CN108701188A - 响应于检测潜在勒索软件以用于修改文件备份的系统和方法 - Google Patents
响应于检测潜在勒索软件以用于修改文件备份的系统和方法 Download PDFInfo
- Publication number
- CN108701188A CN108701188A CN201680079102.4A CN201680079102A CN108701188A CN 108701188 A CN108701188 A CN 108701188A CN 201680079102 A CN201680079102 A CN 201680079102A CN 108701188 A CN108701188 A CN 108701188A
- Authority
- CN
- China
- Prior art keywords
- backup
- computing device
- file
- software
- backup copies
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 94
- 230000004044 response Effects 0.000 title claims abstract description 35
- 238000012986 modification Methods 0.000 title claims abstract description 24
- 230000004048 modification Effects 0.000 title claims abstract description 24
- 230000002159 abnormal effect Effects 0.000 claims abstract description 46
- 230000008569 process Effects 0.000 claims abstract description 42
- 238000012790 confirmation Methods 0.000 claims abstract description 37
- 238000001514 detection method Methods 0.000 claims description 33
- 230000015654 memory Effects 0.000 claims description 32
- 238000013459 approach Methods 0.000 claims description 8
- 230000000717 retained effect Effects 0.000 claims description 8
- 238000000926 separation method Methods 0.000 claims description 8
- 230000002155 anti-virotic effect Effects 0.000 claims description 6
- 238000009434 installation Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 36
- 230000008859 change Effects 0.000 description 14
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 5
- 241000700605 Viruses Species 0.000 description 4
- 230000004224 protection Effects 0.000 description 4
- 230000001413 cellular effect Effects 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 208000015181 infectious disease Diseases 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 230000002547 anomalous effect Effects 0.000 description 1
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0623—Securing storage systems in relation to content
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0646—Horizontal data movement in storage systems, i.e. moving data in between storage devices or systems
- G06F3/065—Replication mechanisms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/0671—In-line storage system
- G06F3/0673—Single storage device
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/81—Threshold
Abstract
Description
Claims (20)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/011695 | 2016-02-01 | ||
US15/011,695 US10742665B2 (en) | 2016-02-01 | 2016-02-01 | Systems and methods for modifying file backups in response to detecting potential ransomware |
PCT/US2016/069021 WO2017136073A1 (en) | 2016-02-01 | 2016-12-28 | Systems and methods for modifying file backups in response to detecting potential ransomware |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108701188A true CN108701188A (zh) | 2018-10-23 |
CN108701188B CN108701188B (zh) | 2021-09-24 |
Family
ID=57882142
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201680079102.4A Active CN108701188B (zh) | 2016-02-01 | 2016-12-28 | 响应于检测潜在勒索软件以用于修改文件备份的系统和方法 |
Country Status (5)
Country | Link |
---|---|
US (1) | US10742665B2 (zh) |
EP (1) | EP3411825B1 (zh) |
JP (1) | JP6689992B2 (zh) |
CN (1) | CN108701188B (zh) |
WO (1) | WO2017136073A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10742665B2 (en) | 2016-02-01 | 2020-08-11 | NortonLifeLock Inc. | Systems and methods for modifying file backups in response to detecting potential ransomware |
CN114424194A (zh) * | 2019-04-23 | 2022-04-29 | 微软技术许可有限责任公司 | 自动恶意软件修复和文件恢复管理 |
Families Citing this family (68)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130227352A1 (en) | 2012-02-24 | 2013-08-29 | Commvault Systems, Inc. | Log monitoring |
US9934265B2 (en) | 2015-04-09 | 2018-04-03 | Commvault Systems, Inc. | Management of log data |
US10609075B2 (en) | 2016-05-22 | 2020-03-31 | Guardicore Ltd. | Masquerading and monitoring of shared resources in computer networks |
US20170366563A1 (en) * | 2016-06-21 | 2017-12-21 | Guardicore Ltd. | Agentless ransomware detection and recovery |
US10715533B2 (en) * | 2016-07-26 | 2020-07-14 | Microsoft Technology Licensing, Llc. | Remediation for ransomware attacks on cloud drive folders |
US10671724B2 (en) * | 2016-09-15 | 2020-06-02 | Paypal, Inc. | Techniques for detecting encryption |
US10867040B2 (en) * | 2016-10-17 | 2020-12-15 | Datto, Inc. | Systems and methods for detecting ransomware infection |
US10387648B2 (en) * | 2016-10-26 | 2019-08-20 | Cisco Technology, Inc. | Ransomware key extractor and recovery system |
US10262135B1 (en) * | 2016-12-13 | 2019-04-16 | Symantec Corporation | Systems and methods for detecting and addressing suspicious file restore activities |
US10121003B1 (en) * | 2016-12-20 | 2018-11-06 | Amazon Technologies, Inc. | Detection of malware, such as ransomware |
US11580221B2 (en) * | 2016-12-29 | 2023-02-14 | Dropbox, Inc. | Malware detection and content item recovery |
US10289844B2 (en) * | 2017-01-19 | 2019-05-14 | International Business Machines Corporation | Protecting backup files from malware |
US10628585B2 (en) | 2017-01-23 | 2020-04-21 | Microsoft Technology Licensing, Llc | Ransomware resilient databases |
JP6341307B1 (ja) * | 2017-03-03 | 2018-06-13 | 日本電気株式会社 | 情報処理装置 |
US11960603B2 (en) * | 2017-04-25 | 2024-04-16 | Druva Inc. | Multi-step approach for ransomware detection |
US11003775B2 (en) * | 2017-09-11 | 2021-05-11 | Carbon Black, Inc. | Methods for behavioral detection and prevention of cyberattacks, and related apparatus and techniques |
US11216559B1 (en) * | 2017-09-13 | 2022-01-04 | NortonLifeLock Inc. | Systems and methods for automatically recovering from malware attacks |
US20190108341A1 (en) * | 2017-09-14 | 2019-04-11 | Commvault Systems, Inc. | Ransomware detection and data pruning management |
US11120133B2 (en) | 2017-11-07 | 2021-09-14 | Spinbackup Inc. | Ransomware protection for cloud storage systems |
US20190158512A1 (en) * | 2017-11-20 | 2019-05-23 | Fortinet, Inc. | Lightweight anti-ransomware system |
US11010233B1 (en) | 2018-01-18 | 2021-05-18 | Pure Storage, Inc | Hardware-based system monitoring |
CN108459927B (zh) * | 2018-02-28 | 2021-11-26 | 北京奇艺世纪科技有限公司 | 一种数据备份方法、装置和服务器 |
KR101899774B1 (ko) * | 2018-03-16 | 2018-09-19 | 주식회사 시큐브 | 랜섬웨어 대응을 위한 데이터 처리 방법, 이를 실행시키는 프로그램 및 상기 프로그램을 기록한 컴퓨터 판독 가능한 기록매체 |
US10769278B2 (en) * | 2018-03-30 | 2020-09-08 | Microsoft Technology Licensing, Llc | Service identification of ransomware impact at account level |
US11200320B2 (en) * | 2018-03-30 | 2021-12-14 | Microsoft Technology Licensing, Llc | Coordinating service ransomware detection with client-side ransomware detection |
US11308207B2 (en) | 2018-03-30 | 2022-04-19 | Microsoft Technology Licensing, Llc | User verification of malware impacted files |
US10917416B2 (en) * | 2018-03-30 | 2021-02-09 | Microsoft Technology Licensing, Llc | Service identification of ransomware impacted files |
US10963564B2 (en) | 2018-03-30 | 2021-03-30 | Microsoft Technology Licensing, Llc | Selection of restore point based on detection of malware attack |
US11223649B2 (en) | 2018-05-06 | 2022-01-11 | Nec Corporation | User-added-value-based ransomware detection and prevention |
US11080147B2 (en) | 2018-05-16 | 2021-08-03 | International Business Machines Corporation | Adjusting backup data in response to an abnormality detection |
US10942816B1 (en) * | 2018-09-06 | 2021-03-09 | NortonLifeLock Inc. | Systems and methods for dynamically adjusting a backup policy |
US10795994B2 (en) | 2018-09-26 | 2020-10-06 | Mcafee, Llc | Detecting ransomware |
US11089056B2 (en) | 2018-09-28 | 2021-08-10 | Sophos Limited | Intrusion detection with honeypot keys |
US10891200B2 (en) * | 2019-01-18 | 2021-01-12 | Colbalt Iron, Inc. | Data protection automatic optimization system and method |
US11063907B2 (en) | 2019-01-18 | 2021-07-13 | Cobalt Iron, Inc. | Data protection automatic optimization system and method |
US11308209B2 (en) | 2019-01-18 | 2022-04-19 | Cobalt Iron, Inc. | Data protection automatic optimization system and method |
US11212304B2 (en) * | 2019-01-18 | 2021-12-28 | Cobalt Iron, Inc. | Data protection automatic optimization system and method |
KR102017889B1 (ko) * | 2019-03-25 | 2019-09-03 | 임채율 | 팬 필터 유니트 모니터링 시스템 |
US11405409B2 (en) * | 2019-04-29 | 2022-08-02 | Hewlett Packard Enterprise Development Lp | Threat-aware copy data management |
US11100064B2 (en) | 2019-04-30 | 2021-08-24 | Commvault Systems, Inc. | Automated log-based remediation of an information management system |
US11616810B2 (en) | 2019-06-04 | 2023-03-28 | Datto, Inc. | Methods and systems for ransomware detection, isolation and remediation |
US11347881B2 (en) | 2020-04-06 | 2022-05-31 | Datto, Inc. | Methods and systems for detecting ransomware attack in incremental backup |
US10990675B2 (en) | 2019-06-04 | 2021-04-27 | Datto, Inc. | Methods and systems for detecting a ransomware attack using entropy analysis and file update patterns |
KR102258910B1 (ko) * | 2019-08-07 | 2021-06-01 | 순천향대학교 산학협력단 | 백업 시스템에서 파일의 엔트로피를 기반으로 기계학습을 활용한 효과적인 랜섬웨어 탐지 방법 및 시스템 |
US11693963B2 (en) | 2019-08-13 | 2023-07-04 | International Business Machines Corporation | Automatic ransomware detection with an on-demand file system lock down and automatic repair function |
US11651075B2 (en) | 2019-11-22 | 2023-05-16 | Pure Storage, Inc. | Extensible attack monitoring by a storage system |
US11675898B2 (en) | 2019-11-22 | 2023-06-13 | Pure Storage, Inc. | Recovery dataset management for security threat monitoring |
US20210382992A1 (en) * | 2019-11-22 | 2021-12-09 | Pure Storage, Inc. | Remote Analysis of Potentially Corrupt Data Written to a Storage System |
US11341236B2 (en) | 2019-11-22 | 2022-05-24 | Pure Storage, Inc. | Traffic-based detection of a security threat to a storage system |
US11625481B2 (en) | 2019-11-22 | 2023-04-11 | Pure Storage, Inc. | Selective throttling of operations potentially related to a security threat to a storage system |
US11687418B2 (en) * | 2019-11-22 | 2023-06-27 | Pure Storage, Inc. | Automatic generation of recovery plans specific to individual storage elements |
US11657155B2 (en) | 2019-11-22 | 2023-05-23 | Pure Storage, Inc | Snapshot delta metric based determination of a possible ransomware attack against data maintained by a storage system |
US11755751B2 (en) | 2019-11-22 | 2023-09-12 | Pure Storage, Inc. | Modify access restrictions in response to a possible attack against data stored by a storage system |
US11941116B2 (en) | 2019-11-22 | 2024-03-26 | Pure Storage, Inc. | Ransomware-based data protection parameter modification |
US11615185B2 (en) | 2019-11-22 | 2023-03-28 | Pure Storage, Inc. | Multi-layer security threat detection for a storage system |
US11720692B2 (en) | 2019-11-22 | 2023-08-08 | Pure Storage, Inc. | Hardware token based management of recovery datasets for a storage system |
US11720714B2 (en) | 2019-11-22 | 2023-08-08 | Pure Storage, Inc. | Inter-I/O relationship based detection of a security threat to a storage system |
US11520907B1 (en) | 2019-11-22 | 2022-12-06 | Pure Storage, Inc. | Storage system snapshot retention based on encrypted data |
US11645162B2 (en) | 2019-11-22 | 2023-05-09 | Pure Storage, Inc. | Recovery point determination for data restoration in a storage system |
US11354195B2 (en) * | 2020-02-03 | 2022-06-07 | EMC IP Holding Company LLC | System and method for intelligent asset classification |
KR102395263B1 (ko) * | 2020-08-20 | 2022-05-10 | 한국전자통신연구원 | 메모리 분석 기반 암호화 키 복구 장치 및 방법 |
IT202000028874A1 (it) | 2020-11-27 | 2022-05-27 | F&F S R L | Metodo, sistema, dispositivo e uso anti-ransomware di restore and data protection per endpoint |
US11971989B2 (en) | 2021-02-02 | 2024-04-30 | Predatar Ltd | Computer recovery system |
US11574050B2 (en) | 2021-03-12 | 2023-02-07 | Commvault Systems, Inc. | Media agent hardening against ransomware attacks |
CN113360909B (zh) * | 2021-06-17 | 2022-10-28 | 深圳融安网络科技有限公司 | 勒索病毒防御方法、勒索病毒防御设备及可读存储介质 |
CN113949555B (zh) * | 2021-10-13 | 2023-01-31 | 中国商用飞机有限责任公司 | 基于时间标记和数据比对模块的机上网络防御方法和系统 |
US11663336B1 (en) | 2022-04-06 | 2023-05-30 | Dell Products L.P. | Block-based protection from ransomware |
US11755733B1 (en) | 2022-04-06 | 2023-09-12 | Dell Products L.P. | Identifying ransomware host attacker |
Citations (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6611850B1 (en) * | 1997-08-26 | 2003-08-26 | Reliatech Ltd. | Method and control apparatus for file backup and restoration |
US20040107199A1 (en) * | 2002-08-22 | 2004-06-03 | Mdt Inc. | Computer application backup method and system |
JP2009116773A (ja) * | 2007-11-09 | 2009-05-28 | Hitachi Ltd | バックアップ実行可否判定システム |
CN101546284A (zh) * | 2009-04-28 | 2009-09-30 | 冠捷科技(武汉)有限公司 | 一种液晶显示设备数据资料的恢复方法 |
US20110041004A1 (en) * | 2009-08-12 | 2011-02-17 | Hitachi, Ltd. | Backup management method based on mode of failure |
US20110082838A1 (en) * | 2009-10-07 | 2011-04-07 | F-Secure Oyj | Computer security method and apparatus |
CN102629310A (zh) * | 2012-02-29 | 2012-08-08 | 卡巴斯基实验室封闭式股份公司 | 用于保护计算机系统免遭恶意对象活动侵害的系统和方法 |
US20130067576A1 (en) * | 2011-09-13 | 2013-03-14 | F-Secure Corporation | Restoration of file damage caused by malware |
US8499349B1 (en) * | 2009-04-22 | 2013-07-30 | Trend Micro, Inc. | Detection and restoration of files patched by malware |
US20130254839A1 (en) * | 2005-12-28 | 2013-09-26 | Websense, Inc. | Real time lockdown |
US20140007181A1 (en) * | 2012-07-02 | 2014-01-02 | Sumit Sarin | System and method for data loss prevention in a virtualized environment |
US20140090061A1 (en) * | 2012-09-26 | 2014-03-27 | Northrop Grumman Systems Corporation | System and method for automated machine-learning, zero-day malware detection |
US20140122508A1 (en) * | 2012-10-30 | 2014-05-01 | FHOOSH, Inc. | Systems and methods for secure storage of user information in a user profile |
US20140223566A1 (en) * | 2013-02-01 | 2014-08-07 | Kaspersky Lab, Zao | System and method for automatic generation of heuristic algorithms for malicious object identification |
US20150058987A1 (en) * | 2013-08-22 | 2015-02-26 | F-Secure Corporation | Detecting File Encrypting Malware |
US20150172304A1 (en) * | 2013-12-16 | 2015-06-18 | Malwarebytes Corporation | Secure backup with anti-malware scan |
US9317686B1 (en) * | 2013-07-16 | 2016-04-19 | Trend Micro Inc. | File backup to combat ransomware |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10019574B2 (en) * | 2011-12-22 | 2018-07-10 | Intel Corporation | Systems and methods for providing dynamic file system awareness on storage devices |
US9578042B2 (en) * | 2015-03-06 | 2017-02-21 | International Business Machines Corporation | Identifying malicious web infrastructures |
US10303666B2 (en) * | 2015-03-09 | 2019-05-28 | International Business Machines Corporation | File transfer system using file backup times |
US9934265B2 (en) * | 2015-04-09 | 2018-04-03 | Commvault Systems, Inc. | Management of log data |
WO2017023775A1 (en) * | 2015-07-31 | 2017-02-09 | Digital Guardian, Inc. | Systems and methods of protecting data from malware processes |
WO2017125935A1 (en) * | 2016-01-24 | 2017-07-27 | Minerva Labs Ltd. | Ransomware attack remediation |
US10742665B2 (en) | 2016-02-01 | 2020-08-11 | NortonLifeLock Inc. | Systems and methods for modifying file backups in response to detecting potential ransomware |
US10303877B2 (en) * | 2016-06-21 | 2019-05-28 | Acronis International Gmbh | Methods of preserving and protecting user data from modification or loss due to malware |
-
2016
- 2016-02-01 US US15/011,695 patent/US10742665B2/en active Active
- 2016-12-28 WO PCT/US2016/069021 patent/WO2017136073A1/en active Application Filing
- 2016-12-28 CN CN201680079102.4A patent/CN108701188B/zh active Active
- 2016-12-28 JP JP2018537460A patent/JP6689992B2/ja active Active
- 2016-12-28 EP EP16829470.0A patent/EP3411825B1/en active Active
Patent Citations (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6611850B1 (en) * | 1997-08-26 | 2003-08-26 | Reliatech Ltd. | Method and control apparatus for file backup and restoration |
US20040107199A1 (en) * | 2002-08-22 | 2004-06-03 | Mdt Inc. | Computer application backup method and system |
US20130254839A1 (en) * | 2005-12-28 | 2013-09-26 | Websense, Inc. | Real time lockdown |
JP2009116773A (ja) * | 2007-11-09 | 2009-05-28 | Hitachi Ltd | バックアップ実行可否判定システム |
US8499349B1 (en) * | 2009-04-22 | 2013-07-30 | Trend Micro, Inc. | Detection and restoration of files patched by malware |
CN101546284A (zh) * | 2009-04-28 | 2009-09-30 | 冠捷科技(武汉)有限公司 | 一种液晶显示设备数据资料的恢复方法 |
US20110041004A1 (en) * | 2009-08-12 | 2011-02-17 | Hitachi, Ltd. | Backup management method based on mode of failure |
US20110082838A1 (en) * | 2009-10-07 | 2011-04-07 | F-Secure Oyj | Computer security method and apparatus |
US20130067576A1 (en) * | 2011-09-13 | 2013-03-14 | F-Secure Corporation | Restoration of file damage caused by malware |
CN102629310A (zh) * | 2012-02-29 | 2012-08-08 | 卡巴斯基实验室封闭式股份公司 | 用于保护计算机系统免遭恶意对象活动侵害的系统和方法 |
US20140007181A1 (en) * | 2012-07-02 | 2014-01-02 | Sumit Sarin | System and method for data loss prevention in a virtualized environment |
US20140090061A1 (en) * | 2012-09-26 | 2014-03-27 | Northrop Grumman Systems Corporation | System and method for automated machine-learning, zero-day malware detection |
US20140122508A1 (en) * | 2012-10-30 | 2014-05-01 | FHOOSH, Inc. | Systems and methods for secure storage of user information in a user profile |
US20140223566A1 (en) * | 2013-02-01 | 2014-08-07 | Kaspersky Lab, Zao | System and method for automatic generation of heuristic algorithms for malicious object identification |
US9317686B1 (en) * | 2013-07-16 | 2016-04-19 | Trend Micro Inc. | File backup to combat ransomware |
US20150058987A1 (en) * | 2013-08-22 | 2015-02-26 | F-Secure Corporation | Detecting File Encrypting Malware |
US20150172304A1 (en) * | 2013-12-16 | 2015-06-18 | Malwarebytes Corporation | Secure backup with anti-malware scan |
Non-Patent Citations (1)
Title |
---|
孙凤杰: "修改默认存储路径使系统更安全", 《计算机光盘软件与应用》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10742665B2 (en) | 2016-02-01 | 2020-08-11 | NortonLifeLock Inc. | Systems and methods for modifying file backups in response to detecting potential ransomware |
CN114424194A (zh) * | 2019-04-23 | 2022-04-29 | 微软技术许可有限责任公司 | 自动恶意软件修复和文件恢复管理 |
Also Published As
Publication number | Publication date |
---|---|
JP2019505919A (ja) | 2019-02-28 |
JP6689992B2 (ja) | 2020-04-28 |
WO2017136073A1 (en) | 2017-08-10 |
CN108701188B (zh) | 2021-09-24 |
US10742665B2 (en) | 2020-08-11 |
US20170223031A1 (en) | 2017-08-03 |
EP3411825B1 (en) | 2020-02-05 |
EP3411825A1 (en) | 2018-12-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108701188A (zh) | 响应于检测潜在勒索软件以用于修改文件备份的系统和方法 | |
US9245123B1 (en) | Systems and methods for identifying malicious files | |
EP3374922B1 (en) | Systems and methods for protecting backed-up data from ransomware attacks | |
CN107810504B (zh) | 基于用户行为确定恶意下载风险的系统和方法 | |
CN109074452B (zh) | 用于生成绊网文件的系统和方法 | |
US20200082081A1 (en) | Systems and methods for threat and information protection through file classification | |
US9077747B1 (en) | Systems and methods for responding to security breaches | |
US10410158B1 (en) | Systems and methods for evaluating cybersecurity risk | |
JP6196393B2 (ja) | プリインストールアプリケーションのスキャンを最適化するためのシステム及び方法 | |
US9813443B1 (en) | Systems and methods for remediating the effects of malware | |
US11275831B1 (en) | Systems and methods for detecting anomalous system command line data | |
US10366233B1 (en) | Systems and methods for trichotomous malware classification | |
JP2019516160A (ja) | セキュリティ脅威を検出するためのシステム及び方法 | |
CN108027757A (zh) | 用于从不透明数据备份流恢复数据的系统和方法 | |
US20200169570A1 (en) | Systems and methods for detecting malware infections associated with domain generation algorithms | |
US10489587B1 (en) | Systems and methods for classifying files as specific types of malware | |
US11032319B1 (en) | Systems and methods for preparing honeypot computer files | |
CN109997138A (zh) | 用于检测计算设备上的恶意进程的系统和方法 | |
US9900330B1 (en) | Systems and methods for identifying potentially risky data users within organizations | |
US11023580B1 (en) | Systems and methods for cross-product malware categorization | |
US10887339B1 (en) | Systems and methods for protecting a cloud storage against suspected malware | |
US10944781B1 (en) | Systems and methods for identifying malicious domain names from a passive domain name system server log | |
US9659176B1 (en) | Systems and methods for generating repair scripts that facilitate remediation of malware side-effects | |
US11216559B1 (en) | Systems and methods for automatically recovering from malware attacks | |
US10706167B1 (en) | Systems and methods for enforcing privacy in cloud security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: California, USA Applicant after: Norton weifuke Co. Address before: California, USA Applicant before: Symantec Corp. |
|
CB02 | Change of applicant information |
Address after: California, USA Applicant after: Norton weifuke Co. Address before: California, USA Applicant before: Symantec Corp. |
|
CB02 | Change of applicant information | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Arizona, USA Applicant after: Norton weifuke Co. Address before: California, USA Applicant before: Norton weifuke Co. |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: Arizona Patentee after: Keane Digital Co. Address before: Arizona Patentee before: Norton weifuke Co. |