首页>
外国专利>
SSD INTERNAL DEFENSE METHOD INCURRING NO DATA LOSS DUE TO RANSOMWARE, AND RANSOMWARE DETECTION SYSTEM
SSD INTERNAL DEFENSE METHOD INCURRING NO DATA LOSS DUE TO RANSOMWARE, AND RANSOMWARE DETECTION SYSTEM
展开▼
机译:不会因RANSOMWARE而导致数据丢失的SSD内部防御方法以及RANSOMWARE检测系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
An SSD internal defense method incurring no data loss due to ransomware, and a ransomware detection system are disclosed. A method for detecting ransomware operating in a NAND flash memory can comprise the steps of: periodically monitoring IO requests at every pre-defined monitoring period for ransomware detection; checking, on the basis of distribution of the header of the monitored IO requests, whether an overwrite occurred on a memory block having the same logical block address (LBA) as a read-requested block; counting, on the basis of the checking of whether overwriting occurred, the number of overwrites for each of a plurality of pre-defined features in order to specify operational features of the ransomware; and detecting activity of the ransomware on the basis of the counted number of overwrites.
展开▼