Search International and National Patent Collections

1. (WO2017064710) METHOD OF REMEDIATING A PROGRAM AND SYSTEM THEREOF BY UNDOING OPERATIONS

Pub. No.:    WO/2017/064710    International Application No.:    PCT/IL2016/051110
Publication Date: Fri Apr 21 01:59:59 CEST 2017 International Filing Date: Fri Oct 14 01:59:59 CEST 2016
IPC: G06F 21/52
G06F 21/55
G06F 21/56
Applicants: SENTINEL LABS ISRAEL LTD.
Inventors: COHEN, Almog
WEINGARTEN, Tomer
SALEM, Shlomi
IZRAELI, Nir
KARELSBAD, Asaf
Title: METHOD OF REMEDIATING A PROGRAM AND SYSTEM THEREOF BY UNDOING OPERATIONS
Abstract:
There is provided a system and a computerized method of remediating a given program running in an operating system, the method comprising: querying a stateful model to retrieve a group of entities related to the given program; terminating at least a sub set of the group of entities related to the given program; generating a remediation plan including one or more operations linked to the given program, the one or more operations being retrieved based on the group in the stateful model; and executing the remediation plan by undoing at least part of the one or more operations linked to the given program thereby restoring state of the operating system to a state prior to the given program being executed. There is further provided a computerized method of detecting malicious code related to a program in an operating system in a live environment.