Management of decommissioned server assets in a shared data environment
First Claim
Patent Images
1. A method for monitoring decommissioned servers, the method comprising:
- aggregating, by one or more processors, information associated with an environment, from a plurality of resources external to a server resource, wherein the plurality of resources external to the server resource provide a historical indication on activities related to the server resource within the environment, and wherein the information is directly gathered from monitoring address resolution protocol (ARP) cache data from a router;
analyzing, by one or more processors, the aggregated information associated with the environment;
calculating, by one or more processors, a baseline of server activity, based on a comparison of network activity from the ARP cache data associated with the environment, which shows decommissioned assets continuing to be active;
determining, by one or more processors, whether new information associated with the environment is consistent with the baseline of server activity, wherein network traffic and types of packets from decommissioned assets are used to detect whether new information associated with the environment is consistent with the baseline of server activity; and
responsive to determining that the new information associated with the environment is not consistent with the baseline of server activity, identifying the new information as a possible misuse and flagging the new information associated with unusual server activity.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide systems and methods for monitoring decommissioned servers in a shared data environment. Embodiments of the present invention can be used to aggregate information associated with an environment from external resources, and calculate a baseline of server activity from the aggregated information. When new information is received, it is compared to the baseline of server activity in order to determine a possible misuse of the server assets, when inconsistencies are detected between the baseline of activity and the new information.
38 Citations
1 Claim
-
1. A method for monitoring decommissioned servers, the method comprising:
-
aggregating, by one or more processors, information associated with an environment, from a plurality of resources external to a server resource, wherein the plurality of resources external to the server resource provide a historical indication on activities related to the server resource within the environment, and wherein the information is directly gathered from monitoring address resolution protocol (ARP) cache data from a router; analyzing, by one or more processors, the aggregated information associated with the environment; calculating, by one or more processors, a baseline of server activity, based on a comparison of network activity from the ARP cache data associated with the environment, which shows decommissioned assets continuing to be active; determining, by one or more processors, whether new information associated with the environment is consistent with the baseline of server activity, wherein network traffic and types of packets from decommissioned assets are used to detect whether new information associated with the environment is consistent with the baseline of server activity; and responsive to determining that the new information associated with the environment is not consistent with the baseline of server activity, identifying the new information as a possible misuse and flagging the new information associated with unusual server activity.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsChildress, Rhonda L., Kumhyr, David B., Spisak, Michael J.
-
Primary Examiner(s)Daftuar, Saket K
-
Application NumberUS15/074,044Time in Patent Office158 DaysField of SearchUS Class Current1/1CPC Class CodesH04L 41/065 involving logical or physic...H04L 41/147 for predicting network beha...H04L 41/20 Network management software...H04L 43/06 Generation of reportsH04L 43/0823 Errors, e.g. transmission e...H04L 61/103 across network layers, e.g....H04L 63/1408 by monitoring network traff...H04L 63/1416 Event detection, e.g. attac...H04L 67/1034 Reaction to server failures...H04L 67/568 Storing data temporarily at...
