Patent · US Active

Ransomware mitigation system

US10509905B2 · kind B2 · utility

32Cited by

7References

18Claims

0Family size

Assignee

Attivo Networks Inc. · US

Inventors

Anil Gupta · Chelmsford, US
Harinath Vishwanath Ramchetty · Kanchinakote, IN
Venu Vissamsetty · San Jose, US

Key dates

Filing date	Sep 5, 2017
Grant date	Dec 17, 2019
Priority date	—
Expiry date	Nov 15, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/56
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Endpoints in a network environment include remote file systems mounted thereto that reference a file system generator that responds to file system commands with deception data. Requests to list the contents of a directory are intercepted, such as while a response is passed up through an IO stack. The response is modified to include references to deception files and directories that do not actually exist on the system hosting the file system generator. The number of the deception files and directories may be randomly selected. Requests to read deception files are answered by generating a file having a file type corresponding to the deception file. Deception files may be written back to the system by an attacker and then deleted.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.