METHOD OF DETECTING MALICIOUS FILES RESISTING ANALYSIS IN AN ISOLATED ENVIRONMENT

METHOD OF DETECTING MALICIOUS FILES RESISTING ANALYSIS IN AN ISOLATED ENVIRONMENT

Disclosed are systems and methods for recognizing files as malicious. One exemplary method comprises intercepting a file for analysis received at a computing device of a user, opening the file for analysis in an environment for safe execution, generating a log that stores a portion of information oc...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Kobychev, Denis Y, Shulmin, Alexey S, Karasovsky, Dmitry V
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Disclosed are systems and methods for recognizing files as malicious. One exemplary method comprises intercepting a file for analysis received at a computing device of a user, opening the file for analysis in an environment for safe execution, generating a log that stores a portion of information occurring during opening of the file for analysis in the environment for safe execution, analyzing the log to recognize a first set of security related events from the portion of information, tracking a second set of security related events when the file for analysis is opened on the computing device, comparing the second set of security related events and the first set of security related events to identify a discrepancy; and in response to identifying the discrepancy, recognizing the file under analysis as malicious.