KES10中的机器学习技术。Machine learning in KES10

pal家族

Machine Learning-based technologies in Kaspersky Endpoint Security for Business allow detecting previously unknown malware threats by ‘learning’ from relevant big data threat intelligence and building effective detection models.

In Kaspersky Endpoint Security, these models are used for both on-premise detection and as a part of the in-lab threat analysis process powering multiple security layers.



Our on-premise Machine Learning models provide pre-execution detection of malicious entities based on decision tree ensembles. These ensembles are trained in-lab on constantly renewed selections of files; the robotic system selects elementary ‘file features’ on which to build the most effective decision tree ensembles which are later delivered to client systems.



Another pre-execution Machine-learning – powered mechanism is based on locality-sensitive hashing, where families of similar files can be identified by a single hash. These similarities are found during the ML-based processing of incoming file sample streams. Unlike decision tree models, hashes are extremely lightweight and can be delivered either as a part of periodic security updates or directly from the cloud, in response to a client request to Kaspersky Security Network.



All the other types of security records, from precise to heuristic and System Watcher’s behavioral ones are prepared in-Lab during continuous Machine Learning processes. Security experts have constant control over this process, helping the machines to learn, dealing with the most complex cases and ensuring the lowest possible false positives rate.

For more information about machine-learning technologies used by Kaspersky Lab products, see document.

其实我很想的点分享或魅力，但是这些宣传又有什么用呢？
咱们要看疗效对不？查杀猛，你的各种技术就是棒棒的！
所以我仅仅在这里发下谷歌翻译，大致的意思都有！看看就好拉！

基于机器学习的卡巴斯基终端安全技术允许通过从相关大数据威胁情报中“学习”并构建有效的检测模型来检测以前未知的恶意软件威胁。

在卡巴斯基端点安全中，这些模型用于内部部署检测，也是实验室威胁分析过程的一部分，为多个安全层提供动力。



我们的内部机器学习模型提供了基于决策树组合的恶意实体的预执行检测。这些组合在不断更新的文件选择中被实验室训练;机器人系统选择要在其上建立最有效的决策树组合的基本“文件特征”，后者将被传递给客户端系统。



另一种预执行机器学习功能的机制是基于局部敏感的散列，其中类似文件的系列可以通过单个散列来标识。在传入文件样本流的基于ML的处理期间发现这些相似之处。与决策树模型不同，散列非常轻便，可以作为定期安全更新的一部分或直接从云端传送，以响应客户端对卡巴斯基安全网络的请求。



所有其他类型的安全记录，从精确到启发式和系统观察者的行为准备在实验室中，在连续的机器学习过程中。安全专家不断控制这一过程，帮助机器学习，处理最复杂的案例，并确保最低的误报率。

有关卡巴斯基实验室产品使用的机器学习技术的更多信息，请参阅文档。

超级好吃

kes是最适合我的杀毒软件，只是可惜没有key

FUZE

毛子低调，毛子不说，毛子坐不住了，说了....

crystal2030

没有可用key，

nndyky

可惜没有key

yjddbf

同没有key

花月

4~6楼的 先把30天的试用用完了再说，老伸手去要授权有啥意义，就是真没有授权，变相免费的KRT也能继续变相免费来用