| KASPERSKY LAB, ZAO Patent applications |
| Patent application number | Title | Published |
|---|
| 20120023579 | PROTECTION AGAINST MALWARE ON WEB RESOURCES - A method and system for identification of malware threats on web resources. The system employs a scheduled antivirus (AV) scanning of web resources. The scheduled scanning of web resources allows to create malware check lists and to configure access to web resources. Frequency and depth of inspection (i.e., scan) are determined for each web resource. The user identifiers are used for scheduled AV scanning of web resources. The system allows for scanning a web resource based on selected configurations without using additional client applications. | 01-26-2012 |
| 20110219049 | SYSTEM FOR PERMANENT FILE DELETION - A system for permanent data deletion is provided. The file deletion system consists of a permanent deletion unit, an analysis module, a database of rules for forming deletion algorithm and an algorithm forming unit. A file to be deleted is passed into the system and the system permanently deletes the file. The system dynamically forms the deletion algorithm based on algorithm forming rules. The rules are selected from the database according to file parameters and user criteria. The file parameters are determined by the analysis module. A user has an access to algorithm forming rules and can edit the rules. Algorithm forming rules can be based on an arbitrary number of complex conditions. | 09-08-2011 |
| 20110126286 | SILENT-MODE SIGNATURE TESTING IN ANTI-MALWARE PROCESSING - Method and computer program product for signature testing used in anti-malware processing. Silent signatures, after being tested, are not updated into a white list and are sent directly to users instead. If the silent signature coincides with malware signature, a user is not informed. A checksum (e.g., hash value) of a suspected file is sent to a server, where statistics are kept and analyzed. Based on collected false positive statistics of the silent-signature, the silent-signature is either valid or invalid. Use of the silent signatures provides for effective signature testing and reduces response time to new malware-related threats. The silent signature method is used for turning off a signature upon first false positive occurrence. Use of silent signatures allows improving heuristic algorithms for detection of unknown malware. | 05-26-2011 |
| 20110083180 | METHOD AND SYSTEM FOR DETECTION OF PREVIOUSLY UNKNOWN MALWARE - A system, method and computer program product for detection of the previously unknown malware, the method comprising: (a) receiving event information and file metadata from a remote computer; (b) identifying whether the event information or the file metadata are indicative of the already known malware presence, indicative of the unknown malware presence, or indicative of malware absence; (c) if the event information or the file metadata are indicative of the known malware or indicative of malware absence, filtering out the event information and the file metadata; (d) performing a risk analysis and risk assessment for the remaining event information and the remaining file metadata to determine if the event and the file metadata are indicative of the previously unknown malware presence; and (e) where performing a risk analysis and risk assessment includes a “parent-child” hierarchy of the files, and the risk assessed to the parent is based on the risk associated with the child. | 04-07-2011 |
| 20110083176 | ASYNCHRONOUS PROCESSING OF EVENTS FOR MALWARE DETECTION - A system, method and computer program product for malware detection based on the behavior of applications running on a computer system, including: asynchronous processing of system events for malware threat analyses using application filters; analyzing events using heuristic and signature data; analyzing applications behavior and detecting abnormal behavior of “clean” applications; automatically classifying applications (i.e., detecting new versions) based on behavior analysis; automatically analyzing the reliability of web sites based on behavior triggered by the web site accesses; in enterprise networks, detecting abnormalities in configuration of user computer systems; recognizing a user by his behavior profile and using the profile for an automatic configuration of user applications. | 04-07-2011 |
| 20100281468 | METHOD AND SYSTEM FOR MONITORING EXECUTION PERFORMANCE OF SOFTWARE PROGRAM PRODUCT - A method, computer program product and system for monitoring execution behavior of a program product in a data processing system include development of a trace tool having trace strings written in a human language and provided with data fields for diagnostic information relevant to executable portions of the program product. Identifiers of the trace tool, trace strings, and data fields and components of the diagnostic information are encoded using a coded binary language. After monitoring execution of the program product, a trace report of the trace tool is translated for an intended recipient from the coded binary language into the human language, whereas an unauthorized access to the contents of the trace record is restricted. The encoding or decoding operations are performed using databases containing the respective identifiers and components of the diagnostic information in the coded binary language and the human language. | 11-04-2010 |
| 20100008579 | SYSTEM AND METHOD FOR IDENTIFYING TEXT-BASED SPAM IN RASTERIZED IMAGES - A system, method and computer program product for identifying spam in an image, including (a) identifying a plurality of contours in the image, the contours corresponding to probable symbols; (b) ignoring contours that are too small or too large; (c) identifying text lines in the image, based on the remaining contours; (d) parsing the text lines into words; (e) ignoring words that are too short or too long from the identified text lines; (f) ignoring text lines that are too short; (g) verifying that the image contains text by comparing a number of pixels of a symbol color within remaining contours to a total number of pixels of the symbol color in the image, and that there is at least one text line after filtration; and (h) if the image contains text, rendering a spam/no spam verdict based on a contour representation of the text that which appears after step (f). | 01-14-2010 |
| 20100008569 | SYSTEM AND METHOD FOR IDENTIFYING TEXT-BASED SPAM IN RASTERIZED IMAGES - A system, method and computer program product for identifying spam in an image, including (a) identifying a plurality of contours in the image, the contours corresponding to probable symbols; (b) ignoring contours that are too small or too large; (c) identifying text lines in the image, based on the remaining contours; (d) parsing the text lines into words; (e) ignoring words that are too short or too long from the identified text lines; (f) ignoring text lines that are too short; (g) verifying that the image contains text by comparing a number of pixels of a symbol color within remaining contours to a total number of pixels of the symbol color in the image, and that there is at least one text line after filtration; and (h) if the image contains text, rendering a spam/no spam verdict based on a contour representation of the text that which appears after step (f). | 01-14-2010 |
