CYBER RECOVERY FORENSICS KIT - EXPERIMENTATION AUTOMATION

Organization Name

Dell Products L.P.

Inventor(s)

Ofir Ezrielev of Be'er Sheba (IL)

Jehuda Shemer of Kfar Saba (IL)

Amihai Savir of Newton MA (US)

CYBER RECOVERY FORENSICS KIT - EXPERIMENTATION AUTOMATION - A simplified explanation of the abstract

This abstract first appeared for US patent application 17937888 titled 'CYBER RECOVERY FORENSICS KIT - EXPERIMENTATION AUTOMATION

Simplified Explanation

Automated research experimentation on malware is disclosed in the patent application. When malware is detected, an infected backup is generated and deployed to multiple working environments as recovered production systems, starting from the same state. Different scenarios are performed on the recovered production systems to learn the operational characteristics of the malware operating in them, which can be used to protect against the malware and/or other malware.

• Infected backup generated when malware is detected
• Deployed to multiple working environments as recovered production systems
• Different scenarios performed on the recovered production systems to learn malware operational characteristics
• Insights used to protect against malware and/or other malware

Potential Applications

The technology can be applied in cybersecurity research, malware analysis, and developing better protection mechanisms against malware attacks.

Problems Solved

1. Efficiently studying malware behavior in controlled environments 2. Enhancing cybersecurity measures by understanding malware operational characteristics

Benefits

1. Improved malware detection and prevention capabilities 2. Enhanced cybersecurity defenses 3. Better understanding of malware behavior for future protection strategies

Potential Commercial Applications

"Enhancing Cybersecurity Measures through Automated Malware Experimentation"

Possible Prior Art

There are existing systems and methods for malware analysis and cybersecurity research, but the specific approach of automatically generating infected backups and deploying them to multiple working environments for experimentation may be novel.

Unanswered Questions

How does the patent application address the potential ethical concerns related to experimenting with malware in controlled environments?

The patent application does not provide details on how ethical concerns related to experimenting with malware are addressed. It would be important to consider the potential risks and implications of conducting such experiments in controlled environments.

What are the potential limitations or challenges of deploying infected backups to multiple working environments for malware experimentation?

The patent application does not discuss any potential limitations or challenges that may arise from deploying infected backups to multiple working environments. It would be crucial to consider factors such as data security, system compatibility, and potential spread of malware during experimentation.

Original Abstract Submitted

Automated research experimentation on malware is disclosed. When malware is detected, an infected backup is generated. The infected backup is deployed to multiple working environments as recovered production systems, starting from the same state. Different scenarios are performed on the recovered production systems to learn the operational characteristics of the malware operating in the recovered production systems. The insights may be used to protect against the malware and/or other malware.