首页>
外国专利>
Anomaly-Based Ransomware Detection for Encrypted Files
Anomaly-Based Ransomware Detection for Encrypted Files
展开▼
机译:基于异常的勒索软件对加密文件的检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques are provided for anomaly-based ransomware detection of encrypted files. One exemplary method comprises obtaining metadata for an encrypted file; applying an anomaly detection technique to the metadata to compare at least one attribute in the metadata to one or more corresponding historical baseline values for the at least one attribute; and determining whether the encrypted file comprises a ransomware encryption based on the comparison. In some embodiments, one or more of file extension attributes, file size attributes and file name attributes in the metadata are compared to the one or more corresponding historical baseline values to identify a ransomware attack.
展开▼