Dell products l.p. (20240104208). HOST AGENT-ASSISTED DETECTION OF MALICIOUS ATTACK ON STORAGE ARRAY simplified abstract
Contents
- 1 HOST AGENT-ASSISTED DETECTION OF MALICIOUS ATTACK ON STORAGE ARRAY
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 HOST AGENT-ASSISTED DETECTION OF MALICIOUS ATTACK ON STORAGE ARRAY - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Original Abstract Submitted
HOST AGENT-ASSISTED DETECTION OF MALICIOUS ATTACK ON STORAGE ARRAY
Organization Name
Inventor(s)
Krishna Deepak Nuthakki of Bangalore (IN)
Tomer Shachar of Beer-Sheva (IL)
HOST AGENT-ASSISTED DETECTION OF MALICIOUS ATTACK ON STORAGE ARRAY - A simplified explanation of the abstract
This abstract first appeared for US patent application 20240104208 titled 'HOST AGENT-ASSISTED DETECTION OF MALICIOUS ATTACK ON STORAGE ARRAY
Simplified Explanation
The patent application describes a system where host agents running on host servers provide current and historic host application awareness information to a storage array. This information is used to train a host application-specific model of IO characteristics, which is then used to detect malicious activity.
- Host agents on host servers provide current and historic host application awareness information to a storage array.
- The storage array uses this information to train a host application-specific model of IO characteristics.
- The model is used to detect malicious activity by analyzing current host application awareness information and observed IO characteristics.
Potential Applications
This technology could be applied in cybersecurity systems to detect and prevent malicious activities in storage arrays.
Problems Solved
This technology helps in identifying and preventing malicious activities in storage arrays by analyzing host application awareness information and IO characteristics.
Benefits
The system provides an additional layer of security for storage arrays by detecting and preventing malicious activities based on host application awareness information.
Potential Commercial Applications
One potential commercial application of this technology could be in the development of advanced cybersecurity solutions for storage systems.
Possible Prior Art
One possible prior art for this technology could be existing systems that use machine learning models to detect anomalies in storage systems based on IO characteristics and application behavior.
What are the specific types of host application roles mentioned in the abstract?
The specific types of host application roles mentioned in the abstract are normal operation, creation of a remote backup, cloning of the storage object, snapping of the storage object, restoring the storage object from a snapshot, scanning a database in the storage object, and scanning the storage object.
How does the system use the host application-specific model to detect malicious activity?
The system uses the host application-specific model, trained based on historic host application awareness information and observed IO characteristics, to analyze current host application awareness information and IO characteristics. By comparing the observed behavior with the model, the system can detect deviations that may indicate malicious activity.
Original Abstract Submitted
host agents running on host servers provide current and historic host application awareness information to a storage array. the storage array uses the historic host application awareness information to train a host application-specific model of io characteristics. the current host application awareness information and observed io characteristics are used as inputs to the model to detect malicious activity. the current and historic host application awareness information includes host application roles such as normal operation, creation of a remote backup, cloning of the storage object, snapping of the storage object, restoring the storage object from a snapshot, scanning a database in the storage object, and scanning the storage object.