file; deleting from stored code functions, which are library; selecting in each function a command; selecting "action, argument" pair in each command; converting each pair "action, argument" to number; storing, separately for each selected function, the obtained sequence of numbers; accumulating a predetermined number of machine code analysis results and detecting repeated sequences of numbers (patterns); for each detected pattern, calculating a parameter characterizing its frequency; based on the calculated set of parameters, the classifier is trained to determine the SW membership by the "action, argument" pairs sequence; trained classifier is used for subsequent determination of membership of SW to a certain family of programs.

EFFECT: technical result consists in automatic identification of software (SW) according to the sequence of machine commands executed by it.

12 cl, 4 dwg

Similar patents RU2728497C1

Title Year Author Number
METHOD AND SYSTEM FOR DETERMINING SOFTWARE BELONGING BY ITS SOURCE CODE 2019
  • Slipenchuk Pavel Vladimirovich
  • Pomerantsev Ilya Sergeevich
 RU2728498C1
METHOD AND SYSTEM FOR CLUSTERING EXECUTABLE FILES 2021
  • Pomerantsev Ilya Sergeevich
 RU2778979C1
METHOD AND SYSTEM FOR GENERATING THE LIST OF COMPROMISE INDICATORS 2020
  • Pomerantsev Ilya Sergeevich
 RU2743619C1
METHOD AND SYSTEM FOR SEARCHING FOR SIMILAR MALWARE BASED ON RESULTS OF THEIR DYNAMIC ANALYSIS 2020
  • Prudkovskij Nickolay Sergeevich
  • Volkov Dmitry Aleksandrovich
 RU2738344C1
SYSTEM AND METHOD TO COMPARE FILES BASED ON FUNCTIONALITY TEMPLATES 2009
  • Vasilenko Roman Sergeevich
 RU2427890C2
METHOD AND SYSTEM FOR STATIC ANALYSIS OF EXECUTABLE FILES BASED ON PREDICTIVE MODELS 2020
  • Prudkovskij Nikolaj Sergeevich
 RU2759087C1
METHOD FOR COUNTERACTING MALICIOUS SOFTWARE (MALWARE) BY IMITATING TEST ENVIRONMENT 2020
  • Bryzgin Andrej Aleksandrovich
  • Suprunyuk Pavel Mikhajlovich
 RU2748518C1
SYSTEM AND METHOD FOR DETECTING MALICIOUS FILES ON MOBILE DEVICES 2015
  • Kivva Anton Andreevich
  • Buchka Nikita Aleksandrovich
  • Kuzin Mikhail Yurevich
  • Chebyshev Viktor Vladimirovich
 RU2614557C2
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE 2016
  • Golovkin Maksim Yurevich
  • Monastyrskij Aleksej Vladimirovich
  • Pintijskij Vladislav Valerevich
  • Pavlyushchik Mikhail Aleksandrovich
  • Butuzov Vitalij Vladimirovich
  • Karasovskij Dmitrij Valerievich
 RU2637997C1
SYSTEM AND METHOD FOR TWO-STAGE CLASSIFICATION OF FILES 2018
  • Romanenko Aleksej Mikhajlovich
  • Prokudin Sergej Viktorovich
  • Liskin Aleksandr Viktorovich
 RU2708356C1

RU 2 728 497 C1

Authors

Slipenchuk Pavel Vladimirovich

Pomerantsev Ilya Sergeevich

Dates

2020-07-29Published

2019-12-05Filed

download Download PDF read Similar patents