The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 18, 2024
Filed:
Mar. 29, 2022
Acronis International Gmbh, Schaffhausen, CH;
Vladimir Strogov, Singapore, SG;
Sergey Ulasen, Singapore, SG;
Serguei Beloussov, Singapore, SG;
Stanislav Protasov, Singapore, SG;
Acronis International GmbH, Schaffhausen, CH;
Abstract
The present disclosure relates to a system and method for rootkit detection based on a system dump sequence analysis. The system includes a security system in communication with one or more applications of a computing system. The security system includes a system event monitor to monitor events occurring at the applications, a system dump capture driver to capture differential system dumps corresponding to each event, and a rootkit detection engine to determine if a system state is infected. The rootkit detection engine is based on a machine learning model, where the machine learning model is trained on collection of clean system dumps and infectious system dumps. Based on analysis carried out by the machine learning model, the rootkit detection engine can classify the system state as suspicious, infectious, or clean state.