公开(公告)号：US10482272B2

公开(公告)日：2019-11-19

申请号：US16248862

申请日：2019-01-16

申请人： AO Kaspersky Lab

发明人： Konstantin M. Filatov ,  Alexey P. Komissarov ,  Victor V. Yablokov ,  Olga O. Inozemtseva

IPC分类号： G06F21/00 ,  G06F21/62 ,  G06F21/31 ,  G06F21/51 ,  G06F21/57

摘要： Disclosed are systems and methods for receiving user input using a data entry mechanism activated for an application. An example method comprises detecting, by a hardware processor, an activity state of the application during an execution of the application on a user device, determining security requirements associated with the activity state, wherein the security requirements comprise properties for the data entry mechanism, selecting a data entry mechanism corresponding to the determined security requirements associated with the activity state, activating the selected data entry mechanism for receiving user input for the application, wherein the selected data entry mechanism is governed according to the properties of the security requirements associated with the activity state, receiving the user input in accordance with the activated data entry mechanism, and displaying a modified version of the user input according to the properties of the security requirements.

公开(公告)号：US20160242037A1

公开(公告)日：2016-08-18

申请号：US15139798

申请日：2016-04-27

申请人： AO Kaspersky Lab

发明人： Konstantin M. Filatov ,  Evgeny Y. Eliseev ,  Victor V. Yablokov

IPC分类号： H04W12/08 ,  H04L29/08 ,  H04W12/02

CPC分类号： H04W12/08 ,  H04L63/306 ,  H04L67/02 ,  H04W12/02

摘要： Disclosed are systems and methods for selecting means for intercepting network transmissions. An exemplary method includes determining one or more rules associated with transmission of data by a device; determining one or more network transmission intercepting means that satisfy the one or more determined rules; selecting a network transmission intercepting means based on the determined one or more network transmission intercepting means; and causing transmissions by the device to be processed by the selected network transmission intercepting means.

摘要翻译： 公开了用于选择用于拦截网络传输的装置的系统和方法。 一种示例性方法包括确定与设备的数据传输相关联的一个或多个规则; 确定满足所述一个或多个确定的规则的一个或多个网络传输拦截装置; 基于所确定的一个或多个网络传输拦截装置来选择网络传输拦截装置; 并且使所述设备进行的传输由所选择的网络传输拦截装置进行处理。

公开(公告)号：US20230344797A1

公开(公告)日：2023-10-26

申请号：US17951357

申请日：2022-09-23

申请人： AO Kaspersky Lab

发明人： Konstantin M. Filatov ,  Victor V. Yablokov

IPC分类号： H04L9/40 ,  G06F8/65

CPC分类号： H04L63/0236 ,  H04L63/1441 ,  H04L63/1416 ,  G06F8/65 ,  H04L63/1425 ,  G16Y30/10

摘要： A method for securing a plurality of IoT devices using a gateway includes intercepting, by a gateway, information about interactions between a first IoT device and at least one of: a second IoT device, a computer server, and a computer service. One or more cyber security threats are detected by the gateway based on the intercepted information and based on information stored in at least one of a first database and a second database. The first database is configured to store information about IoT devices and the second database is configured to store information about cyber security threats. One or more cyber security threat mitigation actions are identified by the gateway to address the detected one or more cyber security threats. The identified one or more cyber security threat mitigation actions are performed by the gateway.

公开(公告)号：US11709938B2

公开(公告)日：2023-07-25

申请号：US17680605

申请日：2022-02-25

申请人： AO Kaspersky Lab

发明人： Vladimir A. Kuskov ,  Nikita A. Buchka ,  Anton A. Kivva ,  Oleg P. Volkov ,  Dmitry Y. Lukasevich ,  Evgeny A. Roginsky ,  Konstantin M. Filatov ,  Dmitry V. Latokhin

IPC分类号： G06F21/00 ,  G06F21/56 ,  H04W12/128

CPC分类号： G06F21/567 ,  G06F21/568 ,  H04W12/128 ,  G06F2221/033

摘要： Disclosed herein are systems and methods for categorizing an application on a computing device including gathering a set of attributes of an application. The set of attributes of the application includes at least one of: a number of files in an application package of the application; a number of executable files in the application package; numbers and types of permissions being requested; a number of classes in the executable files in the application package; and a number of methods in the executable files in the application package. sending the gathered set of attributes to a trained classification model. The application is classified, using the classification model, based on the gathered set of attributes by generating one or more probabilities of the application belonging to respective one or more categories of applications. A category of the application is determined based on the generated one or more probabilities.

公开(公告)号：US20220179957A1

公开(公告)日：2022-06-09

申请号：US17680605

申请日：2022-02-25

申请人： AO Kaspersky Lab

发明人： Vladimir A. Kuskov ,  Nikita A. Buchka ,  Anton A. Kivva ,  Oleg P. Volkov ,  Dmitry Y. Lukasevich ,  Evgeny A. Roginsky ,  Konstantin M. Filatov ,  Dmitry V. Latokhin

IPC分类号： G06F21/56 ,  H04W12/128

摘要： Disclosed herein are systems and methods for categorizing an application on a computing device including gathering a set of attributes of an application. The set of attributes of the application includes at least one of: a number of files in an application package of the application; a number of executable files in the application package; numbers and types of permissions being requested; a number of classes in the executable files in the application package; and a number of methods in the executable files in the application package. sending the gathered set of attributes to a trained classification model. The application is classified, using the classification model, based on the gathered set of attributes by generating one or more probabilities of the application belonging to respective one or more categories of applications. A category of the application is determined based on the generated one or more probabilities.

公开(公告)号：US10373135B2

公开(公告)日：2019-08-06

申请号：US15438106

申请日：2017-02-21

申请人： AO Kaspersky Lab

发明人： Eldar M. Kononov ,  Anton S. Lapushkin ,  Dmitry Y. Lukasevich ,  Konstantin M. Filatov

IPC分类号： G06Q20/10 ,  G06Q20/40

摘要： A method and system is provided for performing secure online banking transactions. An example method includes: collecting data related to at least one transaction of the online banking operation requested by a user device; creating a plurality of verification scripts based at least on the collected data, wherein each verification script comprising at least one rule requiring collection of one or more types of identification data associated with the transaction, and wherein different verification scripts comprises different rules for collecting different types of identification data associated with the transaction of the banking operation; executing the plurality of verification scripts to collect the required identification data; determining a level of security of performing the banking operation based at least on the identification data collected by the plurality of verification scripts; and determining whether to perform or not to perform the requested banking operation based on the determined level of security.

公开(公告)号：US20190147176A1

公开(公告)日：2019-05-16

申请号：US16248862

申请日：2019-01-16

申请人： AO Kaspersky Lab

发明人： Konstantin M. Filatov ,  Alexey P. Komissarov ,  Victor V. Yablokov ,  Olga O. Inozemtseva

IPC分类号： G06F21/62 ,  G06F21/57 ,  G06F21/31 ,  G06F21/51

CPC分类号： G06F21/62 ,  G06F21/31 ,  G06F21/51 ,  G06F21/57 ,  G06F2221/031

摘要： Disclosed are systems and methods for receiving user input using a data entry mechanism activated for an application. An example method comprises detecting, by a hardware processor, an activity state of the application during an execution of the application on a user device, determining security requirements associated with the activity state, wherein the security requirements comprise properties for the data entry mechanism, selecting a data entry mechanism corresponding to the determined security requirements associated with the activity state, activating the selected data entry mechanism for receiving user input for the application, wherein the selected data entry mechanism is governed according to the properties of the security requirements associated with the activity state, receiving the user input in accordance with the activated data entry mechanism, and displaying a modified version of the user input according to the properties of the security requirements.

公开(公告)号：US20180225468A1

公开(公告)日：2018-08-09

申请号：US15940340

申请日：2018-03-29

申请人： AO Kaspersky Lab

发明人： Konstantin M. Filatov ,  Alexey P. Komissarov ,  Victor V. Yablokov ,  Olga O. Inozemtseva

IPC分类号： G06F21/62 ,  G06F21/51 ,  G06F21/57

CPC分类号： G06F21/62 ,  G06F21/31 ,  G06F21/51 ,  G06F21/57 ,  G06F2221/031

摘要： Disclosed are systems and methods for selecting a data entry mechanism during application creation. An example method comprises: determining a plurality of activity states of an application during creation of the application, determining whether a data entry mechanism of the application is dependent on an activity state, determining security requirements corresponding to each of the plurality of activity states, selecting a data entry mechanism for each of the determined security requirements and activating a corresponding data entry mechanism during activation of each corresponding activity of the plurality of activity states.

公开(公告)号：US20240362320A1

公开(公告)日：2024-10-31

申请号：US18640467

申请日：2024-04-19

申请人： AO Kaspersky Lab

发明人： Victor V. Yablokov ,  Konstantin M. Filatov

IPC分类号： G06F21/53 ,  G06F21/31

CPC分类号： G06F21/53 ,  G06F21/31 ,  G06F2221/033

摘要： Disclosed herein are systems and methods for enhancing the security of isolated execution environments of an authorized user. In one aspect, an exemplary method comprises: identifying at least one computer system on which a user is authorized, forming an isolated execution environment for execution of a security application, detecting at least two isolated execution environments using an isolated execution environment of the installed security application on the identified computer system, and forming a secure integration of the identified isolated execution environments using integration rules. In one aspect, the forming of the secured integration is performed by: creating an integration of the identified isolated execution environments, and checking for presence of a data access transit in the created integration. In one aspect, when the data access transit is identified, the method further comprises applying restrictions based on identified options for the identified data access transit using integration rules.

公开(公告)号：US11295016B2

公开(公告)日：2022-04-05

申请号：US16654434

申请日：2019-10-16

申请人： AO Kaspersky Lab

发明人： Vladimir A. Kuskov ,  Nikita A. Buchka ,  Anton A. Kivva ,  Oleg P. Volkov ,  Dmitry Y. Lukasevich ,  Evgeny A. Roginsky ,  Konstantin M. Filatov ,  Dmitry V. Latokhin

IPC分类号： G06F21/00 ,  G06F21/56 ,  H04W12/128

摘要： Disclosed herein are systems and methods for categorizing an application on a computing device. In one aspect, an exemplary method comprises, obtaining results of a classification of an application from a security server, when the results of the classification satisfy rules of relevance, designating the results of the classification as relevant and determining a category of the application based on the designation of the results as relevant, and when the results of the classification do not satisfy the rules of relevance, performing at least one of: terminating the categorization of the application, and updating the classification of the application based on a set of attributes of the application.