公开(公告)号：US20210342297A1

公开(公告)日：2021-11-04

申请号：US16862470

申请日：2020-04-29

申请人： Rubrik, Inc.

发明人： Anshul Gupta ,  Abdullah Reza ,  Guilherme Vale Ferreira Menezes

IPC分类号： G06F16/11 ,  G06F16/174 ,  G06F16/14 ,  G06F16/13

摘要： A lightweight deduplication system can perform resource efficient data deduplication using an extent index and a content index. The extent index can store full fingerprints of data segments to be deduplicated and the content index can store shortened versions of the full fingerprints. The system can alternate between the extent and content indexes, and cache portions of the indices to perform lightweight data deduplication. Further, the system can be configured with an efficient heuristic approach for selecting content index data lookups for chains of volumes for deduplication, such as a long chain of snapshots.

公开(公告)号：US11941117B2

公开(公告)日：2024-03-26

申请号：US17162721

申请日：2021-01-29

申请人： Rubrik, Inc.

发明人： Oscar Annen ,  Harish Raman Shanker ,  Guilherme Vale Ferreira Menezes ,  Stephen Chu ,  Mohit Gupta ,  Sumeet Bharatbhai Varma

IPC分类号： G06F21/56 ,  G06F11/14 ,  G06F16/11 ,  G06F16/16 ,  G06N20/00

CPC分类号： G06F21/561 ,  G06F11/1451 ,  G06F16/128 ,  G06F16/164 ,  G06F21/568 ,  G06N20/00 ,  G06F2201/80 ,  G06F2201/82 ,  G06F2221/033

摘要： Techniques unmasking ransomware attacks are disclosed. In some embodiments, a computer system performs operations comprising: generating a first prediction that a file system comprising a plurality of files has been attacked by ransomware based on snapshot metadata of the file system using a snapshot-level machine learning prediction model, the snapshot metadata comprising a plurality of file change data indicating a plurality of file change events that have been performed on the file system; in response to the first prediction, generating a classification for each one of the files based on the file change data using a file-level machine learning prediction model, the classification indicating whether the files have been targeted by the ransomware for encryption; determining that one or more files have been targeted by the ransomware based on the classification; and displaying the classification for the one or more files on a computing device of a user.

公开(公告)号：US11663084B2

公开(公告)日：2023-05-30

申请号：US15672159

申请日：2017-08-08

申请人： RUBRIK, INC.

发明人： Jiangbin Luo ,  Guilherme Vale Ferreira Menezes

IPC分类号： G06F11/14 ,  G06F11/20 ,  G06F9/455 ,  G06F16/174 ,  G06F8/65

CPC分类号： G06F11/1451 ,  G06F8/65 ,  G06F11/1415 ,  G06F11/1456 ,  G06F11/20 ,  G06F16/1748 ,  G06F9/45533 ,  G06F2201/815 ,  G06F2201/84

摘要： Methods and systems for automatically upgrading or synchronizing a remote data management agent running on a remote host machine (e.g., a hardware server) to a particular version that is in-sync with a corresponding version used by a cluster of data storage nodes controlling the remote data management agent are described. The remote agent may be initially installed on the remote host and subsequent updates to the remote agent may be performed using the remote agent itself without requiring intervention by the remote host. The remote agent may comprise a backup agent and a bootstrap agent that are each exposed in different network ports or associated with different port numbers or networking addresses. The backup agent may perform data backup related tasks for backing up files stored on the remote host and the bootstrap agent may perform upgrade related tasks for upgrading the backup agent.

公开(公告)号：US11321278B2

公开(公告)日：2022-05-03

申请号：US16862470

申请日：2020-04-29

申请人： Rubrik, Inc.

发明人： Anshul Gupta ,  Abdullah Reza ,  Guilherme Vale Ferreira Menezes

IPC分类号： G06F16/13 ,  G06F16/14 ,  G06F16/174 ,  G06F16/11

摘要： A lightweight deduplication system can perform resource efficient data deduplication using an extent index and a content index. The extent index can store full fingerprints of data segments to be deduplicated and the content index can store shortened versions of the full fingerprints. The system can alternate between the extent and content indexes, and cache portions of the indices to perform lightweight data deduplication. Further, the system can be configured with an efficient heuristic approach for selecting content index data lookups for chains of volumes for deduplication, such as a long chain of snapshots.

公开(公告)号：US20230267046A1

公开(公告)日：2023-08-24

申请号：US18098677

申请日：2023-01-18

申请人： Rubrik, Inc.

发明人： Looi Chow Lee ,  Guilherme Vale Ferreira Menezes

IPC分类号： G06F11/14 ,  G06F11/07 ,  G06F3/06 ,  G06F16/13 ,  G06F16/11

CPC分类号： G06F11/1435 ,  G06F11/0712 ,  G06F3/0644 ,  G06F16/13 ,  G06F16/128 ,  G06F2201/84

摘要： In one approach, filesets to be backed up are divided into partitions and snapshots are pulled for each partition. In one architecture, a data management and storage (DMS) cluster includes a plurality of peer DMS nodes and a distributed data store implemented across the peer DMS nodes. One of the peer DMS nodes receives fileset metadata for the fileset and defines a plurality of partitions for the fileset based on the fileset metadata. The peer DMS nodes operate autonomously to execute jobs to pull snapshots for each of the partitions and to store the snapshots of the partitions in the distributed data store.

公开(公告)号：US20220247766A1

公开(公告)日：2022-08-04

申请号：US17162808

申请日：2021-01-29

申请人： Rubrik, Inc.

发明人： Oscar Annen ,  Sumeet Bharatbhai Varma ,  Guilherme Vale Ferreira Menezes ,  Stephen Chu ,  Mohit Gupta

IPC分类号： H04L29/06 ,  G06F9/455 ,  G06N20/00 ,  G06K9/62 ,  G06F16/953

摘要： Techniques for implementing a scalable automated training framework for anomaly and ransomware detection are disclosed. In some embodiments, a computer system performs operations comprising: instantiating a plurality of virtual machines, each one of the virtual machines being loaded with a corresponding file system; simulating user actions and ransomware on the virtual machines, the simulating of user actions and ransomware on the virtual machines causing changes to the corresponding file systems of the virtual machines; for each one of the plurality of virtual machines, generating a corresponding metadata file based on one or more corresponding snapshots of the virtual machine, the one or more corresponding snapshots indicating the changes to the corresponding file system of the virtual machine; and training a ransomware detection model using a machine learning algorithm and training data, the training data being based on the corresponding metadata files of the virtual machines.

公开(公告)号：US20220245245A1

公开(公告)日：2022-08-04

申请号：US17162721

申请日：2021-01-29

申请人： Rubrik, Inc.

发明人： Oscar Annen ,  Harish Raman Shanker ,  Guilherme Vale Ferreira Menezes ,  Stephen Chu ,  Mohit Gupta ,  Sumeet Bharatbhai Varma

IPC分类号： G06F21/56 ,  G06N20/00 ,  G06F16/16 ,  G06F11/14

摘要： Techniques unmasking ransomware attacks are disclosed. In some embodiments, a computer system performs operations comprising: generating a first prediction that a file system comprising a plurality of files has been attacked by ransomware based on snapshot metadata of the file system using a snapshot-level machine learning prediction model, the snapshot metadata comprising a plurality of file change data indicating a plurality of file change events that have been performed on the file system; in response to the first prediction, generating a classification for each one of the files based on the file change data using a file-level machine learning prediction model, the classification indicating whether the files have been targeted by the ransomware for encryption; determining that one or more files have been targeted by the ransomware based on the classification; and displaying the classification for the one or more files on a computing device of a user.

公开(公告)号：US20240354203A1

公开(公告)日：2024-10-24

申请号：US18757405

申请日：2024-06-27

申请人： Rubrik, Inc.

发明人： Guilherme Vale Ferreira Menezes ,  Nohhyun Park ,  Abhishek Dharmaprikar ,  Rajath Subramanyam ,  Pin Zhou ,  Gaurav Khandelwal ,  Jiangbin Luo

IPC分类号： G06F11/14 ,  G06F16/11 ,  G06F16/16 ,  G06F16/182

CPC分类号： G06F11/1464 ,  G06F16/128 ,  G06F16/164 ,  G06F16/1844

摘要： In some examples, a cluster protection system comprises at least one processor and a memory storing instructions which, when executed by the at least one processor, cause the system to perform operations comprising identifying a target cluster or an object in a container management framework, identifying application data and metadata associated with the target cluster or the object, generating a first snapshot of the target cluster or the object, the first snapshot including at least the metadata, storing the first snapshot in offsite cloud storage, generating a second snapshot of the target cluster, the second snapshot including at least the application data, and storing the second snapshot in a persistent volume in onsite storage.

公开(公告)号：US12045139B2

公开(公告)日：2024-07-23

申请号：US17521006

申请日：2021-11-08

申请人： Rubrik, Inc.

发明人： Guilherme Vale Ferreira Menezes ,  Nohhyun Park ,  Abhishek Dharmaprikar ,  Rajath Subramanyam ,  Pin Zhou ,  Gaurav Khandelwal ,  Jiangbin Luo

IPC分类号： G06F12/00 ,  G06F11/14 ,  G06F16/11 ,  G06F16/16 ,  G06F16/182

CPC分类号： G06F11/1464 ,  G06F16/128 ,  G06F16/164 ,  G06F16/1844

摘要： In some examples, a cluster protection system comprises at least one processor and a memory storing instructions which, when executed by the at least one processor, cause the system to perform operations comprising identifying a target cluster or an object in a container management framework, identifying application data and metadata associated with the target cluster or the object, generating a first snapshot of the target cluster or the object, the first snapshot including at least the metadata, storing the first snapshot in offsite cloud storage, generating a second snapshot of the target cluster, the second snapshot including at least the application data, and storing the second snapshot in a persistent volume in onsite storage.

公开(公告)号：US20240089282A1

公开(公告)日：2024-03-14

申请号：US18516505

申请日：2023-11-21

申请人： Rubrik, Inc.

发明人： Oscar Annen ,  Sumeet Bharatbhai Varma ,  Guilherme Vale Ferreira Menezes ,  Stephen Chu ,  Mohit Gupta

IPC分类号： H04L9/40 ,  G06F9/455 ,  G06F16/953 ,  G06F18/214 ,  G06N20/00

CPC分类号： H04L63/1425 ,  G06F9/45558 ,  G06F16/953 ,  G06F18/214 ,  G06N20/00 ,  H04L63/1416 ,  H04L63/1433 ,  G06F2009/4557 ,  G06F2009/45595

摘要： Techniques for implementing a scalable automated training framework for anomaly and ransomware detection are disclosed. In some embodiments, a computer system performs operations comprising: instantiating a plurality of virtual machines, each one of the virtual machines being loaded with a corresponding file system; simulating user actions and ransomware on the virtual machines, the simulating of user actions and ransomware on the virtual machines causing changes to the corresponding file systems of the virtual machines; for each one of the plurality of virtual machines, generating a corresponding metadata file based on one or more corresponding snapshots of the virtual machine, the one or more corresponding snapshots indicating the changes to the corresponding file system of the virtual machine; and training a ransomware detection model using a machine learning algorithm and training data, the training data being based on the corresponding metadata files of the virtual machines.