Patents by Inventor Siddhartha Nandi
Siddhartha Nandi has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240111870Abstract: A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file.Type: ApplicationFiled: September 11, 2023Publication date: April 4, 2024Inventors: Jagadish Vasudeva, Prateeksha Varshney, Priya Sehgal, Mrinal K. Bhattacharjee, Amit Valjibhai Panara, Siddhartha Nandi
-
Publication number: 20240022597Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks. In one example, an agent implemented in an operating system detects an overwrite in which an original data component is overwritten with a new data component. The agent computes a plurality of features associated with the overwrite, the plurality of features including an original entropy corresponding to the original data component, a new entropy corresponding to the new data component, an overwrite fraction, and a set of divergence features. The agent determines whether the new data component is encrypted using the plurality of features.Type: ApplicationFiled: September 29, 2023Publication date: January 18, 2024Inventors: Prateeksha Varshney, Siddhartha Nandi, Jayanta Basak
-
Publication number: 20240007527Abstract: Methods and systems for a networked storage system is provided. One method includes transforming by a processor, performance parameters associated with storage volumes of a storage system for representing each storage volume as a data point in a parametric space; generating by the processor, a plurality of bins in the parametric space using the transformed performance parameters; adjusting by the processor, bin boundaries for the plurality of bins for defining a plurality of service levels for the storage system based on the performance parameters; and using the defined plurality of service levels for operating the storage system.Type: ApplicationFiled: September 12, 2023Publication date: January 4, 2024Inventors: Jayanta Basak, Ameet Deulgaonkar, Siddhartha Nandi
-
Patent number: 11792223Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks. In one example, an agent implemented in an operating system detects an overwrite in which an original data component is overwritten with a new data component. The agent computes a plurality of features associated with the overwrite, the plurality of features including an original entropy corresponding to the original data component, a new entropy corresponding to the new data component, an overwrite fraction, and a set of divergence features. The agent determines whether the new data component is encrypted using the plurality of features.Type: GrantFiled: October 5, 2020Date of Patent: October 17, 2023Assignee: NETAPP, INC.Inventors: Prateeksha Varshney, Siddhartha Nandi, Jayanta Basak
-
Patent number: 11785084Abstract: Methods and systems for a networked storage system is provided. One method includes transforming by a processor, performance parameters associated with storage volumes of a storage system for representing each storage volume as a data point in a parametric space; generating by the processor, a plurality of bins in the parametric space using the transformed performance parameters; adjusting by the processor, bin boundaries for the plurality of bins for defining a plurality of service levels for the storage system based on the performance parameters; and using the defined plurality of service levels for operating the storage system.Type: GrantFiled: November 16, 2018Date of Patent: October 10, 2023Assignee: NETAPP, INC.Inventors: Jayanta Basak, Ameet Deulgaonkar, Siddhartha Nandi
-
Publication number: 20230297264Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.Type: ApplicationFiled: May 26, 2023Publication date: September 21, 2023Inventors: Srinivasan Narayanamurthy, Dnyaneshwar Nagorao Pawar, Jagadish Vasudeva, Parag Deshmukh, Siddhartha Nandi
-
Patent number: 11755736Abstract: A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file.Type: GrantFiled: September 27, 2022Date of Patent: September 12, 2023Assignee: NETAPP, INC.Inventors: Jagadish Vasudeva, Prateeksha Varshney, Priya Sehgal, Mrinal K. Bhattacharjee, Amit Valjibhai Panara, Siddhartha Nandi
-
Patent number: 11662930Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.Type: GrantFiled: February 21, 2022Date of Patent: May 30, 2023Assignee: NetApp, Inc.Inventors: Srinivasan Narayanamurthy, Dnyaneshwar Nagorao Pawar, Jagadish Vasudeva, Parag Deshmukh, Siddhartha Nandi
-
Patent number: 11475132Abstract: A method, computing device, and non-transitory machine-readable medium for detecting malware attacks and mitigating data loss. In various embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file is associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.Type: GrantFiled: July 29, 2020Date of Patent: October 18, 2022Assignee: NETAPP, INC.Inventors: Jagadish Vasudeva, Prateeksha Varshney, Priya Sehgal, Mrinal K. Bhattacharjee, Amit Valjibhai Panara, Siddhartha Nandi
-
Publication number: 20220171557Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.Type: ApplicationFiled: February 21, 2022Publication date: June 2, 2022Inventors: Srinivasan Narayanamurthy, Dnyaneshwar Nagorao Pawar, Jagadish Vasudeva, Parag Deshmukh, Siddhartha Nandi
-
Patent number: 11256433Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.Type: GrantFiled: March 15, 2019Date of Patent: February 22, 2022Assignee: NetApp, Inc.Inventors: Srinivasan Narayanamurthy, Dnyaneshwar Nagorao Pawar, Jagadish Vasudeva, Parag Deshmukh, Siddhartha Nandi
-
Publication number: 20210409425Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks. In one example, an agent implemented in an operating system detects an overwrite in which an original data component is overwritten with a new data component. The agent computes a plurality of features associated with the overwrite, the plurality of features including an original entropy corresponding to the original data component, a new entropy corresponding to the new data component, an overwrite fraction, and a set of divergence features. The agent determines whether the new data component is encrypted using the plurality of features.Type: ApplicationFiled: October 5, 2020Publication date: December 30, 2021Inventors: Prateeksha Varshney, Siddhartha Nandi, Jayanta Basak
-
Publication number: 20210334374Abstract: A method, a computing device, and a non-transitory machine-readable medium for detecting malware attacks (e.g., ransomware attacks) and mitigating data loss. In one or more embodiments, an agent is implemented in the operating system of a storage node to provide protection at the bottommost level in a data write path. The agent intercepts write requests and observes file events over time to detect anomalous behavior. For example, the agent may monitor incoming write requests and, when an incoming write request is detected, determine whether the file is associated with a malware attack risk based on an analysis of an encryption state of data in the file. If the file associated with a malware attack risk, an entry for the file is added to a file log. The agent may analyze the chi-square values for data written to the files, the file log, and the file format to determine whether a malware attack is underway.Type: ApplicationFiled: July 29, 2020Publication date: October 28, 2021Inventors: Jagadish Vasudeva, Prateeksha Varshney, Priya Sehgal, Mrinal K. Bhattacharjee, Amit Valjibhai Panara, Siddhartha Nandi
-
Patent number: 10970595Abstract: Methods and systems for document classification are provided. One method includes generating by a processor, a plurality of topics using content of a plurality of electronic documents, where each topic includes a plurality of words associated with the plurality of electronic documents; reducing by the processor, the plurality of topics to a subset of topics to represent the plurality of electronic documents based on a parameter indicating a property of each subset topic and separation between the subset topics; automatically generating by the processor, a tag for each subset topic, based on the tag's position within the subset topic; wherein each tag is an attribute of each subset topic; storing by the processor, the subset of topics with corresponding tags in a model data structure; and updating the model data structure by the processor based on one of a new topic and a new tag associated with an electronic document.Type: GrantFiled: February 21, 2019Date of Patent: April 6, 2021Assignee: NETAPP, INC.Inventors: Deepti Aggarwal, Jayanta Basak, Siddhartha Nandi
-
Publication number: 20200293212Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.Type: ApplicationFiled: March 15, 2019Publication date: September 17, 2020Inventors: Srinivasan Narayanamurthy, Dnyaneshwar Nagorao Pawar, Jagadish Vasudeva, Parag Deshmukh, Siddhartha Nandi
-
Publication number: 20190394273Abstract: Methods and systems for a networked storage system is provided. One method includes transforming by a processor, performance parameters associated with storage volumes of a storage system for representing each storage volume as a data point in a parametric space; generating by the processor, a plurality of bins in the parametric space using the transformed performance parameters; adjusting by the processor, bin boundaries for the plurality of bins for defining a plurality of service levels for the storage system based on the performance parameters; and using the defined plurality of service levels for operating the storage system.Type: ApplicationFiled: November 16, 2018Publication date: December 26, 2019Applicant: NETAPP, INC.Inventors: Jayanta Basak, Ameet Deulgaonkar, Siddhartha Nandi
-
Publication number: 20190392250Abstract: Methods and systems for document classification are provided. One method includes generating by a processor, a plurality of topics using content of a plurality of electronic documents, where each topic includes a plurality of words associated with the plurality of electronic documents; reducing by the processor, the plurality of topics to a subset of topics to represent the plurality of electronic documents based on a parameter indicating a property of each subset topic and separation between the subset topics; automatically generating by the processor, a tag for each subset topic, based on the tag's position within the subset topic; wherein each tag is an attribute of each subset topic; storing by the processor, the subset of topics with corresponding tags in a model data structure; and updating the model data structure by the processor based on one of a new topic and a new tag associated with an electronic document.Type: ApplicationFiled: February 21, 2019Publication date: December 26, 2019Applicant: NETAPP, INC.Inventors: Deepti Aggarwal, Jayanta Basak, Siddhartha Nandi
-
Patent number: 9514022Abstract: A system and method for creating an accurate black-box model of a live storage system and for predicting performance of the storage system under a given workload is disclosed. An analytics engine determines a subset of counters that are relevant to performance of the storage system with respect to a particular output (e.g., throughput or latency) from performance data in counters of the storage system. Using the subset of counters, the analytics engine creates a workload signature for the storage system by using a recursive partitioning technique, such as a classification and regression tree. The analytics engine then creates the black-box model of the storage system performance by applying uncertainty measurement techniques, such as a Gaussian process, to the workload signature.Type: GrantFiled: October 18, 2011Date of Patent: December 6, 2016Assignee: NETAPP, INC.Inventors: Jayanta Basak, Kaladhar Voruganti, Siddhartha Nandi
-
Patent number: 9342417Abstract: A live non-volatile (NV) replay technique enables a partner node to efficiently takeover a failed node of a high-availability pair in a multi-node storage cluster by dynamically replaying operations synchronously logged in a non-volatile random access memory (NVRAM) of the partner node, while also providing high performance during normal operation. Dynamic live replay may be effected through interpretation of metadata describing the logged operations. The metadata may specify a location and type of each logged operation within a partner portion of the NVRAM, as well as any dependency among the logged operation and any other logged operations that would impose an ordering constraint. During normal operation, the partner node may consult the metadata to identify dependent logged operations and dynamically replay those operations to satisfy one or more requests.Type: GrantFiled: May 16, 2014Date of Patent: May 17, 2016Assignee: NetApp, Inc.Inventors: Ameya Prakash Usgaonkar, Siddhartha Nandi
-
Publication number: 20150261633Abstract: A live non-volatile (NV) replay technique enables a partner node to efficiently takeover a failed node of a high-availability pair in a multi-node storage cluster by dynamically replaying operations synchronously logged in a non-volatile random access memory (NVRAM) of the partner node, while also providing high performance during normal operation. Dynamic live replay may be effected through interpretation of metadata describing the logged operations. The metadata may specify a location and type of each logged operation within a partner portion of the NVRAM, as well as any dependency among the logged operation and any other logged operations that would impose an ordering constraint. During normal operation, the partner node may consult the metadata to identify dependent logged operations and dynamically replay those operations to satisfy one or more requests.Type: ApplicationFiled: May 16, 2014Publication date: September 17, 2015Applicant: NetApp, Inc.Inventors: Ameya Prakash Usgaonkar, Siddhartha Nandi