{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-10503904","patent":{"patent_number":"US-10503904","title":"Ransomware detection and mitigation","assignee":null,"inventors":[],"filing_date":"2017-07-24T00:00:00.000Z","publication_date":"2019-12-10T00:00:00.000Z","cpc_codes":["G06F","G06F","G06F","G06F","G06F"],"num_claims":21,"abstract":"A computerized method for detecting and mitigating a ransomware attack is described. The method features (i) a kernel mode agent that intercepts an initiation of a process, intercepts one or more system calls made by the process when the process is determined to be suspicious and copies at least a portion of a protected file to a secure storage location when a request to open a protected file by the process is intercepted when the process is determined to be suspicious, and (ii) a user mode agent that determines whether the process is a suspicious process, monitors processing of the suspicious process and determines whether the suspicious process is associated with a ransomware attack. Additionally, in order to mitigate effects of a ransomware attack, the kernel mode agent may restore the protected file with a copy stored in the secure storage location when a ransomware attack is detected."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Ransomware detection and mitigation","description":"A computerized method for detecting and mitigating a ransomware attack is described. The method features (i) a kernel mode agent that intercepts an initiation of a process, intercepts one or more syst","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-10503904","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-10503904","citation_suggestion":"Patentable. \"Ransomware detection and mitigation\" (US-10503904). https://patentable.app/patents/US-10503904","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-10503904","json":"https://patentable.app/api/llm-context/US-10503904","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-31T09:23:37.653Z"}