Press release BoxID: 263657 (Kaspersky Labs GmbH)
  • Kaspersky Labs GmbH
  • Despag-Straße 3
  • 85055 Ingolstadt
  • Contact person
  • Isabella Fröhlich
  • +49 (89) 747262-41

Kaspersky Lab patents technology for safeguarding data integrity

(PresseBox) (Ingolstadt, ) Kaspersky Lab, a leading developer of secure content management systems, has taken out a US patent for an advanced technology that detects unauthorized modifications of data.

Unsanctioned modification of data, regardless of whether it is intentional or accidental, results in data distortion and loss. Unauthorized modification of software code can lead to program execution errors. It is a well-known fact that most malicious programs inject their code into executable files, leading to the execution of malicious code when the infected files are run. Ensuring data integrity is therefore a major IT security issue.

File integrity can be ensured by using such technologies as hashing, digital signatures and tracking the most recent modifications made to a file. However, the first two methods are too resource-intensive to be used for ensuring the integrity of all the files on a computer system, while the standard implementation of the latter method is unreliable: many of today's malicious programs are capable of altering time stamps to conceal any trace of file modification.

Standard integrity control methods either consume too many system resources or can occasionally miss infected files, leading to further distribution of malicious programs.

The advanced technology developed by Kaspersky Lab's Mikhail Pavlyushik is free of these shortcomings. It checks file integrity reliably and quickly, without significant resource consumption. Patent No. 7526516 was issued for the technology by the US Patent and Trademark Office on 28 April, 2009.

The technology is based on the interception of application requests to change timestamps for one or more files. Such requests are tracked for each file and stored in a database. This information is then provided to a special module (usually a component of the antivirus program) which compares the timestamp update counter with the relevant timestamp. Changes to the timestamp update counter which are not accompanied by the relevant changes to the timestamp indicate file modification and possible infection. The antivirus program can then scan the file for malicious code or display an alert.

The method and its software implementation that has been patented by Kaspersky Lab provide quick and reliable tracking of file modifications, triggering antivirus scans to prevent execution of malicious code. "The greatest advantage of this method is that it is fast and allows files to be scanned with minimal consumption of system resources," said Kaspersky Lab's Chief Intellectual Property Counsel Nadia Kashchenko. "The technology makes the antivirus program's operation more transparent to the user without sacrificing its high level of protection. This is a very significant invention that is unique to Kaspersky Lab and it has already been implemented in the company's products."

Kaspersky Lab currently has more than 30 patent applications pending in the US and Russia related to a range of innovative technologies developed by company personnel.

Kaspersky Labs GmbH

Kaspersky Lab delivers the world's most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. Kaspersky Lab products provide superior detection rates and the industry's fastest outbreak response time for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky technology is also used worldwide inside the products and services of the industry's leading IT security solution providers. Learn more at For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit