Show metadata Hide metadata

(19)

(11)

2 772 549

(13)

(51)

IPC

G06F21/55(2013-01-01)

G06F16/35(2019-01-01)

(21) (22)

Application

2021114238, 2019-12-10

(24)

Start date

2019-12-10

(22)

Actual filing date

2019-12-10

(45)

Published

2022-05-23

(72)

Inventor

Dichiu DanielNiculae StefanBosinceanu Elena A.Zamfir Sorina N.Dincu AndreeaApostoae Andrei A.

(73)

Holder

Bitdefender Ipr Management Ltd

SYSTEMS AND METHODS FOR DETECTING BEHAVIOURAL THREATS Russian patent published in 2022 - IPC G06F21/55 G06F16/35

Abstract RU 2772549 C1

FIELD: information security.

SUBSTANCE: invention relates to apparatus and methods for ensuring computer security. The technical result is achieved due to the fact that in the proposed method, the hardware processor of a computer system executes the following stages: assigning a training set of event categories to events; assigning client systems to multiple client clusters in accordance with the event categories; and transmitting the attribution indicator of the client cluster to the anomaly detector configured to determine whether the event corresponds to computer security or a threat; wherein assigning categories to events includes: selecting multiple events occurring in client systems from the training set, forming a sequence of events, and assigning a category to the selected event from the sequence of events in accordance with the preceding event and additionally, in accordance with the subsequent event; wherein attribution of client systems to client clusters includes assigning the client system to the selected client cluster in accordance with the event profile; wherein the anomaly detector is configured to determine whether the event indicates a computer security threat in accordance with the behaviour model trained on a subset of events specific to the client cluster.

EFFECT: increase in the reliability of the system for detecting computer threats.

17 cl, 20 dwg

Similar patents RU2772549C1

Title	Year	Author	Number
SYSTEMS AND METHODS FOR DETECTING BEHAVIOURAL THREATS	2019	Dichiu Daniel Niculae Stefan Bosinceanu Elena A. Zamfir Sorina N. Dincu Andreea Apostoae Andrei A.	RU2803399C2
SYSTEMS AND METHODS FOR DETECTING BEHAVIOURAL THREATS	2019	Dichiu Daniel Niculae Stefan Bosinceanu Elena A. Zamfir Sorina N. Dincu Andreea Apostoae Andrei A.	RU2778630C1
COMPUTER SYSTEM AND METHOD FOR DETECTING MALWARE USING MACHINE LEARNING	2021	Dichiu Daniel Dincu Andreea Botarleanu Robert-Mihail Zamfir Sorina N. Bosinceanu Elena A. Prejbeanu Razvan	RU2802860C1
SYSTEMS AND METHODS FOR REPORTING COMPUTER SECURITY INCIDENTS	2019	Warmenhoven Adrianus Hofstede Richard J.	RU2757597C1
SYSTEMS AND METHODS FOR USING DNS MESSAGES FOR SELECTIVE COLLECTION OF COMPUTER FORENSIC DATA	2020	Mircescu Daniel-Alexandru	RU2776349C1
SYSTEMS AND METHODS OF DEVICES AUTOMATIC DETECTION	2017	Cebere Bogdan-Constantin	RU2742824C2
USER INTERFACE FOR PROVIDING SECURITY AND REMOTE CONTROL OF NETWORK ENDPOINTS	2015	Chebere Bogdan-Konstantin Akim Joan-Aleksandru Padina Mirela-Lujza Miron Monika-Mariya Stan Kozmin-Klaudiu Albistyanu Katalina Berte Dan-Radu Dumitrake Bogdan-Teodor Mirchesku Danel-Aleksandru Novak Aleksandru	RU2697935C2
SYSTEMS AND METHODS FOR TRANSLATING NATURAL LANGUAGE SENTENCES INTO DATABASE QUERIES	2019	Traian Rebedea Elena Burceanu Florin Brad	RU2792579C2
SYSTEMS AND METHODS FOR AUTOMATIC DEVICE DETECTION, DEVICE CONTROL AND REMOTE ASSISTANCE	2015	Chebere Bogdan-Konstantin Mirchesku Danel-Aleksandru	RU2694022C2
CASCADE CLASSIFIER FOR THE COMPUTER SECURITY APPLICATIONS	2016	Gavrilut Dragos-Teodor Vatamanu Cristina Cosovan Doina Luchian Henri	RU2680738C1

RU 2 772 549 C1

Authors

Dichiu Daniel

Niculae Stefan

Bosinceanu Elena A.

Zamfir Sorina N.

Dincu Andreea

Apostoae Andrei A.

Dates

2022-05-23—Published

2019-12-10—Filed