公开(公告)号：EP4009586A1

公开(公告)日：2022-06-08

申请号：EP21212905.0

申请日：2021-12-07

申请人： Deutsche Telekom AG

发明人： MIKITYUK, Alexandra ,  YIN, Ming ,  LAUFER, Viktoria Anna ,  AMIT, Guy ,  SHABTAI, Asaf ,  ELOVICI, Yuval ,  BRODT, Oleg ,  MIMRAN, David

IPC分类号： H04L9/40

摘要： A system for automated neutralization of fileless malware on connected IoT devices, each having a memory, for storing the device's operation software, a processor for sending commands to the device's components and a network card, for connects the device's processor to a data network. The system comprises a Feature Extractor module for receiving, collecting and analyzing data from the device's memory, the processor and the network card, and for recording measurements from the device and extracting the device's behavioral pattern; an Intrusion Detector, for examining the behavioral pattern received from the Feature Extractor and deciding whether there was a malware break/attack or there is a malfunction of the device itself; a Remediation Selector, that learns in real-time how different pre-defined actions affect the monitored devices for receiving from the Intrusion Detector decision if the is device under a malware attack and its kind, and sending remediation, repairing and neutralization commands to an LSTM Neural Network.