Machine learning in Kaspersky Endpoint Security 10 for Windows
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.
Accept and close



Kaspersky Endpoint Security 10 for Windows (for workstations and file servers)


Machine learning in Kaspersky Endpoint Security 10 for Windows

Back to "Settings and Features"
2019 Mar 18 ID: 13263
This article concerns all versions of Kaspersky Endpoint Security 10 for Windows.

Machine Learning-based technologies in Kaspersky Endpoint Security for Business allow detecting previously unknown malware threats by ‘learning’ from relevant big data threat intelligence and building effective detection models. 

In Kaspersky Endpoint Security, these models are used for both on-premise detection and as a part of the in-lab threat analysis process powering multiple security layers. 

You cannot enable or disable the Enable machine learning technologies option, it only shows that machine learning technologies are used in Kaspersky Endpoint Security 10 for Windows.

Our on-premise Machine Learning models provide pre-execution detection of malicious entities based on decision tree ensembles. These ensembles are trained in-lab on constantly renewed selections of files; the robotic system selects elementary ‘file features’ on which to build the most effective decision tree ensembles which are later delivered to client systems. 

Another pre-execution Machine-learning – powered mechanism is based on locality-sensitive hashing, where families of similar files can be identified by a single hash. These similarities are found during the ML-based processing of incoming file sample streams. Unlike decision tree models, hashes are extremely lightweight and can be delivered either as a part of periodic security updates or directly from the cloud, in response to a client request to Kaspersky Security Network. 

All the other types of security records, from precise to heuristic and System Watcher’s behavioral ones are prepared in-Lab during continuous Machine Learning processes. Security experts have constant control over this process, helping the machines to learn, dealing with the most complex cases and ensuring the lowest possible false positives rate. 

For more information about machine-learning technologies used by Kaspersky Lab products, see document.

Was this information helpful?
Yes No
Thank you


Feedback on Technical Support Site

Please let us know what you think about the site design, improvements we could add and any errors we need to eliminate

Send My Website Feedback Send My Website Feedback

Thank you!

Thank you for submitting your feedback.
We will review your feedback shortly.


How can we improve this article?

We will not be able to contact you if you leave your email address or phone number. To contact technical support, please sign in to your Personal Account.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.