SYSTEM AND METHOD FOR BLOCKING MALICIOUS ACTIVITY OF LEGITIMATE DRIVERS Russian patent published in 2025 - IPC G06F21/56 

Abstract RU 2840426 C1

FIELD: information technology.

SUBSTANCE: invention relates to information technology, and more specifically to systems and methods for blocking malicious activity of legitimate drivers. Technical result is achieved using the proposed solution designed to block malicious activity of legitimate drivers. According to version of implementation, method of blocking malicious activity of legitimate drivers in operating system (hereinafter referred to as OS) is used, made with possibility of implementation of steps, according to which: collecting information on protected objects and information on drivers loaded in OS; detecting at least one legitimate driver loaded into the OS by means of information on drivers loaded in the OS and rules for detecting malicious activity from the rules database; using at least one of the following types of interception of calls of detected legitimate drivers: interception of IAT; interception of IOCTL; intercepted calls of detected legitimate drivers directed to protected objects are blocked based on collected information on protected objects and rules for detecting malicious activity.

EFFECT: higher security of the operating system.

18 cl, 6 dwg

Similar patents RU2840426C1

Title Year Author Number
SYSTEM AND METHOD OF PROTECTING COMPUTER APPLICATIONS 2011
  • Rusakov Vjacheslav Evgen'Evich
  • Shirjaev Aleksandr Vasil'Evich
RU2460133C1
METHOD OF INVOKING SYSTEM FUNCTIONS IN CONDITIONS OF USE OF AGENTS FOR PROTECTING OPERATING SYSTEM KERNEL 2014
  • Yudin Maksim Vitalevich
  • Tarasenko Aleksandr Sergeevich
  • Levchenko Vyacheslav Ivanovich
  • Kumagin Igor Yurevich
RU2585978C2
METHOD OF CREATING A SYSTEM CALL HANDLER 2014
  • Yudin Maksim Vitalevich
  • Tarasenko Aleksandr Sergeevich
  • Levchenko Vyacheslav Ivanovich
  • Kumagin Igor Yurevich
RU2596577C2
SYSTEM AND DETECTING METHOD OF REMOTE ADMINISTRATION APPLICATION 2016
  • Golovkin Maksim Yurevich
  • Romanenko Aleksej Mikhajlovich
  • Monastyrskij Aleksej Vladimirovich
RU2634173C1
SYSTEM AND METHOD FOR DETECTING MALWARE BY INTERCEPTING ACCESS TO INFORMATION DISPLAYED TO USER 2016
  • Kalinin Aleksandr Valentinovich
  • Polozov Pavel Leonidovich
  • Levchenko Vyacheslav Ivanovich
  • Yudin Maksim Vitalevich
RU2634176C1
SYSTEM AND METHOD FOR BLOCKING ACCESS TO PROTECTED APPLICATIONS 2016
  • Kalinin Aleksandr Valentinovich
  • Polozov Pavel Leonidovich
  • Levchenko Vyacheslav Ivanovich
  • Yudin Maksim Vitalevich
RU2634168C1
METHOD OF CREATING ANTIVIRUS RECORD WHEN DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY 2015
  • Pavlyushshik Mikhail Aleksandrovich
  • Monastyrskij Aleksej Vladimirovich
  • Nazarov Denis Aleksandrovich
RU2592383C1
METHOD OF DETECTING MALICIOUS CODE IN RANDOM-ACCESS MEMORY 2015
  • Pavlyushshik Mikhail Aleksandrovich
  • Monastyrskij Aleksej Vladimirovich
  • Nazarov Denis Aleksandrovich
RU2589862C1
SYSTEM AND METHOD OF DETECTING MALICIOUS CODE IN FILE 2016
  • Golovkin Maksim Yurevich
  • Monastyrskij Aleksej Vladimirovich
  • Pintijskij Vladislav Valerevich
  • Pavlyushchik Mikhail Aleksandrovich
  • Butuzov Vitalij Vladimirovich
  • Karasovskij Dmitrij Valerievich
RU2637997C1
METHOD OF ACCESSING PROCEDURES OF LOADING DRIVER 2014
  • Rusakov Vyacheslav Evgenevich
  • Kirzhemanov Andrej Leonidovich
  • Parshin Yurij Gennadevich
RU2586576C1

RU 2 840 426 C1

Authors

Kirzhemanov Andrei Leonidovich

Parshin Iurii Gennadevich

Spravtsev Iurii Vladimirovich

Dates

2025-05-23Published

2024-10-24Filed