FIELD: information security.
SUBSTANCE: invention relates to the field of information security. The technical result is achieved by creating an imitation of the test environment by installing artifacts into a computer system, where the installed artifacts are made to be detected by malicious software (malware); fixation in the computer system with respect to the mentioned artifacts of the countermeasures of the first and second kind, where the countermeasure event of the first kind is the software abnormal termination, and the event of the second kind is a change in the standard software execution vector, while additionally at least one software check is carried out with which the detected event of the first or second kind is associated with harmfulness; and sending the malware digital fingerprint to the analysis and update center.
EFFECT: ensuring counteraction to malicious software (malware) by imitating the testing environment.
9 cl, 5 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD | 2018 |
|
RU2697954C2 |
| METHOD OF MAINTAINING DATABASE AND CORRESPONDING SERVER | 2015 |
|
RU2698776C2 |
| METHOD OF PROTECTING COMPUTER SYSTEM FROM MALWARE | 2011 |
|
RU2566329C2 |
| SYSTEM AND METHOD FOR IMPROVING QUALITY OF DETECTING MALICIOUS OBJECTS USING RULES AND PRIORITIES | 2012 |
|
RU2514140C1 |
| METHOD FOR IDENTIFYING INFORMATION SECURITY THREATS (OPTIONS) | 2023 |
|
RU2802539C1 |
| METHOD OF DETECTING UNKNOWN PROGRAMS BY LOAD PROCESS EMULATION | 2011 |
|
RU2472215C1 |
| METHOD OF PROVIDING CONFIDENTIALITY OF INFORMATION | 2004 |
|
RU2274910C2 |
| EMULATOR AND METHOD FOR EMULATION | 2020 |
|
RU2757409C1 |
| METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS | 2020 |
|
RU2762528C1 |
| SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS FILES | 2017 |
|
RU2673407C1 |
