公开(公告)号：US11785084B2

公开(公告)日：2023-10-10

申请号：US16193347

申请日：2018-11-16

Applicant: NETAPP, INC.

Inventor： Jayanta Basak ,  Ameet Deulgaonkar ,  Siddhartha Nandi

IPC: H04L67/1097 ,  H04L41/12 ,  H04L41/14 ,  G06N20/00

CPC classification number: H04L67/1097 ,  G06N20/00 ,  H04L41/12 ,  H04L41/14

Abstract: Methods and systems for a networked storage system is provided. One method includes transforming by a processor, performance parameters associated with storage volumes of a storage system for representing each storage volume as a data point in a parametric space; generating by the processor, a plurality of bins in the parametric space using the transformed performance parameters; adjusting by the processor, bin boundaries for the plurality of bins for defining a plurality of service levels for the storage system based on the performance parameters; and using the defined plurality of service levels for operating the storage system.

公开(公告)号：US10970595B2

公开(公告)日：2021-04-06

申请号：US16281501

申请日：2019-02-21

Applicant: NETAPP, INC.

Inventor： Deepti Aggarwal ,  Jayanta Basak ,  Siddhartha Nandi

IPC: G06F7/02 ,  G06F16/00 ,  G06K9/62 ,  G06F16/38 ,  G06N20/00 ,  G06F16/93 ,  G06F40/284

Abstract: Methods and systems for document classification are provided. One method includes generating by a processor, a plurality of topics using content of a plurality of electronic documents, where each topic includes a plurality of words associated with the plurality of electronic documents; reducing by the processor, the plurality of topics to a subset of topics to represent the plurality of electronic documents based on a parameter indicating a property of each subset topic and separation between the subset topics; automatically generating by the processor, a tag for each subset topic, based on the tag's position within the subset topic; wherein each tag is an attribute of each subset topic; storing by the processor, the subset of topics with corresponding tags in a model data structure; and updating the model data structure by the processor based on one of a new topic and a new tag associated with an electronic document.

公开(公告)号：US20150066471A1

公开(公告)日：2015-03-05

申请号：US14464637

申请日：2014-08-20

Applicant: NetApp, Inc.

Inventor： Sai Rama Krishna Susarla ,  Thirumale Niranjan ,  Siddhartha Nandi ,  Craig Fulmer Everhart ,  Kaladhar Voruganti ,  Jim Voll

IPC: G06F11/34

CPC classification number: G06F11/3447 ,  G06F11/3414 ,  G06F11/3485 ,  G06F11/3495 ,  H04L41/145

Abstract: Example embodiments provide various techniques for modeling network storage environments. To model a particular storage environment, component models that are associated with the components of the storage environment are loaded. Each component model is programmed to mathematically simulate one or more components of the storage environment. A system model is then composed from the component models and this system model is configured to simulate the storage environment.

公开(公告)号：US20240022597A1

公开(公告)日：2024-01-18

申请号：US18477879

申请日：2023-09-29

Applicant: NetApp Inc.

Inventor： Prateeksha Varshney ,  Siddhartha Nandi ,  Jayanta Basak

IPC: H04L9/40 ,  G06F21/60

CPC classification number: H04L63/145 ,  H04L63/1416 ,  G06F21/602

Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks. In one example, an agent implemented in an operating system detects an overwrite in which an original data component is overwritten with a new data component. The agent computes a plurality of features associated with the overwrite, the plurality of features including an original entropy corresponding to the original data component, a new entropy corresponding to the new data component, an overwrite fraction, and a set of divergence features. The agent determines whether the new data component is encrypted using the plurality of features.

公开(公告)号：US11755736B1

公开(公告)日：2023-09-12

申请号：US17935689

申请日：2022-09-27

Applicant: NetApp, Inc.

Inventor： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC: G06F21/56 ,  G06F21/54 ,  G06F21/60 ,  G06F21/57

CPC classification number: G06F21/566 ,  G06F21/54 ,  G06F21/568 ,  G06F21/577 ,  G06F21/602

Abstract: A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file.

公开(公告)号：US11792223B2

公开(公告)日：2023-10-17

申请号：US17062732

申请日：2020-10-05

Applicant: NetApp, Inc.

Inventor： Prateeksha Varshney ,  Siddhartha Nandi ,  Jayanta Basak

IPC: H04L9/40 ,  G06F21/60

CPC classification number: H04L63/145 ,  G06F21/602 ,  H04L63/1416

Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks. In one example, an agent implemented in an operating system detects an overwrite in which an original data component is overwritten with a new data component. The agent computes a plurality of features associated with the overwrite, the plurality of features including an original entropy corresponding to the original data component, a new entropy corresponding to the new data component, an overwrite fraction, and a set of divergence features. The agent determines whether the new data component is encrypted using the plurality of features.

公开(公告)号：US11662930B2

公开(公告)日：2023-05-30

申请号：US17676342

申请日：2022-02-21

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Dnyaneshwar Nagorao Pawar ,  Jagadish Vasudeva ,  Parag Deshmukh ,  Siddhartha Nandi

IPC: G06F3/06 ,  H04L9/08

CPC classification number: G06F3/0641 ,  G06F3/067 ,  G06F3/0608 ,  H04L9/0838 ,  H04L9/0891

Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.

公开(公告)号：US11475132B2

公开(公告)日：2022-10-18

申请号：US16942123

申请日：2020-07-29

Applicant: NetApp, Inc.

Inventor： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC: G06F21/56 ,  G06F21/54 ,  G06F21/60 ,  G06F21/57

Abstract: A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file is associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.

公开(公告)号：US20220171557A1

公开(公告)日：2022-06-02

申请号：US17676342

申请日：2022-02-21

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Dnyaneshwar Nagorao Pawar ,  Jagadish Vasudeva ,  Parag Deshmukh ,  Siddhartha Nandi

IPC: G06F3/06 ,  H04L9/08

Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.

公开(公告)号：US20210334374A1

公开(公告)日：2021-10-28

申请号：US16942123

申请日：2020-07-29

Applicant: NetApp, Inc.

Inventor： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC: G06F21/56 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60

Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks (e.g., ransomware attacks) and mitigating data loss. In one or more embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.