Patent · US Active

Systems and methods for countering removal of digital forensics information by malicious software

US11636204B2 · kind B2 · utility

0Cited by

1References

17Claims

0Family size

Assignee

Acronis International GmbH · CH

Inventors

Vladimir Strogov · Moscow, RU
Oleg Ishanov · Moscow, RU
Alexey Dod · Moscow, RU
Serguei Beloussov · Moscow, RU
Stanislav Protasov · Moscow, RU

Key dates

Filing date	Aug 28, 2020
Grant date	Apr 25, 2023
Priority date	—
Expiry date	Apr 18, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2101
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Disclosed herein are systems and methods for preventing anti-forensics actions. In one exemplary aspect, a method may identify a suspicious object from a plurality of objects on a computing device and monitor actions performed by the suspicious object. The method may intercept a first command by the suspicious object to create and/or modify a digital artifact on the computing device and subsequent to intercepting the first command, intercept a second command by the suspicious object to delete at least one of the suspicious object and the digital artifact. In response to intercepting both the first command to create and/or modify the digital artifact and the second command to delete at least one of the suspicious object and the digital artifact, the method may block the second command, and may store the suspicious object and the digital artifact in a digital repository.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.