SYSTEM AND METHOD OF DETECTION OF MALICIOUS FILES USING A TRAINED MALWARE DETECTION PATTERN

摘要

FIELD: information technology.;SUBSTANCE: invention is intended for anti-virus scanning of files. Malicious file detection system contains a behavior log analysis tool designed to generate a behavior template based on commands and parameters selected from the log; calculation of convolution from all generated behavior patterns; detection pattern selection tool for retrieving from at least two detection patterns of malicious files based on commands and parameters selected from the behavior log; means for calculating the severity of harmfulness, designed to calculate the severity of an executable file based on the analysis of the resulting convolution using each obtained detection pattern; analysis tool designed to form a solution based on the received severity of the pattern; recognition of the executable file as malicious, when the degree of similarity between the generated decision pattern and at least one of the predetermined solution patterns from the decision pattern database exceeds a predetermined threshold value.;EFFECT: technical result consists in the detection of malicious files using a trained malware detection pattern.;20 cl, 7 dwg