Machine learning in Kaspersky Endpoint Security 10 for Windows

Latest update: October 09, 2019 ID: 13263

This article concerns Kaspersky Endpoint Security 10 for Windows:

  • Service Pack 2 Maintenance Release 4 (version
  • Service Pack 2 Maintenance Release 3 (version
  • Service Pack 2 Maintenance Release 2 (version
  • Service Pack 2 Maintenance Release 1 (version
  • Service Pack 2 (version
  • Service Pack 1 Maintenance Release 4 (version

Machine Learning-based technologies in Kaspersky Endpoint Security for Business allow detecting previously unknown malware threats by ‘learning’ from relevant big data threat intelligence and building effective detection models. 

In Kaspersky Endpoint Security, these models are used for both on-premise detection and as a part of the in-lab threat analysis process powering multiple security layers. 

You cannot enable or disable the Enable machine learning technologies option, it only shows that machine learning technologies are used in Kaspersky Endpoint Security 10 for Windows.

Our on-premise Machine Learning models provide pre-execution detection of malicious entities based on decision tree ensembles. These ensembles are trained in-lab on constantly renewed selections of files; the robotic system selects elementary ‘file features’ on which to build the most effective decision tree ensembles which are later delivered to client systems. 

Another pre-execution Machine-learning – powered mechanism is based on locality-sensitive hashing, where families of similar files can be identified by a single hash. These similarities are found during the ML-based processing of incoming file sample streams. Unlike decision tree models, hashes are extremely lightweight and can be delivered either as a part of periodic security updates or directly from the cloud, in response to a client request to Kaspersky Security Network. 

All the other types of security records, from precise to heuristic and System Watcher’s behavioral ones are prepared in-Lab during continuous Machine Learning processes. Security experts have constant control over this process, helping the machines to learn, dealing with the most complex cases and ensuring the lowest possible false positives rate. 

For more information about machine-learning technologies used by Kaspersky Lab products, see document.

Did you find what you were searching for?
Thank you for your feedback!