发明名称 |
Asynchronous processing of events for malware detection |
摘要 |
A system, method and computer program product for malware detection based on the behavior of applications running on a computer system, including: asynchronous processing of system events for malware threat analysis using application filters; analyzing events using heuristic and signature data; analyzing applications behavior and detecting abnormal behavior of "clean" applications; automatically classifying applications (i.e., detecting new versions) based on behavior analysis; automatically analyzing the reliability of web sites based on behavior triggered by the web site accesses; in enterprise networks, detecting abnormalities in configuration of user computer systems; recognizing a user by his behavior profile and using the profile for an automatic configuration of user applications. |
申请公布号 |
US8566943(B2) |
申请公布日期 |
2013.10.22 |
申请号 |
US20090618521 |
申请日期 |
2009.11.13 |
申请人 |
MARTYNENKO VLADISLAV V.;SOBKO ANDREY V.;KASPERSKY LAB, ZAO |
发明人 |
MARTYNENKO VLADISLAV V.;SOBKO ANDREY V. |
分类号 |
G06F11/00;G06F12/14;G06F13/00;G06F17/30;G08B23/00;G11C7/00 |
主分类号 |
G06F11/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|