Mitigation of malware
US-2015379264-A1 · Dec 31, 2015 · US
Protecting backup files from malware
US2018204000A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2018204000-A1 |
| Application number | US-201815889298-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 6, 2018 |
| Priority date | Jan 19, 2017 |
| Publication date | Jul 19, 2018 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for safeguarding a stored file from malware. In one embodiment, the method includes at least one computer processor receiving, to a storage system, a first file from a first computing device. The method further includes analyzing the received first file to determine whether the received first file is suspected of encryption by malware. The method further includes responding to determining that the received first file is suspected of encryption by malware, initiating one or more actions, including suspending replacement of an instance of the first file backed up to the storage system with the received first file. The method further includes storing the received first file to a portion of the storage system designated for file isolation.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for safeguarding a stored file from malware, the method comprising: determining, by one or more computer processors, that a storage system supports version control of files backed up to the storage system and that the storage system supports user profiles for backing up files to the storage system, a user profile including: identities of one or more computing devices associated with the user; one or more methods for notifying the user of a result of an analysis indicating that malware is suspected of affecting a file of the user; and a list of files that the user backs up to the storage system, the list of files further including: version control information corresponding to the files that the user backs up to the storage system; and an indication, corresponding to each file the user backs up to the storage system, identifying that the file is shared and respective identities corresponding to other computing devices that utilize the shared file; receiving, by one or more computer processors, to a storage system, a version of a first file from a first computing device associated with a first user; and analyzing, by one or more computer processors, the received version of the first file to determine whether the received first file is suspected of encryption by malware, wherein analyzing the received version of the first file to determine whether the received version of the first file is suspected of encryption by malware further comprises: determining, by one or more computer processors, one or more attributes associated with the received version of the first file; comparing, by one or more computer processors, the one or more attributes of the received version of first file to one or more corresponding items related to the received version of the first file, wherein the items related to the received version of first file are selected from a group consisting of a structure of the received first file, a portion of content of the received version of the first file, one or more file attributes of other versions of the first file, a structure of another version of the first file, a portion of content of another version of the first file; and in response to the comparison of the one or more attributes associated with the received version of the first file and the one or more corresponding items related to the received version of the first file identifying one or more differences and determining, by one or more computer processors, that the received first file is suspected of encryption by malware; responsive to determining that the received version of the first file is suspected of encryption by malware, initiating, by one or more computer processors, one or more actions, including: suspending replacement of another version of the first file backed up to the storage system with the received version of the first file; storing the received version of the first file to a portion of the storage system designated for file isolation; transmitting a notification to the first user indicating that the received version of the first file is suspected of encryption by malware; and determining whether the first file is shared based on information within the profile associated with the first user; in response to determining that the first file is shared, identifying, by one or more computer processors, respective identities for other computing devices that utilize the shared first file; and transmitting, by one or more computer processors, another notification to the respective identities for other computing devices that utilize the shared first file, the other notification indicating that the received version of the first file is suspected of encryption by malware.
Assignees
Inventors
Classifications
- G06F21/565Primary
by checking file integrity · CPC title
eliminating virus, restoring damaged files · CPC title
Test or assess a computer or a system · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2018204000A1 cover?
- A method for safeguarding a stored file from malware. In one embodiment, the method includes at least one computer processor receiving, to a storage system, a first file from a first computing device. The method further includes analyzing the received first file to determine whether the received first file is suspected of encryption by malware. The method further includes responding to determin…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/565. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Jul 19 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).