Kaspersky Lab has obtained a patent for a method of protecting cloud services used by antivirus solution developers to more effectively combat cyberthreats and prevent the illegitimate use of cloud services by cybercriminals.
Patent no. 8661547 was issued by the US Patent and Trademark Office and describes a technology that safeguards cloud services against false information that might be sent to them.
The newly patented system performs a number of tests before using any information uploaded from a device. The server checks whether the data communication protocol specifications were violated: an unusual sequence of operations or other anomalies while sending data may indicate an attempt by cybercriminals to interfere in the server's operation. The user-side security application, in turn, analyzes the configuration of the user device. The developer can also use other methods to confirm the legitimacy of any uploaded data.
When the collected information has been analyzed, the system decides what to do with the data it has received: it can use it to enlarge the database, or ignore it due to the risk of forgery. In addition, a new level of trustworthiness can be assigned to the device based on the results of the device check. Initially this value is set at a low value. This value is taken into consideration on subsequent occasions when the device communicates with the cloud service.
"In one example, a cloud server receives one or more queries from security software of the user device. The server analyzes a system state and configuration of the user device to determine the level of trust associated with the user device. The server also analyzes the one or more queries received from the security software to determine whether to update the level of trust associated with the user device. The server determines, based on the level of trust, how to process the one or more queries. Finally, the server provides responses to the one or more queries from the security software based on the determination of how to process the one or more queries," explained Kaspersky in its patent filing.
The patented technology is implemented in Kaspersky Security Network.