Malicious activity detection, validation, and remediation in virtualized file servers
US12182264B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 11, 2022 |
| Grant date | Dec 31, 2024 |
| Priority date | — |
| Expiry date | Aug 25, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Examples of file analytics systems are described that may obtain metadata data and events data from a virtualized file server. The file analytics systems may detect one or more events from the events data matching a criteria indicating malicious activity. The file analytics systems may validate the detection of malicious activity. The validation may be performed by comparing the file type, such as the MIME type, of sample files before and after the suspected malicious activity. The systems may recover a share of the distributed file server including the one or more affected files by replacing the one or more affected files with stored versions of the one or more affected files from a snapshot of the share taken prior to the detected malicious activity.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.