17937887. A CYBER RECOVERY FORENSICS KIT CONFIGURED TO MAINTAIN COMMUNICATION AND SEND RETURN MALWARE simplified abstract (Dell Products L.P.)
Contents
A CYBER RECOVERY FORENSICS KIT CONFIGURED TO MAINTAIN COMMUNICATION AND SEND RETURN MALWARE
Organization Name
Inventor(s)
Ofir Ezrielev of Be'er Sheba (IL)
Jehuda Shemer of Kfar Saba (IL)
Amihai Savir of Newton MA (US)
A CYBER RECOVERY FORENSICS KIT CONFIGURED TO MAINTAIN COMMUNICATION AND SEND RETURN MALWARE - A simplified explanation of the abstract
This abstract first appeared for US patent application 17937887 titled 'A CYBER RECOVERY FORENSICS KIT CONFIGURED TO MAINTAIN COMMUNICATION AND SEND RETURN MALWARE
Simplified Explanation
The patent application describes a method for data protection and malware response operations. Here is a simplified explanation of the abstract:
- Malware is allowed to run in a controlled forensic environment to learn its operational characteristics.
- A working scenario with false data is prepared in advance to allow the malware to communicate with a malware host system.
- Once the operational characteristics are learned, a return malware is placed in the data and transmitted to the malware host system by the malware itself.
---
- Potential Applications
This technology can be applied in cybersecurity systems to enhance malware response operations and protect sensitive data from cyber attacks.
- Problems Solved
1. Improved understanding of malware operational characteristics. 2. Enhanced data protection against cyber threats.
- Benefits
1. Increased security measures against malware attacks. 2. Efficient response operations in case of a cyber attack.
- Potential Commercial Applications
"Enhancing Cybersecurity Systems with Advanced Malware Response Operations"
- Possible Prior Art
One possible prior art could be the use of sandbox environments for analyzing malware behavior and developing response strategies.
---
- Unanswered Questions
- How does the malware communicate with the malware host system in the controlled forensic environment?
The abstract does not provide specific details on the communication protocol or method used for the malware to interact with the malware host system.
- What types of malware are targeted by this method?
The abstract does not specify the specific types of malware that can be analyzed and responded to using this technology.
Original Abstract Submitted
Data protection including malware response operations are disclosed. When a production system is attacked, the malware is allowed to run in a forensic environment in order to learn its operational characteristics. The forensic environment includes a working scenario that may be prepared in advance with false data that allows the malware to communicate with a malware host system. Once the operational characteristics are learned, a return malware can be placed in the data. The return malware is transmitted to a malware host system by the malware itself and executed.