DEVICE-BASED ANTI-MALWARE

DEVICE-BASED ANTI-MALWARE

Methods and equipment for determining whether a ransomware attack is suspected include a data storage device including a controller; non-volatile memory; a data path between the controller and the non-volatile memory; and an anti-ransomware module configured to monitor the data path. Methods and equ...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: HAHN, Judah Gamliel, BERLER, Danny
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods and equipment for determining whether a ransomware attack is suspected include a data storage device including a controller; non-volatile memory; a data path between the controller and the non-volatile memory; and an anti-ransomware module configured to monitor the data path. Methods and equipment also include monitoring a data path between a controller and a non-volatile memory on a data storage device; calculating an entropy of a data set to be written to the non-volatile memory; analyzing the calculated entropy; and determining whether a malware attack is suspected. Methods and equipment also include monitoring a data path between a controller and a non-volatile memory on a data storage device; identifying activity indicative of ransomware; once activity indicative of ransomware has been identified, calculating an entropy of a data set to be written to the non-volatile memory; analyzing the calculation; and determining whether a ransomware attack is suspected.