首页>
外国专利>
SYSTEM AND METHOD TO PREVENT, DETECT, THWART AND RECOVER AUTOMATICALLY FROM RANSOMWARE CYBER ATTACKS
SYSTEM AND METHOD TO PREVENT, DETECT, THWART AND RECOVER AUTOMATICALLY FROM RANSOMWARE CYBER ATTACKS
展开▼
机译:自动从RANSOMWARE网络攻击中预防,检测,破坏和恢复的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
An anti-ransomware system for a computer system has a deception component comprising a decoy module configured to place decoy segments within one or more file systems, a detection component comprising a behavioral analysis module configured to analyze the behavior of a suspected ransomware, and a response component. The response component has a suspend/kill module configured to suspend the suspected ransomware, a restore files module configured to restore files from an on-demand backup system, a capture encryption key module configured to retrieve the encryption used by the suspected ransomware, and a quarantine module configured to quarantine the suspected ransomware on the device and to quarantine the device off the network, to prevent spread of infection. In an embodiment, the detection and/or response components operate within a kernel-level access. The system's detection component may further comprise a machine-learning module, and the decoy segments may be on-demand and dynamic.
展开▼