With rapid development of information technologies and further spread of the Internet into masses number of threats, to which computer users are subjected to, grows proportionally. The former mechanisms of replenishing databases of malicious objects do not allow to timely prevent such threats, that is why new methods to provide security are needed. One of such methods is Kaspersky Security Network (KSN)
, whose aim is to decrease the time necessary to detect and block new types of threats. This system collects the information about files run on the user’s computer and thus traces presence of malicious objects and their distribution channels. The technology also allows sending unknown files or their parts to Kaspersky Lab
servers. It allows blocking malicious objects from the moment of detecting them by Kaspersky Lab
When a new version is released, users download and install the program distributive. From the computers of the first users, with product 2011 version installed and KSN enabled (i.e. active), the statistics of the application activity is sent to Kaspersky Lab servers. Based on the received information the corresponding verdict is assigned to the file: dangerous – not dangerous. When other users run the same distributive on their computers Kaspersky Lab 2011 product gets the verdict: dangerous – not dangerous from Kaspersky Lab servers and sends the program file either entirely or partially to Kaspersky Lab. Upon the file receipt analysts make a decision to which databases the file should be added.