Patent · US Active

Similar block detection-based detection of a ransomware attack

US12204657B2 · kind B2 · utility

0Cited by

261References

16Claims

0Family size

Assignee

PURE STORAGE, INC. · US

Inventors

Ajay D'Souza · Mountain View, US
Sandeep Phadke · Mountain View, US
Ronald Karr · Palo Alto, US

Key dates

Filing date	Mar 29, 2023
Grant date	Jan 21, 2025
Priority date	—
Expiry date	Apr 26, 2043

Classification

Technology area (CPC G)Physics
CPC primaryG06N3/10
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

An illustrative method includes maintaining, by a data protection system, a metric associated with a similar block detection process performed by a storage system with respect to data processed by the storage system, the metric representative of a measure of similar blocks in the data as detected by the similar block detection process; determining, by the data protection system, that the metric changes by more than a threshold amount; and determining, by the data protection system based on the determining that the metric changes by more than the threshold amount, that the data processed by the storage system is possibly being targeted by a security threat.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.