Data Processing Arrangement and Method for Detecting Ransomware in a File Catalog

Data Processing Arrangement and Method for Detecting Ransomware in a File Catalog

Provided is a data processing arrangement (100, 200, 300, 400) that is coupled to a data memory arrangement (102) and is configured to generate a file catalog including information describing characteristics of data files stored within the data memory arrangement. The file catalog is periodically up...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Yosub, Shmoolik, Gutman, Michael, Salzman, Shahar, Segal, David, Yeger, Asaf, Natanzon, Assaf
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Provided is a data processing arrangement (100, 200, 300, 400) that is coupled to a data memory arrangement (102) and is configured to generate a file catalog including information describing characteristics of data files stored within the data memory arrangement. The file catalog is periodically updated so that it provides a temporal record of the information. The data processing arrangement is configured to determine a behavioral profile (404) indicative of temporal trends or patterns in the information, and to provide a warning indication in an event that the information for a given data file temporally changes in a manner that deviates more than a threshold amount from a model of expected temporal trends or patterns of the given data file.