The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Mar. 04, 2025
Filed:
Mar. 29, 2022
Acronis International Gmbh, Schaffhausen, CH;
Vladimir Strogov, Singapore, SG;
Sergey Ulasen, Singapore, SG;
Seguei Beloussov, Singapore, SG;
Stanislav Protasov, Singapore, SG;
Acronis International GmbH, Schaffhausen, CH;
Abstract
Forensic analysis on consistent system footprints relates to a system and method for rootkit detection based on forensic analysis performed on consistent system footprints, such as application events, application network communications and application files. The system includes a security system periodically monitoring one or more applications of a computing system. The security system includes a threat detection unit for collecting and storing system memory dumps, a machine learning module trained on clean and infectious memory dump, a similarity scanner to identify similarity between suspicious memory block and consistent system footprints, and a forensic analyzer to perform forensic analysis and detect infection, if any, based on the similarity found. The suspicious memory block is identified by the threat detection unit based on the analysis performed by the machine learning model. Upon rootkit detection an alert and forensic analysis report are generated.