DETECTION, ISOLATION, AND MITIGATION OF ATTACKS ON A FILE SYSTEM

DETECTION, ISOLATION, AND MITIGATION OF ATTACKS ON A FILE SYSTEM

Techniques are disclosed to detect, isolate, and/or mitigate an attack on a file system, for example, by malicious software, human actors, and/or compromised Internet-connected devices (bots). A processor of a data processing system detects an abnormal file system access pattern to a file system by...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: DeLine, Peter Anthony, Jones, Michael Randolph, Sims, Robert Charles
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Techniques are disclosed to detect, isolate, and/or mitigate an attack on a file system, for example, by malicious software, human actors, and/or compromised Internet-connected devices (bots). A processor of a data processing system detects an abnormal file system access pattern to a file system by applying statistical process control to network layer packets. Based on detecting the abnormal file system access pattern, the processor temporarily suspends file system access by at least one user ID contributing to the abnormal file system access pattern. The processor provides a notification identifying one or more file system object accessed in the abnormal file system access pattern.