Abstract: Disclosed herein are systems and methods for processing personal data by application of policies. In one aspect, an exemplary method comprises, by the network infrastructure component, analyzing communication protocols between an IoT device and the network infrastructure component, identifying at least one field that contains personal data, for each identified field, analyzing the identified field using personal data processing policies uploaded to the network infrastructure component, and applying the personal data policies for enforcement.

Abstract: Disclosed herein are systems and method for automatic activation of a service on a computing device. In an exemplary aspect, a service activation module may link, using an activation model, user behavioral data to an automated activation of the service based on the detecting a prior activation of the service subsequent to receiving the user behavioral data. The service activation module may receive, at a later time, additional sensor data from a plurality of sensors of a computing device. The service activation module may parse the additional sensor data to generate additional user behavioral data. The service activation module may compute, using the activation model, a degree of similarity between the user behavioral data and the additional user behavioral data, and in response to determining that the degree of similarity is greater than a predetermined threshold value, may automatically activating the service on the computing device.

Abstract: Disclosed herein are systems and methods for configuring IoT devices from the network infrastructure component based on a type of network, wherein the network contains at least one IoT device. In one aspect, an exemplary method comprises, by the network infrastructure component, collecting, data on one or more IoT devices, wherein each of the one or more IoT devices is connected to the network infrastructure component; for each IoT device, identifying a type of network; defining policies for configuring each of the one or more IoT devices based on the identified network; and for each of the one or more IoT devices, applying policies for monitoring and configuring the IoT device.

Abstract: Disclosed herein are systems and methods for controlling an IoT device from a node (hub) in a network infrastructure. In one aspect, an exemplary method comprises, analyzing the IoT device based on at least one of: characteristics of functionalitites of the IoT device, characteristics of information security of the IoT device, and characteristics of an impact on human life by the IoT device and/or by the security of the IoT device, adjusting the IoT device based on results of the analysis, determining whether the characteristics for which the analysis was performed changed during an operation of the device, and when the characteristics for which the analysis was performed changed, changing one or more settings associated with the IoT device based on the changes determined during the operation of the device.

Abstract: Disclosed herein are systems and methods for processing personal data by application of policies. In one aspect, an exemplary method comprises, by the network infrastructure component, analyzing communication protocols between an IoT device and the network infrastructure component, identifying at least one field that contains personal data, for each identified field, analyzing the identified field using personal data processing policies uploaded to the network infrastructure component, and applying the personal data policies for enforcement.

Abstract: Disclosed herein are systems and methods for configuring IoT devices from the network infrastructure component based on a type of network, wherein the network contains at least one IoT device. In one aspect, an exemplary method comprises, by the network infrastructure component, collecting, data on one or more IoT devices, wherein each of the one or more IoT devices is connected to the network infrastructure component; for each IoT device, identifying a type of network; defining policies for configuring each of the one or more IoT devices based on the identified network; and for each of the one or more IoT devices, applying policies for monitoring and configuring the IoT device.

Abstract: A system and method for performing a task on a computing device based on access rights are described. In one aspect, an exemplary method comprises, gathering data characterizing a task by intercepting function calls used to perform the task, and sending a request to an operating system of the computing device to temporarily interrupt the called functions until access rights are determined, determining a threat level of the task based on the gathered data and task templates, generating a test based on the threat level and test generating rules and presenting the test to the user, analyzing results of the test and determining access rights of the task based on the results, and performing the task based on the access rights.

Abstract: Disclosed herein are systems and method for automatic activation of a service on a computing device. In an exemplary aspect, a service activation module may link, using an activation model, user behavioral data to an automated activation of the service based on the detecting a prior activation of the service subsequent to receiving the user behavioral data. The service activation module may receive, at a later time, additional sensor data from a plurality of sensors of a computing device. The service activation module may parse the additional sensor data to generate additional user behavioral data. The service activation module may compute, using the activation model, a degree of similarity between the user behavioral data and the additional user behavioral data, and in response to determining that the degree of similarity is greater than a predetermined threshold value, may automatically activating the service on the computing device.

Abstract: Disclosed herein are systems and methods for performing a task on a computing device based on access rights. In one aspect, an exemplary method comprises, gathering data characterizing a task by intercepting function calls used to perform the task, and sending a request to an operating system of the computing device to temporarily interrupt the called functions until access rights are determined, determining a threat level of the task based on the gathered data and task templates, generating a test based on the threat level and test generating rules and presenting the test to the user, analyzing results of the test and determining access rights of the task based on the results, and performing the task based on the access rights.

Abstract: Disclosed herein are systems and methods for performing a task on a computing device based on access rights determined from a danger level of the task. In one aspect, an exemplary method comprises gathering data characterizing the task for control of the computing device, determining a task danger level using a model for determining the task danger level based on the gathered data, wherein the task danger level characterizes a threat level of the task to an information security of the computing device if the task is performed, generating an automated test, wherein the automated test depends on the determined task danger level and is based on test generating rules, receiving a result of the automated test having being performed by the user, analyzing the received results, and determining access rights for the task in accordance with the analysis, and performing the task in accordance with the determined access rights.

Abstract: Disclosed are systems, methods and computer program products for detection of malicious executable files based on the similarity of various types of extractable resources of the executable files. In one aspect, the system determines a type of an executable file being analyzed and determines types of extractable resources of the executable file based on the type of the executable file. The system then extracts the identified extractable resources of the executable file and compares the extracted resources to known resources of malicious executable files. The system then determines a degree of similarity between the compared resources. The system then determines whether the executable file is malicious based on a degree of similarity of the one or more compared resources.

Abstract: Disclosed are systems, methods and computer program products for detection of malicious executable files based on the similarity of various types of extractable resources of the executable files. In one aspect, the system determines a type of an executable file being analyzed and determines types of extractable resources of the executable file based on the type of the executable file. The system then extracts the identified extractable resources of the executable file and compares the extracted resources to known resources of malicious executable files. The system then determines a degree of similarity between the compared resources. The system then determines whether the executable file is malicious based on a degree of similarity of the one or more compared resources.

Abstract: System and method for detecting ransomware. A current user behavior pattern is monitored based on user input via a user input device. The user behavior is compared against a reference set of behavior patterns associated with user frustration with non-responsiveness of the user interface module. A current status pattern of the operating system is also monitored. The current status pattern is compared against a reference set of operating system status patterns associated with predefined ransomware behavior. In response to indicia of current user frustration with non-responsiveness of the user interface, and further in response to indicia of the current status pattern having a correlation to the predefined ransomware behavior, an indication of a positive detection of ransomware executing on the computer system is provided.

Abstract: System and method for detecting ransomware. A current user behavior pattern is monitored based on user input via a user input device. The user behavior is compared against a reference set of behavior patterns associated with user frustration with non-responsiveness of the user interface module. A current status pattern of the operating system is also monitored. The current status pattern is compared against a reference set of operating system status patterns associated with predefined ransomware behavior. In response to indicia of current user frustration with non-responsiveness of the user interface, and further in response to indicia of the current status pattern having a correlation to the predefined ransomware behavior, an indication of a positive detection of ransomware executing on the computer system is provided.