×

Transparent volume based intrusion detection

  • US 10,079,842 B1
  • Filed: 03/30/2016
  • Issued: 09/18/2018
  • Est. Priority Date: 03/30/2016
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • under the control of one or more computer systems configured with executable instructions,receiving an application programming interface request to monitor a logical volume attached to a virtual machine instance, the logical volume associated with a customer of a computing resource service provider, the computing resource service provider implementing the logical volume as a log-structured storage system on hardware provided by the computing resource service provider;

    obtaining access to a stream of log events of the logical volume in response to the application programming interface request, the stream of log events indicating input/output operations of the logical volume; and

    for at least a subset of log events included in the stream of log events;

    detecting malicious activity on the logical volume based at least in part on the subset of log events; and

    performing an operation to mitigate the malicious activity.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×