Kaspersky Lab patents innovative method for minimizing false positives
18 Jan 2010
Kaspersky Lab, a leading developer of secure content management solutions, announces the successful patenting in the US of cutting-edge technology that minimizes the number of false positives.
The technology promptly and automatically corrects anti-malware applications that flag safe objects as being malicious, and does so without compromising the level of malware detection. The patented technology also enables white lists of clean objects to be updated regularly with minimal impact on resources.
Patent No. 7 640 589 was issued for the new technology by the US Patent Office on 29 December 2009. The authors of the patent application – Yuri Mashevsky, Yuri Namestnikov, Nikolay Denishchenko, Pavel Zelensky, Igor Chekunov and Andrey Efremov – are all specialists at Kaspersky Lab.
The patented system automatically corrects errors in antivirus databases that lead to false alarms. Information on programs, URL addresses or other objects detected on a user's computer is sent instantly to the antivirus vendor to be compared against checklists. If there are any matches, the system calculates the likelihood of the object being clean or malicious.
The calculation is based on several weighted criteria related to the object's behavior. If a program is deemed to be safe, the antivirus databases are corrected immediately.
This enables the necessary modifications to be performed in real time as soon as a false positive occurs, ensuring that such incidents are limited to isolated instances. An added advantage of Kaspersky Lab's method for minimizing false positives is that it does not compromise the sensitivity of malware detection.
Updating white lists is another important task that requires effective automated solutions. The patented system addresses this issue by automatically modifying a white list if it contains an object recognized as malicious.
Kaspersky Lab currently has more than fifty patent applications pending in the US, Russia, China and Europe outlining innovative technologies developed for the field of information security.