公开(公告)号：US11755736B1

公开(公告)日：2023-09-12

申请号：US17935689

申请日：2022-09-27

申请人： NetApp, Inc.

发明人： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC分类号： G06F21/56 ,  G06F21/54 ,  G06F21/60 ,  G06F21/57

CPC分类号： G06F21/566 ,  G06F21/54 ,  G06F21/568 ,  G06F21/577 ,  G06F21/602

摘要： A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file.

公开(公告)号：US11475132B2

公开(公告)日：2022-10-18

申请号：US16942123

申请日：2020-07-29

申请人： NetApp, Inc.

发明人： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC分类号： G06F21/56 ,  G06F21/54 ,  G06F21/60 ,  G06F21/57

摘要： A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file is associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.

公开(公告)号：US20210334374A1

公开(公告)日：2021-10-28

申请号：US16942123

申请日：2020-07-29

申请人： NetApp, Inc.

发明人： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC分类号： G06F21/56 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60

摘要： A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks (e.g., ransomware attacks) and mitigating data loss. In one or more embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.

公开(公告)号：US09852072B2

公开(公告)日：2017-12-26

申请号：US14790701

申请日：2015-07-02

申请人： NetApp, Inc.

发明人： Priya Sehgal ,  Sourav Basu

IPC分类号： G06F12/0815 ,  G06F12/0813 ,  H04L29/08

CPC分类号： G06F12/0815 ,  G06F11/1446 ,  G06F12/0804 ,  G06F12/0813 ,  G06F12/0868 ,  G06F2212/1016 ,  G06F2212/154 ,  G06F2212/314 ,  G06F2212/463 ,  G06F2212/466 ,  G06F2212/621 ,  H04L67/2842

摘要： A method, non-transitory computer readable medium, and device that assists with file-based host-side caching and application consistent write back includes receiving a write operation on a file from a client computing device. When the file for which the write operation has been received is determined when the file is present in the cache. An acknowledgement is sent back to the client computing device indicating the acceptance of the write operation when the file for which the write operation has been received is determined to be present within the cache. The write-back operation is completed for data present in the cache of the storage management computing device to one of the plurality of servers upon sending the acknowledgement.

公开(公告)号：US09317430B2

公开(公告)日：2016-04-19

申请号：US14523655

申请日：2014-10-24

申请人： NetApp, Inc.

发明人： Gokul Soundararajan ,  Kaladhar Voruganti ,  Lakshmi Narayanan Bairavasunda ,  Priya Sehgal ,  Vipul Mathur

IPC分类号： G06F12/00 ,  G06F12/08 ,  G06F13/00 ,  G06F13/28

CPC分类号： G06F12/0811 ,  G06F12/0813 ,  G06F12/0888 ,  G06F2212/2515 ,  G06F2212/284 ,  G06F2212/301 ,  G06F2212/601

摘要： A change in workload characteristics detected at one tier of a multi-tiered cache is communicated to another tier of the multi-tiered cache. Multiple caching elements exist at different tiers, and at least one tier includes a cache element that is dynamically resizable. The communicated change in workload characteristics causes the receiving tier to adjust at least one aspect of cache performance in the multi-tiered cache. In one aspect, at least one dynamically resizable element in the multi-tiered cache is resized responsive to the change in workload characteristics.

摘要翻译： 在多层缓存的一层检测到的工作负载特性的改变被传送到多层高速缓存的另一层。 多个缓存元素存在于不同的层，并且至少一个层包括可动态调整大小的高速缓存元素。 所传达的工作负载特性的改变使得接收层在多层缓存中调整缓存性能的至少一个方面。 在一个方面，响应于工作负载特性的变化来调整多层缓存中的至少一个可动态调整大小的元素。

公开(公告)号：US20150046654A1

公开(公告)日：2015-02-12

申请号：US14523655

申请日：2014-10-24

申请人： NetApp, Inc.

发明人： Gokul Soundararajan ,  Kaladhar Voruganti ,  Lakshmi Narayanan Bairavasunda ,  Priya Sehgal ,  Vipul Mathur

IPC分类号： G06F12/08

CPC分类号： G06F12/0811 ,  G06F12/0813 ,  G06F12/0888 ,  G06F2212/2515 ,  G06F2212/284 ,  G06F2212/301 ,  G06F2212/601

摘要： A change in workload characteristics detected at one tier of a multi-tiered cache is communicated to another tier of the multi-tiered cache. Multiple caching elements exist at different tiers, and at least one tier includes a cache element that is dynamically resizable. The communicated change in workload characteristics causes the receiving tier to adjust at least one aspect of cache performance in the multi-tiered cache. In one aspect, at least one dynamically resizable element in the multi-tiered cache is resized responsive to the change in workload characteristics.

摘要翻译： 在多层缓存的一层检测到的工作负载特性的改变被传送到多层高速缓存的另一层。 多个缓存元素存在于不同的层，并且至少一个层包括可动态调整大小的高速缓存元素。 所传达的工作负载特性的改变使得接收层在多层缓存中调整缓存性能的至少一个方面。 在一个方面，响应于工作负载特性的变化来调整多层缓存中的至少一个可动态调整大小的元素。

公开(公告)号：US12099606B2

公开(公告)日：2024-09-24

申请号：US18464714

申请日：2023-09-11

申请人： NetApp, Inc.

发明人： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC分类号： G06F21/56 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60

CPC分类号： G06F21/566 ,  G06F21/54 ,  G06F21/568 ,  G06F21/577 ,  G06F21/602

摘要： A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file.

公开(公告)号：US20240111870A1

公开(公告)日：2024-04-04

申请号：US18464714

申请日：2023-09-11

申请人： NetApp, Inc.

发明人： Jagadish Vasudeva ,  Prateeksha Varshney ,  Priya Sehgal ,  Mrinal K. Bhattacharjee ,  Amit Valjibhai Panara ,  Siddhartha Nandi

IPC分类号： G06F21/56 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60

CPC分类号： G06F21/566 ,  G06F21/54 ,  G06F21/568 ,  G06F21/577 ,  G06F21/602

摘要： A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file.

公开(公告)号：US20170004082A1

公开(公告)日：2017-01-05

申请号：US14790701

申请日：2015-07-02

申请人： NetApp, Inc.

发明人： Priya Sehgal ,  Sourav Basu

IPC分类号： G06F12/08 ,  H04L29/08

CPC分类号： G06F12/0815 ,  G06F11/1446 ,  G06F12/0804 ,  G06F12/0813 ,  G06F12/0868 ,  G06F2212/1016 ,  G06F2212/154 ,  G06F2212/314 ,  G06F2212/463 ,  G06F2212/466 ,  G06F2212/621 ,  H04L67/2842

摘要： A method, non-transitory computer readable medium, and device that assists with file-based host-side caching and application consistent write back includes receiving a write operation on a file from a client computing device. When the file for which the write operation has been received is determined when the file is present in the cache. An acknowledgement is sent back to the client computing device indicating the acceptance of the write operation when the file for which the write operation has been received is determined to be present within the cache. The write-back operation is completed for data present in the cache of the storage management computing device to one of the plurality of servers upon sending the acknowledgement.

摘要翻译： 辅助基于文件的主机侧缓存和应用一致回写的方法，非暂时性计算机可读介质和设备包括从客户端计算设备接收对文件的写入操作。 当文件存在于高速缓存中时，确定已经接收到写入操作的文件。 当已经接收到写入操作的文件被确定为存在于高速缓存中时，确认被发回到客户端计算设备，指示接受写入操作。 在发送确认之后，将存储在存储管理计算设备的高速缓存中的数据的回写操作完成给多个服务器之一。