System and method for reducing load on an operating system when executing antivirus operations

Active Publication Date: 2015-06-02
AO KASPERSKY LAB
View PDF23 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0009]One aspect of the invention is directed to selectively performing malware analysis of objects residing in a computer system. An initial trust status is assigned to a first object, the trust status representing one of either a relatively higher trust level or a relatively lower trust level. Based on the trust status, the first object is associated with an event type to be monitored, where the event type is selected from among: essential events, occurrence of which is informative as to trust status evaluating for an object, and critical events, including the essential events, and additional events, occurrence of wh

Problems solved by technology

The above-described technologies, used jointly to detect malicious programs, have one substantial deficiency.
This deficiency is related to the fact that a malicious code (for example, due to a vulnerability of the program or of the operating system) can infiltrate the address space of a trusted process and continue to be executed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Example

[0016]While the invention is amenable to various modifications and alternative forms, specifics thereof have been shown by way of example in the drawings and will be described in detail. It should be understood, however, that the intention is not to limit the invention to the particular embodiments described. On the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention as defined by the appended claims.

DETAILED DESCRIPTION

I Glossary

[0017]The following Glossary sets forth definitions of terms used herein. This Glossary is applicable to only the present Application.

[0018]“Antivirus analysis,”“malware analysis,”“security-related analysis”—performance of a detailed evaluation as to possible maliciousness of an object. One or more of a variety of different techniques can be employed, including signature analysis (i.e., checking for the presence of known patterns in the object), heuristic techniques, emula...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An initial trust status is assigned to a first object, the trust status representing one of either a relatively higher trust level or a relatively lower trust level. Based on the trust status, the first object is associated with an event type to be monitored, where the event type is selected from among: essential events, occurrence of which is informative as to trust status evaluating for an object, and critical events, including the essential events, and additional events, occurrence of which is informative as to execution of suspicious code. Occurrences of events relating to the first object are monitored. In response to the first object being assigned the relatively higher trust level, only the essential events are monitored. In response to the first object being assigned the relatively lower trust level, the critical events are monitored. A need for performing malware analysis is determined based on the trust status of the first object and the event type. In response to determination of the need for performing the malware analysis, the malware analysis for the first object is either performed, or not.

Description

PRIOR APPLICATION[0001]This Application claims the benefit of Russian Federation Patent Application No. 2013153767, filed Dec. 5, 2013, the content of which is incorporated by reference herein.FIELD OF THE INVENTION[0002]The invention relates generally to information processing systems and security and, more particularly, to systems and methods for improving efficiency of anti-malware operations.BACKGROUND OF THE INVENTION[0003]Malicious software, commonly referred to as malware, describes any software designed for infiltration into a computer system in order to gain control over such a system and to perform unauthorized actions, such as theft of confidential information, for example. A wide variety of malware exists today, including network worms, trojan programs, rootkits, exploits and computer viruses. Therefore, many owners of computer devices (for example, personal computers) use various antivirus applications for protection, which allow to detect and remove malicious programs....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56H04L29/06G06F21/50G06F21/55
CPCH04L63/145H04L63/1408H04L63/1441G06F21/56G06F21/565G06F21/50H04L63/1425G06F21/564G06F21/566G06F21/554H04L63/14H04L63/1416
Inventor SOBKO, ANDREY V.YUDIN, MAXIM V.MEZHUEV, PAVEL N.GODUNOV, ILYA B.SHIROKY, MAXIM A.
Owner AO KASPERSKY LAB
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap