Kaspersky Lab Granted another US Patent
OREANDA-NEWS. February 6, 2012. Kaspersky Lab, a leading developer of secure content and threat management solutions, announces that it has been granted a new patent in the
The newly patented technology detects multi-component malicious programs. This is done by restoring the parent-child relationships between such components using a special analyzer, which keeps a journal of system events and saves them all in its database.
Each event in the system is given a parameter of relevance using a separate monitor, that is, the importance of information connected with this event is determined for the analyzer. Such events include file operations, operations with the registry or with processes, etc.
If the antivirus program subsequently finds an infected file in the system, all the information related to that file goes into the analyzer, which looks up all the objects connected with that file in the event journal (which processes addressed the file, which process created or modified it, etc.). The analyzer then checks the time criteria of all the objects discovered, which permits, for example, malicious programs with delayed activation to be located.
At present Kaspersky Lab has been granted 49 patents covering its advanced technologies in