Show metadata Hide metadata

(19)

(11)

2 763 115

(13)

(51)

IPC

G06F21/55(2013-01-01)

G06N20/00(2019-01-01)

(21) (22)

Application

2020120441, 2020-06-19

(24)

Start date

2020-06-19

(22)

Actual filing date

2020-06-19

(45)

Published

2021-12-27

(72)

Inventor

Filonov Pavel VladimirovichSoldatov Sergej VladimirovichUdimov Daniil Alekseevich

(73)

Holder

Aktsionernoe Obshchestvo Kasperskogo"

METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS Russian patent published in 2021 - IPC G06F21/55 G06N20/00

Abstract RU 2763115 C1

FIELD: computing technology.

SUBSTANCE: server-implemented method for adjusting the parameters of a machine learning model in order to identify false triggering and information security incidents (hereinafter incidents), wherein verdicts are changed for a certain part of information security events (hereinafter the first set of events) with a "false triggering" verdict to "incident" verdicts, wherein verdicts for events are determined using a machine learning model for determining false triggering and/or incidents, wherein the first set of events is selected, in particular, randomly among events with a "false triggering" verdict, wherein such an amount of events of the first set is selected that does not exceed the second threshold, which is a parameter of the machine learning model; at least part of the events of the first set of events are sent for analysis to the analytical center; using the analysis results containing the verdicts issued to the events sent for analysis, the parameters of the machine learning model are adjusted to determine false triggering and/or incidents.

EFFECT: reduction in the amount of false triggering.

19 cl, 7 dwg

Similar patents RU2763115C1

Title	Year	Author	Number
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS	2020	Filonov Pavel Vladimirovich Soldatov Sergej Vladimirovich Udimov Daniil Alekseevich	RU2762528C1
SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS	2017	Gordejchik Sergej Vladimirovich Sapronov Konstantin Vladimirovich Parshin Yurij Gennadevich Kheirkhabarov Tejmur Samedovich Soldatov Sergej Vladimirovich	RU2661533C1
SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT	2019	Lyukshin Ivan Stanislavovich Kiryukhin Andrej Aleksandrovich Lukiyan Dmitrij Sergeevich Filonov Pavel Vladimirovich	RU2739864C1
METHOD FOR FILTERING EVENTS FOR TRANSMISSION TO REMOTE DEVICE	2022	Pintiiskii Vladislav Valerevich Tarakanov Dmitrii Vladimirovich Shulmin Aleksei Sergeevich Ovcharik Vladislav Ivanovich Kuskov Vladimir Anatolevich	RU2813239C1
SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD	2018	Gordejchik Sergej Vladimirovich Soldatov Sergej Vladimirovich Sapronov Konstantin Vladimirovich	RU2697954C2
SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS FILES	2017	Gordejchik Sergej Vladimirovich Soldatov Sergej Vladimirovich Sapronov Konstantin Vladimirovich	RU2673407C1
METHOD FOR IDENTIFYING INFORMATION SECURITY THREATS (OPTIONS)	2023	Sergeev Viktor Gennadevich Skablonskii Andrei Vadimovich Vorontsov Dmitrii Viktorovich Spravtsev Iurii Vladimirovich	RU2802539C1
SYSTEM AND METHOD FOR DETERMINING THE LEVEL OF DANGER OF INFORMATION SECURITY EVENTS	2022	Zaitsev Oleg Vladimirovich	RU2800739C1
SYSTEM AND METHOD FOR DETERMINING PROCESS ASSOCIATED WITH MALWARE ENCRYPTING COMPUTER SYSTEM FILES	2020	Lopatin Evgenij Igorevich Kondratev Dmitrij Andreevich	RU2770570C2
SYSTEM AND METHOD OF DETECTING DIRECTED ATTACK ON CORPORATE INFRASTRUCTURE	2013	Polyakov Aleksej Aleksandrovich Sapronov Konstantin Vladimirovich	RU2587426C2

RU 2 763 115 C1

Authors

Filonov Pavel Vladimirovich

Soldatov Sergej Vladimirovich

Udimov Daniil Alekseevich

Dates

2021-12-27—Published

2020-06-19—Filed