FIELD: computer technology.
SUBSTANCE: invention relates to the field of computer technology for detecting malicious applications on computing devices using a remote server. The technical result is achieved due to the method of categorizing the application on the computing device, according to which: a set of features of the application present on the computing device is collected using a security tool functioning on the computing device, for subsequent transmission to the security server; the application is classified using the classification service that operates on the security server, based on the collected set of features, where the classification result is obtained using a pre-trained classifying expert system in the form of the probability of the application belonging to the application categories; the relevance of the classification results is determined using a reputation service that provides the results of the classification of previously classified applications, and the relevance rules based on the classification results; the application category is determined with the help of a security tool using heuristic rules to determine the application category based on the current classification results.
EFFECT: reduced number of errors of the first and second kind when determining the application category.
6 cl, 4 dwg
Title | Year | Author | Number |
---|---|---|---|
SYSTEM AND METHOD FOR REDUCING LOAD ON MALWARE DETECTION SERVICE | 2019 |
|
RU2739833C1 |
SYSTEM AND METHOD FOR TWO-STAGE CLASSIFICATION OF FILES | 2018 |
|
RU2708356C1 |
SYSTEM AND METHOD OF CHECKING FILE EDS | 2018 |
|
RU2706873C1 |
SYSTEM AND METHOD OF PROOFING AGAINST SCANNING OF EDS FILES | 2018 |
|
RU2708353C1 |
SYSTEM AND METHOD OF REDUCING NUMBER OF FALSE TRIGGERING OF CLASSIFICATION ALGORITHMS | 2018 |
|
RU2706883C1 |
METHOD FOR DETECTING MALICIOUS FILES BASED ON FILE FRAGMENTS | 2019 |
|
RU2747464C2 |
SYSTEM AND METHOD FOR CATEGORIZATION OF .NET APPLICATIONS | 2018 |
|
RU2756186C2 |
METHOD FOR FASTER FULL ANTIVIRUS SCANNING OF FILES ON MOBILE DEVICE | 2019 |
|
RU2726878C1 |
SYSTEM AND METHOD FOR DETERMINING THE FILE TRUST LEVEL | 2019 |
|
RU2750628C2 |
METHOD FOR SELECTIVE REPEATED ANTIVIRUS SCANNING OF FILES ON MOBILE DEVICE | 2019 |
|
RU2726877C1 |
Authors
Dates
2021-05-06—Published
2019-06-28—Filed