The heuristic analysis method is very important when detecting new malicious programmes that are as yet unknown to the specialists at antivirus companies. Current methods do not guarantee 100 per cent detection of new malicious programmes as this would require the incorporation of new technologies to detect and block these potential threats.

Kaspersky Lab’s new heuristic analysis technology, developed by Nikolay Grebennikov, Oleg Zaitsev, Alexey Monastyrsky and Mikhail Pavlyushik, is based on a system of rules that is used to assign a security rating to different processes (security rating technology). The technology was granted patent number 7 530 106 by the US Patent and Trademark Office on May 5, 2009.

The patent describes a constantly expanding system of rules where the most popular operations used by malicious programmes are indicated, such as access to different parts of the registry, access to the Internet or to the system files, etc. Each operation is expressed as a percentage that reflects its level of security risk. When an operation is executed, the cumulative potential security rating of a process will increase. As the rating grows, different access restrictions to certain resources are introduced. This means that hostile activity by a malicious programme can be prevented at the outset by blocking access to the resources it needs to execute such activity.

“Kaspersky Lab’s patented security rating technology is designed to automatically generate sets of rules for unknown applications,” says Nadia Kashchenko, chief intellectual property counsel, Kaspersky Lab. “This technology is crucial for ensuring the transparency of antivirus solutions and for minimising the need for product configuration by users.”

The security rating technology increases the effectiveness of computer protection and makes Kaspersky Lab products more user-friendly. As a result, the complex HIPS (Host-based Intrusion Prevention System) technology implemented in Kaspersky Internet Security 2009 as an innovative filtration module has become more accessible to ordinary users and is no longer the reserve of computer specialists.

Kaspersky Lab currently has more than 30 patent applications pending in the US and Russia related to a range of innovative technologies developed by company personnel.
 
About Kaspersky Lab

Kaspersky Lab delivers the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing and spam. Kaspersky Lab products provide superior detection rates and the industry’s fastest outbreak response time for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky® technology is used worldwide inside the products and services of the industry’s leading IT security solution providers.