Method and system for storage-based intrusion detection and recovery
US11809605B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 29, 2020 |
| Grant date | Nov 7, 2023 |
| Priority date | — |
| Expiry date | Dec 30, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2115
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An intrusion detection and recovery system includes a copying module that creates a point-in-time copy of a storage level logical unit, the point-in-time copy including a volume copy of the storage level logical unit and signatures of the storage level logical unit, a comparison module that compares at least a portion of the point-in-time copy with a previous copy of the storage level logical unit, a judging module that, based on results of the comparison module, judges if a modification has occurred. A signature of the point-in-time copy is compared with a signature of the previous copy to detect a sign of an intrusion. The signatures of the storage level logical unit include encoded data of files of the storage level logical unit that are monitored in the point-in-time copy.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.