Patent · US Active

Systems and methods for detecting malware attacks

US11792223B2 · kind B2 · utility

1Cited by

5References

20Claims

0Family size

Assignee

NetApp, Inc. · US

Inventors

Prateeksha Varshney · Kanchinakote, IN
Siddhartha Nandi · Bengaluru, IN
Jayanta Basak · New Delhi, IN

Key dates

Filing date	Oct 5, 2020
Grant date	Oct 17, 2023
Priority date	—
Expiry date	Jul 14, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks. In one example, an agent implemented in an operating system detects an overwrite in which an original data component is overwritten with a new data component. The agent computes a plurality of features associated with the overwrite, the plurality of features including an original entropy corresponding to the original data component, a new entropy corresponding to the new data component, an overwrite fraction, and a set of divergence features. The agent determines whether the new data component is encrypted using the plurality of features.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.