Browse Prior Art Database

Data files securing system

IP.com Disclosure Number: IPCOM000252648D
Publication Date: 2018-Jan-31
Document File: 1 page(s) / 12K

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 78% of the total text.

Nowadays networks are being attacked by massive ransomware infections (eg WannaCry, Petya, etc.). Every ransomware is using new method of getting into machine, but all of them use similar methods to find which file to encrypt. Our inventions solves problem of having encrypted important files during such attack.

Ransomware are scanning file systems looking for files with specific extension - .doc, .xls, .ppts, .zip, .rar, .jpeg, .mp3. etc. We are proposing to create unique file extension for every file, so they can be used by dedicated software (eg Text editor, archive explorer, image browser, itc) but ransomware will not be able to distinguish if this is important file or not. We are proposing to use few parameters, to calculate hash based on that data and change extension of a file to that hash: • MAC address of a machine • IP • file extension • file size • license of a software used for handling those files We are proposing to take that information, put them together and count hash based on that. Specific algorithm is not important in this case, it can be known MD5 or SSL. Having that information and hash counted, we will have files with long and unknown extensions on machine: My_file.doc -> My_file.12323bbh23bh2120978dfs663bc8ndnd9dn287fnf928hr2 Such extension will be unknown for ransomware, so it will not know if to encrypt such file, so it will be untouched during next attack. Software using that file will have all needed information, so it will be able to encrypt that...

Processing...
Loading...