公开(公告)号：US20210144172A1

公开(公告)日：2021-05-13

申请号：US17122275

申请日：2020-12-15

Applicant: Amazon Technologies, Inc.

Inventor： Muhammad Wasiq

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08 ,  H04L9/32 ,  H04L9/08

Abstract: A monitoring service obtains request data specifying entries corresponding to requests received by a Domain Name System service to obtain an Internet Protocol address for a resource and to requests received by a web service to access the resource. The monitoring service uses that request data to generate a request frequency value corresponding to the received requests and compares this value to a baseline request frequency value. If the request frequency value exceeds the baseline request frequency value by a maximum threshold value, the monitoring service performs an operation to redirect network traffic originally directed towards the web service.

公开(公告)号：US10911483B1

公开(公告)日：2021-02-02

申请号：US15463986

申请日：2017-03-20

Applicant: Amazon Technologies, Inc.

Inventor： Muhammad Wasiq

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08 ,  H04L9/32 ,  H04L9/08

Abstract: A monitoring service obtains request data specifying entries corresponding to requests received by a Domain Name System service to obtain an Internet Protocol address for a resource and to requests received by a web service to access the resource. The monitoring service uses that request data to generate a request frequency value corresponding to the received requests and compares this value to a baseline request frequency value. If the request frequency value exceeds the baseline request frequency value by a maximum threshold value, the monitoring service performs an operation to redirect network traffic originally directed towards the web service.

公开(公告)号：US10462116B1

公开(公告)日：2019-10-29

申请号：US14855298

申请日：2015-09-15

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Darren Ernest Canavor ,  Jesper Mikael Johansson ,  Jon Arron McClintock ,  Muhammad Wasiq

IPC: H04L29/06

Abstract: The present document describes systems and methods that detect unauthorized transmission of data from internal networks to remote service providers, even when the transmission occurs over an encrypted connection. An exfiltration monitor is configured to monitor encrypted communications between clients within an internal network and a remote service provider. In various implementations, the exfiltration monitor associates the encrypted connections with account information, and applies exfiltration policies to the connections based at least in part on the associated account information. In additional implementations, the exfiltration monitor is provided with cryptographic keys that facilitate packet inspection of the encrypted connections. In many situations, the exfiltration monitor can use this information to discern between authorized use of a remote service, and unauthorized data exfiltration to the remote service.

公开(公告)号：US20190166127A1

公开(公告)日：2019-05-30

申请号：US16265414

申请日：2019-02-01

Applicant: Amazon Technologies, Inc.

Inventor： Muhammad Wasiq ,  Nima Sharifi Mehr

IPC: H04L29/06 ,  H04L29/12

Abstract: Disclosed are various embodiments for preventing the unintended leakage of cookie data. In one embodiment, a browser application stores cookie data from a first network site having a high-level domain in a client computing device. A classification is assigned to a second network site having the high-level domain. The cookie data is sent to the second network site based at least in part on the classification rather than the default behavior of the browser application.

公开(公告)号：US10135808B1

公开(公告)日：2018-11-20

申请号：US14964959

申请日：2015-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Muhammad Wasiq ,  Aleksandrs J. Rudzitis ,  Nima Sharifi Mehr

IPC: H04L29/06

Abstract: Various approaches discussed herein enable validation of an application on a computing device, such as a mobile computing device, prior to that application being invoked by activation of a link in another application. Upon activation of the link in a calling application, the computing device determines a target application to be invoked in response to the activation. Sensitive or confidential data, such as login credentials, may be included in the link to be passed to the target application. By validating either the calling or the target application, the data may be safeguarded by confirming an identity of an application associated with the link.

公开(公告)号：US09954852B2

公开(公告)日：2018-04-24

申请号：US15420011

申请日：2017-01-30

Applicant: Amazon Technologies, Inc.

Inventor： Muhammad Wasiq ,  Nima Sharifi Mehr

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/123 ,  H04L63/1483

Abstract: A service receives from a sender service a digital message and a corresponding trace, which includes an ordered set of digital signatures of one or more services that participated in causing the service to receive the digital message. The trace may further specify an ordering of the one or more services, which may be generated according to the order of participation of these one or more services. The service may compare the received trace to recorded message paths to determine whether the ordering specified within the trace is valid. If the ordering is valid, the service may use one or more digital certificates to further verify the digital signatures included within the trace. If the service determines that these digital signatures are also valid, the service may process the message.