System and method of detecting malicious files based on file fragments

A malicious file and file technology, applied in transmission systems, electrical components, instruments, etc., can solve problems such as hindering malware analysis, and achieve the effect of improving computer security and realizing information security.

Pending Publication Date: 2021-01-19
AO KASPERSKY LAB
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In fact, these techniques hinder the analysis of such malware

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method of detecting malicious files based on file fragments
  • System and method of detecting malicious files based on file fragments
  • System and method of detecting malicious files based on file fragments

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] Exemplary aspects are described herein in the context of systems, methods, and computer programs for detecting malicious files based on file fragments. Those of ordinary skill in the art will appreciate that the following description is illustrative only and is not intended to be limiting in any way. Other aspects will readily suggest themselves to those skilled in the art with the benefit of the invention. Reference will now be made in detail to implementations of the exemplary aspects as illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings and the following description to refer to the same or like items.

[0022] In order to clearly present the teachings of the invention, a number of terms and concepts are defined herein as used to describe various aspects of the invention.

[0023] A malicious application is an application capable of causing damage to a computing system or to the data of a user...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Disclosed herein are systems and methods for detecting malicious files based on file fragments. In one example, an exemplary method comprises, extracting data fragments from a file, for each extracteddata fragment, determining a category selected from a list of categories that includes at least: trusted, malicious, and untrusted, when a number of data fragments categorized as being malicious is below a predetermined threshold, avoiding categorization of the file as malicious, and when a number of data fragments categorized as being malicious reaches or exceeds the predetermined threshold, determining whether at least one malicious file detection rule having criteria for detecting a malicious file is found, when at least one malicious file detection rule whose criteria is met is found, categorizing the file as a malicious file, and when no malicious file detection rule whose criteria is met is found, avoiding categorization of the file as a malicious file.

Description

technical field [0001] The invention relates to the field of information protection, more specifically to a system and method for detecting malicious files based on file fragments. Background technique [0002] A large number of malicious files appear every day, spurring the development of antivirus technology. Antivirus programs are using increasingly sophisticated techniques to adequately protect computing devices. At the same time, however, cybercriminals are developing new ways to create malware, especially executable files. Cybercriminals are seeking newer and more sophisticated techniques to hide the presence of malware on computing devices. In fact, these techniques hinder the analysis of such malware. [0003] When developing antivirus software to detect targeted attacks (sometimes called Advanced Persistent Threat (APT)), pay special attention to the use of the above techniques. Targeted malware (especially obfuscated files) is difficult to analyze and combat us...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/562H04L63/14G06F21/564
Inventor 科斯汀·拉尤
Owner AO KASPERSKY LAB
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap