METHOD AND SYSTEM FOR DETERMINING MALICIOUS ACTIVITY BY ANALYZING THE BEHAVIOUR OF OBJECTS IN NON-INSULATED ENVIRONMENT Russian patent published in 2021 - IPC G06F21/56

Abstract RU 2743620 C1

FIELD: computer engineering.

SUBSTANCE: computer-implemented method for determining malicious activity by analyzing the behavior of objects in a non-insulated environment, in which information is collected into an event stream using a detection unit; the event stream is transmitted to a computing device, where the received stream of events is analyzed for a predetermined amount of time. In this case,

in this case, an event from the stream of events is sent to the adapter input, depending on the type of event, wherein the adapter generates its own internal event; the internal event is transmitted to the signature block, where the received internal event is checked according to predefined rules and, if the internal event conforms to predefined rules, a marker of internal state is created. The internal state marker is directed to the input of the malicious activity decision block, where a decision on malicious activity is taken based on the internal state marker of the signature block, and a suspicious activity report is drawn up.

EFFECT: said invention enables identifying malicious activity by analyzing the behavior of objects in non-insulated environment.

10 cl of the formula, 3 dwg

Similar patents RU2743620C1

Title	Year	Author	Number
METHOD AND SYSTEM FOR SEARCHING FOR SIMILAR MALWARE BASED ON RESULTS OF THEIR DYNAMIC ANALYSIS	2020	Prudkovskij Nickolay Sergeevich Volkov Dmitry Aleksandrovich	RU2738344C1
METHOD FOR COUNTERACTING MALICIOUS SOFTWARE (MALWARE) BY IMITATING TEST ENVIRONMENT	2020	Bryzgin Andrej Aleksandrovich Suprunyuk Pavel Mikhajlovich	RU2748518C1
SYSTEMS AND METHODS OF MONITORING MALWARE BEHAVIOR TO MULTIPLE OBJECTS OF SOFTWARE	2016	Khazhmasan George-Florin Portase Radu-Maryan	RU2683152C1
SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT	2019	Lyukshin Ivan Stanislavovich Kiryukhin Andrej Aleksandrovich Lukiyan Dmitrij Sergeevich Filonov Pavel Vladimirovich	RU2739864C1
SYSTEM AND METHOD FOR DISTRIBUTION VIRUS SCAN TASKS BETWEEN VIRTUAL MACHINES IN VIRTUAL NETWORK	2014	Jarykin Pavel Nikolaevich Godunov Ilja Borisovich	RU2580030C2
METHOD OF COMPUTER SECURITY DISTRIBUTED EVENTS INVESTIGATION	2015	Gajnov Artur Evgenevich Zavodtsev Ilya Valentinovich	RU2610395C1
COMPUTER SYSTEM AND METHOD FOR DETECTING MALWARE USING MACHINE LEARNING	2021	Dichiu Daniel Dincu Andreea Botarleanu Robert-Mihail Zamfir Sorina N. Bosinceanu Elena A. Prejbeanu Razvan	RU2802860C1
SYSTEM AND METHOD FOR IMPROVING QUALITY OF DETECTING MALICIOUS OBJECTS USING RULES AND PRIORITIES	2012	Zajtsev Oleg Vladimirovich	RU2514140C1
METHOD OF INCREASING RELIABILITY OF DETECTING MALICIOUS SOFTWARE	2012	Golovanov Sergej Jur'Evich	RU2485577C1
SYSTEM AND METHOD FOR PERFORMING ANTI-VIRUS SCAN OF FILE ON VIRTUAL MACHINE	2016	Monastyrskij Aleksej Vladimirovich Butuzov Vitalij Vladimirovich Golovkin Maksim Yurevich Karasovskij Dmitrij Valerievich Pintijskij Vladislav Valerevich Kobychev Denis Yurevich	RU2628921C1

RU 2 743 620 C1

Authors

Perfilev Sergej Sergeevich

Andreev Nikolaj Nikolaevich

Dates

2021-02-20—Published

2020-06-26—Filed