Patent · US Active

Ransomware protection in advanced injection-based attacks

US12418567B2 · kind B2 · utility

0Cited by

3References

20Claims

0Family size

Assignee

Acronis International GmbH · CH

Inventors

Vladimir Strogov · Moscow, RU
Aliaksei Dodz · Singapore, SG
Serg Bell · Singapore, SG
Stanislav Protasov · Moscow, RU

Key dates

Filing date	Nov 27, 2023
Grant date	Sep 16, 2025
Priority date	—
Expiry date	Mar 20, 2044

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1466
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Systems and methods for ransomware protection in advanced injection-based attacks. The call stack(s) of injected threads are analyzed and a preliminary verdict of benign or malicious can be determined. Additional sensors collect data to associate injected threads with other activities or actors to further estimate the injected thread being benign or malicious. If the threat level is high enough, such as over a given threshold, the preliminary verdict can be determined to be malicious. Subsequently, one or more virtual honeypots are generated for the suspicious threads and the injected thread's response to the virtual honeypots included in anti-ransomware heuristic analysis.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.