首页>
外国专利>
Automated detection and remediation of ransomware attacks involving a storage device of a computer network
Automated detection and remediation of ransomware attacks involving a storage device of a computer network
展开▼
机译:自动检测和补救涉及计算机网络存储设备的勒索软件攻击
展开▼
页面导航
摘要
著录项
相似文献
摘要
An apparatus in one embodiment comprises a security appliance having a processor coupled to a memory. The security appliance is associated with at least one storage device and comprises a ransomware detector configured to generate a detection score for one or more sets of files stored in the storage device. The ransomware detector comprises a file analyzer configured to compare characteristics relating to a current state of the files with information stored in a file history database, and a detection score generator having a weighting module for applying weights to respective comparison results from the file analyzer in generating the detection score for the one or more sets of files. The ransomware detector is further configured to generate an alert if the detection score for the one or more sets of files exceeds a specified threshold. The alert may be transmitted by the security appliance to a network security system.
展开▼