METHOD AND SYSTEM FOR STATIC ANALYSIS OF EXECUTABLE FILES BASED ON PREDICTIVE MODELS Russian patent published in 2021 - IPC G06F21/56 

FIELD: computing technology.

SUBSTANCE: disclosed is a computer-implemented method for static analysis of executable files based on predictive, containing: a preparatory stage of: forming a sample of files containing at least one malicious executable file and at least one clean executable file; analysing each received file of the formed sample, wherein the data is extracted, and also converting and enriching said files; determining the features characteristic of clean files or, vice versa, of malicious files by constructing predictive models for each type of converted data; combining the resulting characteristic features for each type of data into feature vectors, wherein at least one classifier is trained based on said vectors; combining the classifiers into a classifier ensemble, wherein the priority is determined for each classifier in the classifier ensemble; a working stage of: obtaining at least one executable file for analysis; analysing the obtained file, wherein data is extracted therefrom and conversion thereof is executed; forming at least one vector based on the extracted data distributed by data types; launching the classifier ensemble trained at the preparatory stage and outputting the result of the analysis.

EFFECT: increase in the efficiency of static analysis of executable files based on predictive models.

13 cl, 5 dwg, 5 tbl