Patent attributes
An illustrative method includes determining that a total amount of read traffic and write traffic processed by a storage system during a time period exceeds a threshold; determining a first compressibility metric associated with the write traffic; determining a second compressibility metric associated with the read traffic; determining, based on a comparison of the first compressibility metric with the second compressibility metric, that the write traffic is less compressible than the read traffic; determining, based on the total amount of read traffic and write traffic exceeding the threshold and on the write traffic being less compressible than the read traffic, that the storage system is possibly being targeted by a security threat; and modifying, in response to the determining that the storage system is possibly being targeted by the security threat, a data protection parameter set for one or more recovery datasets generated by the storage system.
