Patenton — panteon of patents

(19)

RU

(11)

2 738 344

(13)

C1

(51)

IPC

G06F21/56(2013-01-01)

G06N20/20(2019-01-01)

(21) (22)

Application

2020110068, 2020-03-10

(24)

Start date

2020-03-10

(22)

Actual filing date

2020-03-10

(45)

Published

2020-12-11

(72)

Inventor

Prudkovskij Nickolay SergeevichVolkov Dmitry Aleksandrovich

(73)

Holder

Group Ib Tds Ltd.

METHOD AND SYSTEM FOR SEARCHING FOR SIMILAR MALWARE BASED ON RESULTS OF THEIR DYNAMIC ANALYSIS Russian patent published in 2020 - IPC G06F21/56 G06N20/20 

Abstract RU 2738344 C1

FIELD: computer equipment.

SUBSTANCE: invention relates to the computer equipment. Computer-implemented method of searching for similar malware based on results of their dynamic analysis includes a preparatory step, in which: in an isolated environment, a malicious program is analysed; recording the actions performed by the malicious program in the behavioural report; dividing the accumulated behavioural reports so that the group contains reports containing similar actions and relating to one known malicious family; on the selected fields from the behavioural report a vector of features is created on the given known malicious family; based on each of obtained feature vectors a binary classifier is trained; creating an ensemble of binary classifiers based on previously trained binary classifiers; working stage, at which: analysing a malicious program; recording the actions performed by the malicious program in the behavioural report; trained at preparatory stage ensemble of binary classifiers; ensemble of binary classifiers generates result of calculating probability of ratio of malicious file to this family.

EFFECT: technical result consists in improvement of accuracy of assigning malicious programs to a known family of malicious programs.

8 cl, 3 dwg

Similar patents RU2738344C1

Title Year Author Number
METHOD AND SYSTEM FOR DETERMINING MALICIOUS ACTIVITY BY ANALYZING THE BEHAVIOUR OF OBJECTS IN NON-INSULATED ENVIRONMENT 2020
  • Perfilev Sergej Sergeevich
  • Andreev Nikolaj Nikolaevich
 RU2743620C1
METHOD AND SYSTEM FOR DETECTING MALICIOUS FILES IN A NON-ISOLATED MEDIUM 2020
  • Prudkovskij Nikolaj Sergeevich
 RU2722692C1
METHOD AND SYSTEM FOR STATIC ANALYSIS OF EXECUTABLE FILES BASED ON PREDICTIVE MODELS 2020
  • Prudkovskij Nikolaj Sergeevich
 RU2759087C1
METHOD FOR COUNTERACTING MALICIOUS SOFTWARE (MALWARE) BY IMITATING TEST ENVIRONMENT 2020
  • Bryzgin Andrej Aleksandrovich
  • Suprunyuk Pavel Mikhajlovich
 RU2748518C1
COMPUTER SYSTEM AND METHOD FOR DETECTING MALWARE USING MACHINE LEARNING 2021
  • Dichiu Daniel
  • Dincu Andreea
  • Botarleanu Robert-Mihail
  • Zamfir Sorina N.
  • Bosinceanu Elena A.
  • Prejbeanu Razvan
 RU2802860C1
SYSTEM AND METHOD OF SELECTING MEANS OF DETECTING MALICIOUS FILES 2019
  • Chistyakov Aleksandr Sergeevich
  • Romanenko Aleksej Mikhajlovich
 RU2739830C1
SYSTEM AND METHOD TO COMPARE FILES BASED ON FUNCTIONALITY TEMPLATES 2009
  • Vasilenko Roman Sergeevich
 RU2427890C2
METHOD OF INCREASING RELIABILITY OF DETECTING MALICIOUS SOFTWARE 2012
  • Golovanov Sergej Jur'Evich
 RU2485577C1
MALWARE FILES IN NETWORK TRAFFIC DETECTION SERVER AND METHOD 2018
  • Kislitsin Nikita Igorevich
  • Andreev Nikolay Nikolaevich
 RU2680736C1
METHOD AND SYSTEM FOR CLUSTERING EXECUTABLE FILES 2021
  • Pomerantsev Ilya Sergeevich
 RU2778979C1

RU 2 738 344 C1

Authors

Prudkovskij Nickolay Sergeevich

Volkov Dmitry Aleksandrovich

Dates

2020-12-11Published

2020-03-10Filed

download Download PDF read Similar patents