公开(公告)号：US09667649B1

公开(公告)日：2017-05-30

申请号：US13865782

申请日：2013-04-18

Applicant: Amazon Technologies, Inc.

Inventor： Frans Adriaan Lategan ,  Andries Petrus Johannes Dippenaar ,  Marcin Piotr Kowalski ,  Gina Louise Morris ,  Anton Andre Eicher ,  Duncan Matthew Clough

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  H04L63/12 ,  H04L63/123 ,  H04L63/1466

Abstract: Attacks, such as MITM and DoS attacks, on a distributed computing system may be detected by sending a work assignment to an execution device through a first communication channel. A report may then be received through a second communication channel of the work assignment received by the execution device. Information regarding the received work assignment may then be in view of information regarding the sent work assignment to determine whether an error, such as an MITM or DoS attack, has occurred. If the analysis indicates that the report does not include the sent work assignment, then a DoS attack may have occurred. If the analysis indicates that the work assignment received by the recipient does not correspond to the sent work assignment, then a MITM attack may have occurred. If an error has occurred, an indication might be recorded and/or other types of actions might also be taken.

公开(公告)号：US20160380775A1

公开(公告)日：2016-12-29

申请号：US15260802

申请日：2016-09-09

Applicant: Amazon Technologies, Inc.

Inventor： Marcin Piotr Kowalski ,  Frans Adriaan Lategan

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/14 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L9/3249 ,  H04L9/14 ,  H04L9/302 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/083 ,  H04L67/02 ,  H04L67/42 ,  H04L2463/144

Abstract: Computer systems, such as a client and a server operably interconnected via a network, are subject to stress on computational resources due to an abundance of automated-user traffic. To improve resource functionalities and control the resources available to automated-agents, value information of valuable assets is encrypted such that a client must perform an algorithm for calculating a decryption key in order to view the unencrypted content. Wherein the encryption is tuned in such a way that any computational delay caused by the encryption is imperceptible to a human-user and largely perceptible to an automated-agent such that the need to determine if a user is an automated-user or a human-user is irrelevant.

Abstract translation: 计算机系统，例如通过网络可操作地连接的客户机和服务器，由于大量的自动化用户业务量而对计算资源产生压力。 为了改善资源功能并控制可用于自动代理的资源，贵重资产的价值信息被加密，使得客户端必须执行用于计算解密密钥的算法以便查看未加密的内容。 其中加密被调整为使得由加密引起的任何计算延迟对于人类用户是不可察觉的并且对于自动化代理而言是很可感知的，使得需要确定用户是自动用户还是人为的， 用户无关紧要

公开(公告)号：US09438529B1

公开(公告)日：2016-09-06

申请号：US14497152

申请日：2014-09-25

Applicant: Amazon Technologies, Inc.

Inventor： Marcin Piotr Kowalski

IPC: G06F9/455 ,  H04L12/911 ,  H04L12/26

CPC classification number: H04L43/04 ,  G06F9/45558 ,  G06F2009/45562 ,  G06F2009/4557

Abstract: A computing resource of a provider network is scheduled to undergo a process. During execution of the process, data associated with the process is monitored. An expected profile of the monitored data during execution of the process is determined. The expected profile is determined based on the type of the computing resource. Based on a comparison between the monitored data and the expected profile, a determination is made as to progress of the process.

Abstract translation: 计划提供者网络的计算资源经历一个过程。 在执行该过程期间，监视与该过程相关联的数据。 确定在执行过程期间监视的数据的期望概况。 基于计算资源的类型来确定期望的简档。 基于所监视的数据与预期轮廓之间的比较，确定过程的进展。

公开(公告)号：US09213726B2

公开(公告)日：2015-12-15

申请号：US13862934

申请日：2013-04-15

Applicant: Amazon Technologies, Inc.

Inventor： Marcin Piotr Kowalski

IPC: G06F17/30

CPC classification number: G06F17/30371 ,  G06F11/3409 ,  G06F11/3476 ,  G06F17/30289 ,  G06F17/30389 ,  G06F17/30477 ,  G06F17/30867 ,  G06F2201/80

Abstract: Web services hosted at a data center may employ architectural patterns that tend to obfuscate the source of queries made against databases and other resources in the data center. The queries may be the source of performance, capacity or utilization problems, and may contribute to the cost of hosting the web service. Web service invocations may be associated with identifiers that can be included in modified queries sent to databases and other resources. Summarized cost information may be calculated based on recorded associations between the identifiers and query performance information.

Abstract translation: 在数据中心托管的Web服务可能会采用倾向于模糊数据中心数据库和其他资源的查询源的体系结构模式。 这些查询可能是性能，容量或利用率问题的根源，并可能导致托管Web服务的成本。 Web服务调用可能与可以包含在发送到数据库和其他资源的修改查询中的标识符相关联。 可以基于标识符和查询性能信息之间记录的关联来计算汇总成本信息。

公开(公告)号：US09002997B2

公开(公告)日：2015-04-07

申请号：US13747176

申请日：2013-01-22

Applicant: Amazon Technologies, Inc.

Inventor： Marcin Piotr Kowalski ,  Roland Paterson-Jones ,  James Alfred Gordon Greenfield

IPC: H04L12/70 ,  G06F15/177 ,  G06F15/173 ,  H04L12/24

CPC classification number: H04L41/0806 ,  G06F11/0709 ,  H04L41/0273 ,  H04L41/0803 ,  H04L67/42

Abstract: Methods and apparatus for instance host configuration are disclosed. A system includes a plurality of instance hosts configurable for resource instances of a network-accessible service, and control servers to manage remote configuration of the instance hosts. In response to an instance configuration request from a client, a selected control server transmits, to a selected instance host, a sequence of one or more commands. The selected instance host instantiates a remote command executor. The remote command executor initiates configuration operations corresponding to the command sequence, and terminates. The selected control server provides a response to the instance configuration request, based at least in part on results of the operations initiated by the executor.

Abstract translation: 公开了例如主机配置的方法和装置。 系统包括可配置用于网络可访问服务的资源实例的多个实例主机，以及用于管理实例主机的远程配置的控制服务器。 响应于来自客户端的实例配置请求，所选择的控制服务器向选择的实例主机发送一个或多个命令的序列。 所选实例主机实例化远程命令执行程序。 远程命令执行器启动与命令序列相对应的配置操作，并终止。 所选择的控制服务器至少部分地基于执行器发起的操作的结果来对实例配置请求提供响应。