The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
May. 06, 2025
Filed:
Oct. 27, 2022
Commvault Systems, Inc., Tinton Falls, NJ (US);
Jitin Jindal, Tinton Falls, NJ (US);
Arun Prasad Amarendran, Manalapan, NJ (US);
Chandan Singh, Hyderabad, IN;
Gopikannan Venugopalsamy, Sunnyvale, CA (US);
Yongtao Liu, Morganville, NJ (US);
Commvault Systems, Inc., Tinton Falls, NJ (US);
Abstract
Backup data is leveraged to determine whether primary data has been encrypted by malware. The disclosed approach does not rely on recognizing particular malware instances or malware provenance, and thus can be applied to any body of data. Even a novel and previously unknown malware attack can be detected in this way. An illustrative data storage management system analyzes secondary copies it created over time, applies a multi-factor analysis to data recovered from the secondary copies and, based on the analysis, infers whether the primary data from which the secondary copies were created may be encrypted. The present approach uses successive versions of backup copies to find indicia of malware encryption, rather than trying to trace or identify the malware itself. Indicia of entropy correlate highly with encryption, such as encryption performed by malware attacks. Conversely, indicia of similarity correlate highly with lack of encryption of successive versions of documents.