SYSTEM AND METHOD FOR DETECTION OF A MALICIOUS FILE

SYSTEM AND METHOD FOR DETECTION OF A MALICIOUS FILE

Disclosed herein are methods and systems for detecting malicious files. An exemplary method comprises: forming a feature vector based on behavioral data of execution of a file, calculating parameters based on the feature vector using a trained model for calculation of parameters, wherein the paramet...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ROMANENKO, Alexey M, SHEVELEV, Alexander S, CHISTYAKOV, Alexander S
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Disclosed herein are methods and systems for detecting malicious files. An exemplary method comprises: forming a feature vector based on behavioral data of execution of a file, calculating parameters based on the feature vector using a trained model for calculation of parameters, wherein the parameters comprise: i) a degree of maliciousness that is a probability that the file may be malicious, and ii) a limit degree of safety that is a probability that the file will definitely prove to be malicious, wherein an aggregate of consecutively calculated degrees is described by a predetermined time law, deciding that the file is malicious when the degree of maliciousness and the limit degree of safety satisfy a predetermined criterion, wherein that criterion is a rule for the classification of the file according to an established correlation between the degree of maliciousness and the limit degree of safety.