Device-based anti-malware
US10733290B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 26, 2017 |
| Grant date | Aug 4, 2020 |
| Priority date | — |
| Expiry date | Jul 10, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Methods and equipment for determining whether a ransomware attack is suspected include a data storage device including a controller; non-volatile memory; a data path between the controller and the non-volatile memory; and an anti-ransomware module configured to monitor the data path. Methods and equipment also include monitoring a data path between a controller and a non-volatile memory on a data storage device; calculating an entropy of a data set to be written to the non-volatile memory; analyzing the calculated entropy; and determining whether a malware attack is suspected. Methods and equipment also include monitoring a data path between a controller and a non-volatile memory on a data storage device; identifying activity indicative of ransomware; once activity indicative of ransomware has been identified, calculating an entropy of a data set to be written to the non-volatile memory; analyzing the calculation; and determining whether a ransomware attack is suspected.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.