摘要 |
Disclosed are systems and method for generating a set of antivirus records to be used for detection of malicious files on a user's devices. An exemplary method includes maintaining, by a server, a database of malicious files; generating, by the server, at least one antivirus record for each malicious file; calculating an effectiveness of each antivirus record by determining how many different malicious files were detected using each antivirus record; generating a set of most effective antivirus records; and transmitting, by the server, the set of most effective antivirus records to a client device. |
主权项 |
1. A method for generating a set of antivirus records, the method comprising:
maintaining, by a server, a database of malicious files; generating, by the server, at least one antivirus record for each malicious file; calculating, by the server, an effectiveness of each antivirus record by determining how many different malicious files were detected using each antivirus record; generating, by the server, a set of the most effective antivirus records, comprising:
selecting for each known malicious file the most effective antivirus record used in detection of said malicious file, wherein an antivirus record used to detect more malicious files is more effective than an antivirus record used to detect fewer malicious files;determining whether the selected antivirus record is already in the set; andif the selected antivirus record is not in the set, adding said record to the set; and transmitting, by the server, the set of most effective antivirus records to a client device. |