Press Release

Kaspersky Lab Patents Technology for Optimized Scanning of Network Traffic

Woburn, MA – March 19, 2014 – Kaspersky Lab has successfully patented technology that enhances the effectiveness of network traffic scanning for the presence of cyberthreats. Patent 8650646, issued by the United States Patent and Trademark Office (USPTO), describes a method for minimizing the volume of checked data without affecting the reliability of a protection system. Rospatent, the Russian Federation Patent office, earlier issued patent RU2488880 for the same invention.

Thanks to Intrusion Detection Systems (IDS) that analyze the data that passes through a corporate or home network, comprehensive security solutions are capable of detecting and intercepting cyberthreats before they penetrate a computer. However, as network streams grow, more and more resources are required to analyze the data in them, which causes delays when working on a network. In a corporate environment this can have a negative effect on business processes.

There are a number of methods to speed up scanning of network data streams in order to identify threats, but they often entail a loss of effectiveness; an increase in processing speed brings with it an increased likelihood of network threats passing through unnoticed in the data stream. 

However, the patented technology can reduce data processing times without impacting the level of security. This is achieved by selectively checking data in network streams. These selective checks are generated using databases that store statistics about previously detected threats.

For the method to operate properly, at least one element in the security system has to check all network traffic for the presence of threats. This enables the databases to receive new information that can optimize the work of other network nodes that are monitoring traffic streams. Traps set to attract the attention of cybercriminals – so-called honeypots – can also act as a source of information. These resources can gather information about cybercriminal activity and the types of tools they use.  

Implementation of the system does not require all of its elements to be deployed in a single local network. The security solution vendor can maintain the databases and resources used to gather information about threats. This allows customers to enjoy the benefits of the patented method and receive up-to-date information about the latest network threats from the vendor’s online services without having to deploy their own honeypots.   

The patented technology is currently implemented in Kaspersky Lab solutions for home users, small businesses and corporate customers that are equipped with the IDS module. This includes Kaspersky Internet Security, Kaspersky PURE, Kaspersky Small Office Security and Kaspersky Endpoint Security for Business.

As of early February 2014, Kaspersky Lab’s intellectual property portfolio included more than 190 patents issued in the US, Russia, EU and China. More than 240 other patent applications have been filed with patent authorities.

About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Stephen Russell 
781.503.1833
stephen.russell@kaspersky.com