&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12438895.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,438,895 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Detecting security threats to data on a storage controller</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Mandar Jayant Vaidya,  Pune (IN);  Nilesh Prabhakar Bhosale,  Pune (IN);  Joseph W. Dain,  Tucson, AZ (US); and  Thomas Keith Clark,  Tucson, AZ (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  INTERNATIONAL BUSINESS MACHINES CORPORATION,  Armonk, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  International Business Machines Corporation,  Armonk, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Dec.  1, 2021, as Appl. No. 17/457,064.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0171273 A1, Jun.  1, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1425</b></i> (2013.01)&#xa0;[<i><b>H04L 63/101</b></i> (2013.01); <i><b>H04L 63/105</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>15 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12438895-20251007-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A computer implemented method (CIM) for use with a storage network that includes a storage controller that controls data communications to, in and from the storage network, the CIM comprising:<div class="claim_text">receiving a request to store a first file in the storage network;</div>
                <div class="claim_text">responsive to the receipt of the request, performing deep inspection on data making up the first file to extract a plurality of metadata values;</div>
                <div class="claim_text">determining, by machine logic and based at least in part upon the plurality of metadata values that the first file is characterized by at least one of the following security types: sensitive and critical;</div>
                <div class="claim_text">based on the determination that the first file is characterized by at least one of the security types, tagging the first file, at a data source of the first file, with one or more tags indicating a classification of the data associated with the first file and a security level, and further indicating a priority level for processing a data access event associated with the first file based on the classification and the security level;</div>
                <div class="claim_text">receiving a plurality of audit logs on files in the storage network of at least one of the security types based on the classification and the security level associated with each file, wherein the plurality of audit logs further comprises an audit log associated with the first file;</div>
                <div class="claim_text">prioritizing, by applying an artificial intelligence algorithm, the plurality audit logs based on the one or more tags associated with each file and indicating the priority level such that different audit logs are enqueued to different priority queues for processing at different processing rates;</div>
                <div class="claim_text">determining, based on the plurality of audit logs, that the data access event associated with the first file represents a potential threat to the storage network; and</div>
                <div class="claim_text">based on the determination that the data access event associated with the first file represents a potential threat to the storage network, tagging the first file with additional tags indicating a specific threat detected with respect to accessing the first file and indicating a specific preventive action.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>