FIELD: information protection.
SUBSTANCE: invention relates to the field of information protection, namely, to methods for searching for samples of malicious messages. The technical result of the invention that is described below is realized due to the method of replenishing the message database, implemented using a general-purpose computer system, according to which: an application is selected from the application database for its execution; the selected application is executed using the execution environment, while during the execution of the application, a log of network activity is generated; electronic messages related to the executable application are extracted from the network activity log, in particular, using methods for detecting electronic messages and other text messages from binary data, which are data from the generated network activity log; the message database is replenished by adding the electronic messages selected at the earlier stage.
EFFECT: invention is aimed at improving the detection of spam mailings or malware.
7 cl, 3 dwg
Title | Year | Author | Number |
---|---|---|---|
METHOD OF CREATING ANTIVIRUS RECORD WHEN DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY | 2015 |
|
RU2592383C1 |
METHOD OF DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY | 2015 |
|
RU2589862C1 |
SYSTEM AND METHOD FOR TWO-STAGE CLASSIFICATION OF FILES | 2018 |
|
RU2708356C1 |
METHOD OF CONTROLLING APPLICATIONS | 2015 |
|
RU2587424C1 |
SYSTEM AND METHOD FOR CATEGORIZATION OF .NET APPLICATIONS | 2018 |
|
RU2756186C2 |
METHOD FOR AUTOMATIC ADJUSTMENT OF SECURITY MEANS | 2012 |
|
RU2514137C1 |
SYSTEM AND METHOD FOR DETERMINING THE FILE TRUST LEVEL | 2019 |
|
RU2750628C2 |
METHOD FOR DETECTING MALICIOUS FILES BASED ON FILE FRAGMENTS | 2019 |
|
RU2747464C2 |
SYSTEM AND METHOD OF REDUCING LOAD ON OPERATING SYSTEM WHEN EXECUTING ANTIVIRUS APPLICATION | 2013 |
|
RU2571723C2 |
SYSTEM AND METHOD OF OPENING FILES CREATED BY VULNERABLE APPLICATIONS | 2015 |
|
RU2606883C2 |
Authors
Dates
2021-06-30—Published
2019-06-28—Filed