Abstract: Disclosed herein are systems and methods for providing security to an Internet of Things (IoT) device. An exemplary method comprises, obtaining, by an interceptor located on at least one gateway or the device, information about an interaction of the device with at least one of: other devices, service, and server; by an analysis tool located on the gateway: determining at least one category of the device and at least one category of a user of the device by interacting with a security service based on information received about the interaction of the device; receiving data from the security service, and identifying the security component to be installed on the device based on the data received from the security service, the category of the device and the category of a user of the device; and installing on the device, by the interceptor, the security component identified by the analysis tool.

Abstract: A method for securing a plurality of IoT devices using a gateway includes intercepting, by a gateway, information about interactions between a first IoT device and at least one of: a second IoT device, a computer server, and a computer service. One or more cyber security threats are detected by the gateway based on the intercepted information and based on information stored in at least one of a first database and a second database. The first database is configured to store information about IoT devices and the second database is configured to store information about cyber security threats. One or more cyber security threat mitigation actions are identified by the gateway to address the detected one or more cyber security threats. The identified one or more cyber security threat mitigation actions are performed by the gateway.

Abstract: Disclosed herein are systems and methods for categorizing an application on a computing device including gathering a set of attributes of an application. The set of attributes of the application includes at least one of: a number of files in an application package of the application; a number of executable files in the application package; numbers and types of permissions being requested; a number of classes in the executable files in the application package; and a number of methods in the executable files in the application package. sending the gathered set of attributes to a trained classification model. The application is classified, using the classification model, based on the gathered set of attributes by generating one or more probabilities of the application belonging to respective one or more categories of applications. A category of the application is determined based on the generated one or more probabilities.

Abstract: Disclosed herein are systems and methods for categorizing an application on a computing device including gathering a set of attributes of an application. The set of attributes of the application includes at least one of: a number of files in an application package of the application; a number of executable files in the application package; numbers and types of permissions being requested; a number of classes in the executable files in the application package; and a number of methods in the executable files in the application package. sending the gathered set of attributes to a trained classification model. The application is classified, using the classification model, based on the gathered set of attributes by generating one or more probabilities of the application belonging to respective one or more categories of applications. A category of the application is determined based on the generated one or more probabilities.

Abstract: Disclosed herein are systems and methods for categorizing an application on a computing device. In one aspect, an exemplary method comprises, obtaining results of a classification of an application from a security server, when the results of the classification satisfy rules of relevance, designating the results of the classification as relevant and determining a category of the application based on the designation of the results as relevant, and when the results of the classification do not satisfy the rules of relevance, performing at least one of: terminating the categorization of the application, and updating the classification of the application based on a set of attributes of the application.

Abstract: Systems and methods for performing a repeat antivirus scan of a file are disclosed. A local database is saved on a mobile device, where each record is added to the database when the corresponding file is recognized as being non-malicious as a result of an antivirus scan. A short hash sum of the file is computed and the long hash sum of the file and information about the antivirus scan performed and corresponding to the first hash sum of the file are found in the aforementioned database. Using the long hash sum, a verdict on the file is requested from the cloud services. An antivirus scan of the file is performed, except when the verdict obtained is unchanged (as compared to the verdict contained in the information about the antivirus scan performed of the obtained record corresponding to the file), and no updating of the antivirus databases has occurred since the date of performing the antivirus scan.

Abstract: Disclosed herein are systems and methods for categorizing an application on a computing device. In one aspect, an exemplary method comprises, obtaining results of a classification of an application from a security server, when the results of the classification satisfy rules of relevance, designating the results of the classification as relevant and determining a category of the application based on the designation of the results as relevant, and when the results of the classification do not satisfy the rules of relevance, performing at least one of: terminating the categorization of the application, and updating the classification of the application based on a set of attributes of the application.

Abstract: Systems and methods for performing a repeat antivirus scan of a file are disclosed. A local database is saved on a mobile device, where each record is added to the database when the corresponding file is recognized as being non-malicious as a result of an antivirus scan. A short hash sum of the file is computed and the long hash sum of the file and information about the antivirus scan performed and corresponding to the first hash sum of the file are found in the aforementioned database. Using the long hash sum, a verdict on the file is requested from the cloud services. An antivirus scan of the file is performed, except when the verdict obtained is unchanged (as compared to the verdict contained in the information about the antivirus scan performed of the obtained record corresponding to the file), and no updating of the antivirus databases has occurred since the date of performing the antivirus scan.

Abstract: Disclosed are system and methods for controlling access to content from a user application executing in an isolated environment on a user device. An exemplary method includes intercepting, by a security application, data relating to content in a graphical user interface of the user application using an accessibility application programming interface (API) exposed by an operating system of the user device, and generating a first template associated with the content based on the intercepted data. The template specifies a pattern of elements of the graphical user interface. The method further includes determining a category of the content based on a comparison of the first template with a plurality of previously generated templates; and controlling access to the content of the graphical user interface based on the determined category.

Abstract: Disclosed are systems and methods for selecting a data entry mechanism for an application based on security requirements. An example method comprises: determining a plurality of activity states of an application during a creation of the application, determining, for each activity state of a subset of activity states of the plurality of activity states, whether a data entry mechanism of the application is dependent on the activity state, for each activity state of the subset of activity states for which the data entry mechanism is determined as being dependent on the activity state, determining security requirements corresponding to the activity state during the creation of the application and selecting a data entry mechanism for each of the determined security requirements corresponding to the activity state, during an activation of an activity corresponding to an activity state of the subset, activating a corresponding selected data entry mechanism.

Abstract: Disclosed are systems and methods for activating a data entry mechanism for an application based on security requirements. An example method comprises detecting, by a hardware processor, an activity state of the application during an execution of the application on a user device, determining the security requirements associated with the detected activity state, wherein the determined security requirements comprise properties for the data entry mechanism, activating the data entry mechanism for receiving user input for the application, wherein the data entry mechanism is based on the determined security requirements, and receiving the user input in accordance with the activated data entry mechanism.

Abstract: Disclosed are systems and methods for receiving user input using a data entry mechanism activated for an application. An example method comprises detecting, by a hardware processor, an activity state of the application during an execution of the application on a user device, determining security requirements associated with the activity state, wherein the security requirements comprise properties for the data entry mechanism, selecting a data entry mechanism corresponding to the determined security requirements associated with the activity state, activating the selected data entry mechanism for receiving user input for the application, wherein the selected data entry mechanism is governed according to the properties of the security requirements associated with the activity state, receiving the user input in accordance with the activated data entry mechanism, and displaying a modified version of the user input according to the properties of the security requirements.

Abstract: A method and system is provided for performing secure online banking transactions.

Abstract: Disclosed are systems and methods for selecting a data entry mechanism for an application based on security requirements. An example method comprises: determining a plurality of activity states of an application during a creation of the application, determining, for each activity state of a subset of activity states of the plurality of activity states, whether a data entry mechanism of the application is dependent on the activity state, for each activity state of the subset of activity states for which the data entry mechanism is determined as being dependent on the activity state, determining security requirements corresponding to the activity state during the creation of the application and selecting a data entry mechanism for each of the determined security requirements corresponding to the activity state, during an activation of an activity corresponding to an activity state of the subset, activating a corresponding selected data entry mechanism.

Abstract: Disclosed are systems and methods for receiving user input using a data entry mechanism activated for an application. An example method comprises detecting, by a hardware processor, an activity state of the application during an execution of the application on a user device, determining security requirements associated with the activity state, wherein the security requirements comprise properties for the data entry mechanism, selecting a data entry mechanism corresponding to the determined security requirements associated with the activity state, activating the selected data entry mechanism for receiving user input for the application, wherein the selected data entry mechanism is governed according to the properties of the security requirements associated with the activity state, receiving the user input in accordance with the activated data entry mechanism, and displaying a modified version of the user input according to the properties of the security requirements.

Abstract: Disclosed are systems and methods for activating a data entry mechanism for an application based on security requirements. An example method comprises detecting, by a hardware processor, an activity state of the application during an execution of the application on a user device, determining the security requirements associated with the detected activity state, wherein the determined security requirements comprise properties for the data entry mechanism, activating the data entry mechanism for receiving user input for the application, wherein the data entry mechanism is based on the determined security requirements, and receiving the user input in accordance with the activated data entry mechanism.

Abstract: Disclosed are systems and methods for selecting a data entry mechanism during application creation. An example method comprises: determining a plurality of activity states of an application during creation of the application, determining whether a data entry mechanism of the application is dependent on an activity state, determining security requirements corresponding to each of the plurality of activity states, selecting a data entry mechanism for each of the determined security requirements and activating a corresponding data entry mechanism during activation of each corresponding activity of the plurality of activity states.

Abstract: Disclosed are systems and methods for activating a data entry mechanism. An example method comprises detecting, by a hardware processor, an activity state of the application during execution on a user device, determining, by the hardware processor, security requirements, associated with the activity state, wherein the security requirements comprise properties for a data entry mechanism, activating, by the hardware processor, a data entry mechanism for receiving user input for the program, wherein the data entry mechanism is governed according to the properties of the security requirements, receiving user input from the user device from the data entry mechanism and displaying, by the hardware processor, a modified version of the user input, according to the properties of the security requirement.

Abstract: A method, system and computer program product for blocking access to restricted elements of application interface and covering the restricted elements by trusted interface elements. The system includes an analyzer module, a database of restricted elements and a blocking module. The analyzer module is configured to detect interface elements of an active application rendered on a computer or a mobile device. The analyzer module determines if an application interface element is restricted by comparing the application interface element against the known restricted interface elements from the database. If the restricted element is detected, the analyzer module sends the data about the restricted element to the blocking module. The blocking module covers the restricted interface element by a trusted interface element or by an image.

Abstract: Disclosed are systems and methods for selecting means for intercepting network transmissions. An exemplary method includes determining one or more rules associated with transmission of data by a device; determining one or more network transmission intercepting means that satisfy the one or more determined rules; selecting a network transmission intercepting means based on the determined one or more network transmission intercepting means; and causing transmissions by the device to be processed by the selected network transmission intercepting means.