The model and the structure of multi-agent systems of detecting and analyzing malware were proposed. The main components are two types of agents: agents-detectors and agents-analyzers. The task of agent-detector – monitoring key vulnerabilities of the operating system and data collection. The task of agent-analyzer – explore processes and make decision, which of them are potential viruses and to which class of malware are. Experimental researches were provided and they show the effectiveness of the proposed approach.
multi-agent system, malware, agent-detector, agent-analyzer, interaction of agents