Invention Grant
US08607349B1 System and method for detection of malware using behavior model scripts of security rating rules
有权
使用安全评级规则的行为模型脚本来检测恶意软件的系统和方法
- Patent Title: System and method for detection of malware using behavior model scripts of security rating rules
- Patent Title (中): 使用安全评级规则的行为模型脚本来检测恶意软件的系统和方法
-
Application No.: US13844080Application Date: 2013-03-15
-
Publication No.: US08607349B1Publication Date: 2013-12-10
- Inventor: Oleg V. Zaitsev
- Applicant: Kaspersky Lab ZAO
- Applicant Address: RU Moscow
- Assignee: Kaspersky Lab ZAO
- Current Assignee: Kaspersky Lab ZAO
- Current Assignee Address: RU Moscow
- Agency: Arent Fox LLP
- Agent Michael Fainberg
- Priority: RU2012156446 20121225
- Main IPC: G06F21/00
- IPC: G06F21/00
Abstract:
Disclosed are systems, methods and computer program products for detecting computer malware using security rating rules. In one example, the system identifies at least one problematic security rating rule that was activated during antivirus analysis of both safe and malicious programs. The system then selects a group of programs for which said problematic rule was activated. The system then identifies at least one different security rating rule, the activation or non-activation of which together with the activation of the problematic rule allows identifying in the group of programs a plurality of only malicious programs or a plurality of only safe programs. The system then generates a behavior model script that adjusts a security rating assigned by the problematic security rating rule to an analyzed program when one or more of the problematic security rating rule and the at least one different security rating rule are activated.
Information query
