FIELD: information security.
SUBSTANCE: method for detecting IS threats includes the following steps: on a machine-readable medium of a computer, data corresponding to at least one remote file is searched; using the analysis conditions, checking the possibility of analyzing the found data; when the analysis conditions are met, at least a portion of the data corresponding to the remote file is read into the computer's RAM; analyze the read data for the presence of information about IS threats; upon detection of information about IS threats, a notification is generated about the detected IS threat.
EFFECT: increasing the level of detection of information security threats (IS), traces of computer infection with malware, to improve the quality of detection of malware and computer attacks.
38 cl, 4 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS | 2020 |
|
RU2763115C1 |
| METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS | 2020 |
|
RU2762528C1 |
| SYSTEM AND METHOD FOR IDENTIFYING MALICIOUS FILES | 2017 |
|
RU2673407C1 |
| SYSTEM AND METHOD OF CREATING ANTIVIRUS RECORD | 2018 |
|
RU2697954C2 |
| METHOD FOR FILTERING EVENTS FOR TRANSMISSION TO REMOTE DEVICE | 2022 |
|
RU2813239C1 |
| SYSTEM AND METHOD OF DETECTING THE SIGNS OF COMPUTER ATTACKS | 2017 |
|
RU2661533C1 |
| SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT | 2019 |
|
RU2739864C1 |
| METHOD AND SYSTEM FOR GENERATING THE LIST OF COMPROMISE INDICATORS | 2020 |
|
RU2743619C1 |
| METHOD OF DETECTING SUSPICIOUS ACTIVITY ASSOCIATED WITH USING COMMAND LINE INTERPRETER | 2023 |
|
RU2817556C1 |
| SYSTEM AND METHOD FOR CHECKING WEB RESOURCES FOR PRESENCE OF MALICIOUS COMPONENTS | 2010 |
|
RU2446459C1 |
