首页>
外国专利>
SYSTEM AND METHOD TO PREVENT, DETECT, THWART, AND RECOVER AUTOMATICALLY FROM RANSOMWARE CYBER ATTACKS, USING BEHAVIORAL ANALYSIS AND MACHINE LEARNING
SYSTEM AND METHOD TO PREVENT, DETECT, THWART, AND RECOVER AUTOMATICALLY FROM RANSOMWARE CYBER ATTACKS, USING BEHAVIORAL ANALYSIS AND MACHINE LEARNING
展开▼
机译:利用行为分析和机器学习自动预防,检测,破坏和恢复勒索软件网络攻击的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
An anti-ransomware system for a computer system has a deception component comprising a decoy module configured to place decoy segments within one or more file systems, a detection component comprising a behavioral analysis module configured to analyze the behavior of a suspected ransomware, and a response component. The response component has a suspend/kill module configured to suspend the suspected ransomware, a restore files module configured to restore files from an on-demand backup system, a capture encryption key module configured to retrieve the encryption used by the suspected ransomware, and a quarantine module configured to quarantine the suspected ransomware on the device and to quarantine the device off the network, to prevent spread of infection. In an embodiment, the detection and/or response components operate within a kernel-level access. The system's detection component may further comprise a machine-learning module, and the decoy segments may be on-demand and dynamic.
展开▼