首页>
外国专利>
SYSTEM AND METHOD FOR DETECTING AND MITIGATING RANSOMWARE THREATS
SYSTEM AND METHOD FOR DETECTING AND MITIGATING RANSOMWARE THREATS
展开▼
机译:检测和缓解勒索威胁的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
This disclosure relates generally to malware detection, and more particularly to system and method for detecting and mitigating ransomware threats. For a User Equipment being monitored, the system performs a behavior analysis of corresponding file system to determine whether any anomalous behavior that would amount to a ransomware threat is associated with flies associated with the file system change, if present, then the system virtualizes the file system on the fly. If information pertaining to the identified anomalous behavior is present in any of the reference databases in the system, then all the I/O calls are terminated or the file system is virtualized for rest of the session. If data pertaining to the identified anomalous behavior is not found in any of the associated databases, then new behavioral features and structural patterns of the identified anomalous behavior and the associated processes are extracted, and the reference databases are updated accordingly.
展开▼