Kaspersky Lab patented a heuristic analysis technology in the US. The technology enables a security rating to be assigned to software based on its behavior during emulation.
The heuristic analysis method is very important when detecting new malicious programs that are as yet unknown to the specialists at antivirus companies. Current methods do not guarantee 100% detection of new malicious programs as this would require the incorporation of new technologies to detect and block these potential threats.
Kaspersky Lab’s new heuristic analysis technology, developed by Nikolay Grebennikov, Oleg Zaitsev, Alexey Monastyrsky and Mikhail Pavlyushik, is based on a system of rules that is used to assign a security rating to different processes (Security Rating technology). The technology was granted Patent No. 7 530 106 by the US Patent and Trademark Office on 5 May, 2009.
The patent describes a constantly expanding system of rules where the most popular operations used by malicious programs are indicated, such as access to different parts of the registry, access to the Internet or to the system files, etc. Each operation is expressed as a percentage that reflects its level of security risk.
When an operation is executed, the cumulative potential security rating of a process will increase. As the rating grows, different access restrictions to certain resources are introduced. This means that hostile activity by a malicious program can be prevented at the outset by blocking access to the resources it needs to execute such activity.
The Security Rating technology increases the effectiveness of computer protection and makes Kaspersky Lab products more user-friendly. As a result, the complex HIPS (Host-based Intrusion Prevention System) technology implemented in Kaspersky Internet Security 2009 as a filtration module has become more accessible to ordinary users and is no longer the reserve of computer specialists.
Kaspersky Lab currently has more than 30 patent applications pending in the US and Russia related to a range of innovative technologies developed by company personnel.