18295366. RANSOMWARE DISCOVERY BY DETECTION OF TRANSMIT/OVERWRITE PROCESSES simplified abstract (Dell Products L.P.)

From WikiPatents
Revision as of 02:47, 18 October 2024 by Wikipatents (talk | contribs) (Creating a new page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

RANSOMWARE DISCOVERY BY DETECTION OF TRANSMIT/OVERWRITE PROCESSES

Organization Name

Dell Products L.P.

Inventor(s)

Ofir Ezrielev of Be’er Sheba (IL)

Yehiel Zohar of Sderot (IL)

Yevgeni Gehtman of Modi'in (IL)

Tomer Shachar of Beer-Sheva (IL)

Maxim Balin of Gan-Yavne (IL)

RANSOMWARE DISCOVERY BY DETECTION OF TRANSMIT/OVERWRITE PROCESSES - A simplified explanation of the abstract

This abstract first appeared for US patent application 18295366 titled 'RANSOMWARE DISCOVERY BY DETECTION OF TRANSMIT/OVERWRITE PROCESSES

The patent application describes a method for detecting and preventing ransomware attacks by monitoring write operations on data and disabling writes when unauthorized recipients are detected.

  • Detect write operations requested by a process on data.
  • Determine if the data is being transmitted to an unknown or unauthorized recipient by the same process.
  • Disable writes to the data if unauthorized transmission is detected.
  • Log differentials associated with subsequent requested write operations.
  • Alert a security protocol about the suspected ransomware process.

Potential Applications: - Cybersecurity systems - Data protection software - Ransomware prevention tools

Problems Solved: - Preventing unauthorized data transmission - Detecting and stopping ransomware attacks

Benefits: - Enhanced data security - Protection against ransomware threats - Real-time monitoring and response capabilities

Commercial Applications: Title: "Ransomware Prevention System for Enhanced Data Security" This technology can be used in industries such as finance, healthcare, and government to safeguard sensitive information and prevent costly ransomware attacks.

Questions about the technology: 1. How does this method differentiate between authorized and unauthorized recipients of data? - The system analyzes the recipient's identity and permissions to determine if they are authorized to receive the data. 2. What measures are in place to ensure the security protocol is alerted promptly in case of a suspected ransomware attack? - The system is designed to trigger immediate alerts to the security protocol when unauthorized data transmission is detected.


Original Abstract Submitted

One method includes detecting write operations requested by a process with respect to data, determining whether the data is being transmitted, by the same process, to a recipient that is unknown or unauthorized to receive the data, when it is determined that the data is being transmitted to the recipient that is unknown or unauthorized to receive the data, disabling writes to the data, for subsequent requested write operations, logging differentials associated with those subsequent requested write operations, and alerting a security protocol that the process is a suspected ransomware process.

Retrieved from "http://wikipatents.org/index.php?title=18295366._RANSOMWARE_DISCOVERY_BY_DETECTION_OF_TRANSMIT/OVERWRITE_PROCESSES_simplified_abstract_(Dell_Products_L.P.)&oldid=251466"