Ransomware attack monitoring

Examples associated with ransomware attack monitoring are described herein. One example includes a monitor module to monitor files stored on the system for sequences of file accesses that match a predefined pattern of file accesses. An investigation module is activated based on a sequence of file ac...

Full description

Saved in:
Bibliographic Details
Main Authors Ellam, Daniel, Baldwin, Adrian, Husson, Remy
Format Patent
LanguageEnglish
Published 21.02.2023
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Examples associated with ransomware attack monitoring are described herein. One example includes a monitor module to monitor files stored on the system for sequences of file accesses that match a predefined pattern of file accesses. An investigation module is activated based on a sequence of file accesses that match the predefined pattern. The investigation module logs actions taken by processes to modify files. A reaction module pauses a set of processes operating on the system based on the logging performed by the investigation module, and resumes legitimate processes.
Bibliography:Application Number: US202117457434