The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 17, 2025
Filed:
Oct. 06, 2022
AO Kaspersky Lab, Moscow, RU;
Andrey A. Ivanov, Moscow, RU;
AO Kaspersky Lab, Moscow, RU;
Abstract
This application provides a method for detecting anomalies in the behavior of a trusted process. An example method includes detecting a launch of a trusted process in a computer system; selecting a basic behavior model corresponding to the trusted process and a machine learning model corresponding to the trusted process; monitoring execution of the trusted process using the basic behavior model; comparing a total probability of occurrence of all of the plurality of identified events with a predefined threshold; extracting data corresponding to the identified events from a Markov chain, in response to determining that the probability of occurrence of all of the plurality of identified events is below the predefined threshold; analyzing the extracted data using the machine learning model; and generating a decision with respect to presence of anomalous behavior in the trusted process based on the analysis performed by the machine learning model.