公开(公告)号：US12124596B2

公开(公告)日：2024-10-22

申请号：US17656880

申请日：2022-03-29

申请人： Acronis International GmbH

发明人： Vladimir Strogov ,  Alexey Sergeev ,  Alexey Kostushko ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： G06F21/62

CPC分类号： G06F21/6218

摘要： The invention relates to data recovery technology. Each created backup is checked for the integrity of the placed files, while calculating the checksums of each block of data that can be restored from the backup. The computer system is restored from a backup copy by connecting it using the archive copy connection driver, which creates a virtual disk that is readable by standard means of the operating system of the computer system being restored. The booting of the operating system is performed from the virtual disk and, after restoring the functioning of the computer system, the system volume that has been damaged is restored from the backup copy to the local storage medium.

公开(公告)号：US12105852B2

公开(公告)日：2024-10-01

申请号：US17804833

申请日：2022-05-31

申请人： Acronis International GmbH

发明人： Nickolay Berko ,  Ivan Klimov ,  Serg Bell ,  Stanislav Protasov

IPC分类号： G06F21/64 ,  G06Q50/18

CPC分类号： G06F21/64 ,  G06Q50/184

摘要： A system for identifying of presence of protected data in an unknown file includes a processor coupled to a memory storing instructions, the processor being configured to implement the instructions to apply a sliding window process to generate one or more fragments of length, for each generated fragment, check whether information about the generated fragment exists in a library of known fragments of protected data, and if the information about the generated fragment from the unknown file exists in the library of known fragments of protected data, perform steps to reflect an existence of the information about the generated fragment.

公开(公告)号：US12066898B2

公开(公告)日：2024-08-20

申请号：US17301256

申请日：2021-03-30

申请人： Acronis International GmbH

发明人： Victor Batraev ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： G06F11/14 ,  G06F8/61 ,  G06F9/455

CPC分类号： G06F11/1451 ,  G06F8/61 ,  G06F9/45558 ,  G06F2009/45595

摘要： A distributed agent for backup and restoration of virtual machines collects backup data and meta-data. The distributed agent includes an agent inside a virtual machine and an agent outside the virtual machine. The two kinds of agents communicate with each other to collect data of different types used to backup and restore virtual machines.

公开(公告)号：US12072978B2

公开(公告)日：2024-08-27

申请号：US17652285

申请日：2022-02-24

申请人： Acronis International GmbH

发明人： Andrey Kulaga ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： G06F21/56

CPC分类号： G06F21/562 ,  G06F21/564 ,  G06F2221/033

摘要： A system for detection of files not matching a known malware file in a computing environment that includes a processor coupled to a memory storing instructions to permit the processor to function as an analyzer. The analyzer is configured to receive, as input, an unknown file and the known malware file, compare the unknown file to the known malware file by comparing N (where N is greater of equal to 1) blocks B1, . . . , BN of lengths L1, . . . , LN located at offsets O1, . . . , ON such that the number of blocks, lengths and offsets are calculated according to pre-defined algorithm, and output a value indicating that the unknown file is different from the known malware file if exists at least one j that a Bj block of the unknown file is different from a Bj block of the known malware file.

公开(公告)号：US12001576B2

公开(公告)日：2024-06-04

申请号：US17444762

申请日：2021-08-10

申请人： Keross FZ-LLC

发明人： Farouk Said

IPC分类号： G06F21/62 ,  G06F21/31 ,  G06F21/46

CPC分类号： G06F21/6218 ,  G06F21/31 ,  G06F21/46 ,  G06F21/629

摘要： In a computer system, an orchestration platform includes extensible components that interact with external systems and technology. The platform is secured by means of architectural features, encryption, and access control.

公开(公告)号：US11916930B2

公开(公告)日：2024-02-27

申请号：US17304941

申请日：2021-06-29

申请人： Acronis International GmbH

发明人： Alexander Tormasov ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： H04L9/40 ,  H04L12/06

CPC分类号： H04L63/1416 ,  H04L12/06 ,  H04L63/20

摘要： A system and method are disclosed for performing non-invasive scan of a target device. The system is configured for: i) loading an endpoint protection agent to a target device; ii) providing a remote direct memory access of the target device to the remote security server for reading a memory of the target device; iii) scanning, by a second memory scan engine of the remote security server, the memory of the target device upon the violation of the security policy; iv) identifying, by the second memory scan engine of the remote security server, a threat on the target device; and v) sending, by the remote security server, a security response action to the endpoint protection agent on the target device in accordance with the security policy.

公开(公告)号：US12130947B2

公开(公告)日：2024-10-29

申请号：US17936405

申请日：2022-09-29

申请人： Acronis International GmbH

发明人： Ivan Klimov ,  Serg Bell ,  Stanislav Protasov

IPC分类号： G06F21/62

CPC分类号： G06F21/6272

摘要： The present disclosure relates to a system and method implemented for lowering the number of fingerprints of fragments of a file added to the digital fingerprint library using a winnowing window method. The digital fingerprint library stores fingerprints of fragments of files matching certain criteria, e.g., containing protected information. When an unknown file is examined, that library is used to compare fingerprints of fragments of size N from the unknown file to the fingerprints stored in the library. The method automatically determines criteria for adding fingerprints to the digital fingerprint library or skipping them.

公开(公告)号：US12111847B2

公开(公告)日：2024-10-08

申请号：US17301277

申请日：2021-03-30

申请人： Acronis International GmbH

发明人： Ilya Kompaniets ,  Ivan Rid ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： G06F16/27 ,  G06F16/22

CPC分类号： G06F16/278 ,  G06F16/2246

摘要： In a multi-tenant hierarchical data storage system, tenant nodes are organized into trees and subtrees including virtual shards and with tenant data on single shards. The system is configured to allow scalable parallel access by a plurality of tenant-users.

公开(公告)号：US12067115B2

公开(公告)日：2024-08-20

申请号：US17449608

申请日：2021-09-30

申请人： Acronis International GmbH

发明人： Andrey Kulaga ,  Nikolay Balakin ,  Maxim Davydov ,  Nikolay Grebennikov ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： G06F21/56 ,  G06F16/28

CPC分类号： G06F21/565 ,  G06F16/285 ,  G06F2221/034

摘要： A system and method for detecting malware using hierarchical clustering analysis. Unknown files classified by clustering and in view of known malicious and known safe files. Machine learning models and detection rules are used to enhance classification accuracy.

公开(公告)号：US12013942B2

公开(公告)日：2024-06-18

申请号：US17656971

申请日：2022-03-29

申请人： Acronis International GmbH

发明人： Vladimir Strogov ,  Sergey Ulasen ,  Serguei Beloussov ,  Stanislav Protasov

IPC分类号： G06F21/56 ,  G06F21/00

CPC分类号： G06F21/566 ,  G06F21/561 ,  G06F2221/033

摘要： The present disclosure relates to a system and method for rootkit detection based on a system dump sequence analysis. The system includes a security system in communication with one or more applications of a computing system. The security system includes a system event monitor to monitor events occurring at the applications, a system dump capture driver to capture differential system dumps corresponding to each event, and a rootkit detection engine to determine if a system state is infected. The rootkit detection engine is based on a machine learning model, where the machine learning model is trained on collection of clean system dumps and infectious system dumps. Based on analysis carried out by the machine learning model, the rootkit detection engine can classify the system state as suspicious, infectious, or clean state.