Kaspersky Lab patents cutting-edge technology for fighting unknown Cybercrime threats

24 Feb 2009
Product news

Kaspersky Lab announces the successful patenting of a cutting-edge IT security technology in the US. The technology enables detection and removal of all malicious programs, including those that were previously unknown, installed on a user’s computer after a single virus incident.

Today’s crimeware makes extensive use of Trojans to penetrate users’ machines. Once installed on a system, a Trojan downloads numerous other malicious programs from the Internet. As a result, dozens of various malicious programs and their components can end up on a user’s PC. Some of them may be new malicious programs with signatures that have yet to be added to antivirus databases or that make use of unknown technology for evading detection. Malware like this can go undetected by antivirus solutions for some time, carrying out harmful or destructive operations on an infected computer.


Close the loopholes for Cybercrime attacks

A single initial virus incident can lead to the downloading of many malicious programs that are unknown to antivirus software. This flaw in antivirus protection means that a single breach can leave a user's computer compromised until all the malicious software and methods of hiding have been identified and distributed through updates. This defect can now be solved using the latest Kaspersky Lab technology developed by Mikhail Pavlyushchik. The technology was granted Patent No. 7472420 by the US Patent and Trademark Office on December 30th, 2008. The patent outlines the method used to detect and remove all malicious programs installed on a user’s computer as a result of a single virus incident as well as locating the source and time of the incident.


Track down viruses in every nook and cranny

The new technology is based on the logging of system events that indicate the possibility of a virus infection (for example, modification of an executable file and/or a record in the system registry) and then determining the extent of a virus incident based on the records made. According to the patented technology, when a malicious process or file is detected, a module that analyses preceding events is launched that allows the source and the time of an infection to be determined. The system then analyzes all child events related to the source event, which makes it possible to detect all malicious programs involved in the incident, including those that were previously unknown.


Prevent future Cybercrime attacks

In addition to detecting malware, the new technology removes or quarantines malicious code, interrupts malicious processes, and restores the system files from a trusted backup. Information about malicious programs detected with the help of the patented method can be immediately sent to antivirus vendors in order to speed up their response times to new threats. Determining the source and context of an infection is helpful in preventing similar virus incidents in the future, for example, in detecting and blocking infected sites, detecting and eliminating software vulnerabilities etc. Furthermore, reconstructing the full picture of an incident and documenting it could provide the basis for building a successful criminal case against the Cybercriminals responsible.

Kaspersky Lab currently has more than 30 patent applications pending in the US and Russia. These relate to a range of technologies developed by company personnel. Additionally, many of today’s antivirus technologies were developed by Kaspersky Lab and are currently used under license by vendors worldwide, including Microsoft, Bluecoat, Juniper Networks, Clearswift, Borderware, Checkpoint, Sonicwall, Websense, LanDesk, Alt-N, ZyXEL, ASUS and D-Link.

About Kaspersky Lab

Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The Company is ranked among the world’s top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry’s fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky® technology is also used worldwide inside the products and services of the industry’s leading IT security solution providers. Learn more at . For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit www.viruslist.com.