公开(公告)号：US20210334374A1

公开(公告)日：2021-10-28

申请号：US16942123

申请日：2020-07-29

Applicant: NetApp, Inc.

Inventor： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC: G06F21/56 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60

Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks (e.g., ransomware attacks) and mitigating data loss. In one or more embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.

公开(公告)号：US10761750B2

公开(公告)日：2020-09-01

申请号：US15453949

申请日：2017-03-09

Applicant: NetApp Inc.

Inventor： Ravikanth Dronamraju ,  Kyle Diggs Sterling ,  Mrinal K. Bhattacharjee ,  Mohit Gupta

IPC: G06F12/00 ,  G06F3/06 ,  H04L29/06 ,  H04L29/08

Abstract: Techniques are provided for selectively storing data into allocation areas using streams. A set of allocation areas (e.g., ranges of block numbers such as virtual block numbers) are defined for a storage device. Data having particular characteristics (e.g., user data, metadata, hot data, cold data, randomly accessed data, sequentially accessed data, etc.) will be sent to the storage device for selective storage in corresponding allocation areas. For example, when a file system receives a write stream of hot data, the hot data may be assigned to a stream. The stream will be tagged using a stream identifier that is used as an indicator to the storage device to process data of the stream using an allocation area defined for hot data. In this way, data having different characteristics will be stored/confined within particular allocation areas of the storage device to reduce fragmentation and write amplification.

公开(公告)号：US09983817B2

公开(公告)日：2018-05-29

申请号：US15052246

申请日：2016-02-24

Applicant: NetApp, Inc.

Inventor： Travis Ian Callahan ,  Mrinal K. Bhattacharjee ,  Ganga Bhavani Kondapalli ,  William Arthur Gutknecht ,  Andrew Zhu

IPC: G06F3/06 ,  G06F17/30 ,  H04L29/08

CPC classification number: G06F3/0631 ,  G06F3/0604 ,  G06F3/0617 ,  G06F3/0643 ,  G06F3/0644 ,  G06F3/0653 ,  G06F3/067 ,  G06F3/0689 ,  G06F17/30138 ,  G06F17/30194 ,  H04L67/1097

Abstract: Presented herein are methods, non-transitory computer readable media, and devices for allocating resources to a particular volume and triggering a consistency point based on the amount given to each volume, thus providing dynamic consistency point triggers. Methods for providing dynamic consistency point triggers are disclosed which include: determining a volume's capacity to utilize resources based on the volume's performance; receiving an allocation of the divided resources based on total system resources available within the storage system and the volume's performance; and triggering a consistency point upon exhausting a threshold percentage of the received/allocated resources.