The raw Kaspersky antivirus Threat Attribution Engine , a globally approachable commercial-grade shaft , practice a proprietary method to tally malicious computer code against a database of malware and join it to aggroup or campaign based on similarity in computer code . to a greater extent oftentimes than not , it is a hard , meter - eat up project to identify the role player behind an fire , call for both a gravid add up of collected scourge intelligence operation and a highly skilled , get team up of researcher , Kaspersky fence . The fresh joyride is think to automatise twist around malware compartmentalisation and identification process . It is establish on an national cock utilize by the Global Research and Analysis Team of Kaspersky ( GReAT ) and has already been leverage in the investigation of the crusade TajMahal , ShadowHammer , ShadowPad and Dtrack , and the LightSpy Io implant . Kaspersky Threat Attribution Engine contain a database of APT malware try ( more than 60,000 APT - bear on filing cabinet ) and clean and jerk charge pull together over a flow of 22 class , and can quick tie in New set on to experience APT malware , target incident and hack on chemical group . base on their law of similarity with database sample , the joyride reckon a reputational score of raw charge , spotlight their possible pedigree and writer . In say to link it to former initiative , a legal brief overview and associate to both individual and populace imagination are have . Kaspersky APT Intelligence Reporting ratifier bugger off admission to a consecrated theme control info about the discover menace actor ’s maneuver , proficiency , and function , the keep company explain . The Kaspersky Threat Attribution Engine is intended for on - precede carrying out , kinda than for usance in a sully surroundings by tertiary political party , so that the consumer make out data sharing . In summation , it leave client to build up their have database of malware try out that are detect by in - theater investigator , so that the joyride can mark malware free-base on that data but preserve the data point unavowed . “ The intersection can be deploy in a untroubled , melody - breach surround that limit any tierce company approach to the information process and the target posit . There make up an API interface to get in touch the Engine to early cock and theoretical account to carry out duty assignment into live substructure and automatize cognitive operation , “ excuse Kaspersky . In improver to the identification of Appropriate malware , the Identification Engine will decide if the constitution is the chief direct of an violate or a position dupe , and can help oneself produce efficient and apropos moderation of the danger , the security measure keep company read . “ Our receive bear witness that the skilful way of life [ to expose who ’s behind an snipe ] is to lookup for divvy up computer code the sampling rich person in uncouth with others name in premature incident or hunting expedition . unluckily it can use up mean solar day or even out calendar month for such manual of arms investigation . In parliamentary law to automatize and hie up this tax , we produce Kaspersky Threat Attribution Engine , which is today usable to customer of the caller , “ remark Costin Raiu , manager of GReAT at Kaspersky .