-
公开(公告)号:EP3252645A1
公开(公告)日:2017-12-06
申请号:EP16195897.0
申请日:2016-10-27
申请人: AO Kaspersky Lab
CPC分类号: H04L63/1458 , G06F21/51 , H04L2463/141 , H04L2463/142
摘要: Disclosed are systems and method for detecting a malicious computer system. An exemplary method comprises: collecting, via a processor, characteristics of a computer system; determining relations between collected characteristics of the computer system; determining a time dependency of at least one state of the computer system based on determined relations; determining the at least one state of the computer system based at least on determined time dependency; and analyzing the at least one state of the computer system in connection with selected patterns representing a legal or malicious computer system to determine a degree of harmfulness of the computer system.
摘要翻译: 公开了用于检测恶意计算机系统的系统和方法。 示例性方法包括:经由处理器收集计算机系统的特性; 确定所收集的计算机系统的特征之间的关系; 基于确定的关系确定计算机系统的至少一个状态的时间依赖性; 至少基于确定的时间依赖性来确定计算机系统的至少一个状态; 以及结合代表合法或恶意计算机系统的选定模式分析计算机系统的至少一个状态,以确定计算机系统的危害程度。
-
-
公开(公告)号:EP3462699A1
公开(公告)日:2019-04-03
申请号:EP18172180.4
申请日:2018-05-14
申请人: AO Kaspersky Lab
摘要: Disclosed are systems and methods for detection of malicious intermediate language files. In one example, the system comprises a database comprising hashes of known malicious files, a resource allocation module configured to select a set of resources from a file being analyzed, a hash calculation module, coupled to the resource allocation module, configured to calculate a perceptive hash of the set of resources; and an analysis module, coupled to the other modules, configured to identify a degree of similarly between the set of resources and a set of resources from known malicious files by comparing the perceptive hash with perceptive hashes of the set of resources from known malicious files, determine a harmfulness of the file being analyzed based on the degree of similarity and remove or quarantine the file being analyzed when the harmfulness exceeds a predetermined threshold.
-
4.发明授权
-
-
-
-
搜索结果
5 条记录 (耗时 0.008 秒)
