Automated detection and remediation of ransomware attacks involving a storage device of a computer network
US10609066B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 23, 2016 |
| Grant date | Mar 31, 2020 |
| Priority date | — |
| Expiry date | May 26, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An apparatus in one embodiment comprises a storage device having a processor coupled to a memory. The storage device incorporates at least one trap object particularly configured for use in detection of a ransomware attack and not otherwise utilized for storage of operational data in the storage device. The storage device further comprises a ransomware detector configured to monitor the trap object and to generate an alert based at least in part on a result of the monitoring. The trap object may comprise a dummy file system element of the storage device, such as, for example, a file or a directory of a file system of the storage device. Additionally or alternatively, the trap object may comprise one or more specific storage blocks of the storage device with the one or more specific storage blocks being determined at least in part by the file system of the storage device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.