公开(公告)号：US10129278B2

公开(公告)日：2018-11-13

申请号：US15155861

申请日：2016-05-16

Applicant: Amazon Technologies, Inc.

Inventor： Jon A. McClintock ,  Eric J. Martin ,  Karl A. McCabe ,  Thibault Candebat ,  Adam J. Cecchetti ,  David Erdmann

IPC: H04L29/06 ,  G06F21/00 ,  G06F21/56

Abstract: Disclosed are various systems, methods, and other embodiments directed to detection of malware in content items. To detect the malware, for example, one or more content items are identified in association with the rendering of a network page in a simulated environment. A plurality of tests are applied to the one or more content items to detect an existence of malware associated with the content items.

公开(公告)号：US09812138B1

公开(公告)日：2017-11-07

申请号：US14476615

申请日：2014-09-03

Applicant: Amazon Technologies, Inc.

Inventor： Thibault Candebat

IPC: G10L19/018

CPC classification number: G10L19/018 ,  G06F21/64 ,  G10L25/54

Abstract: A robust digital fingerprint of a file ensures that one able to produce the robust digital fingerprint has possession of the file. A client obtains information that is unpredictable to the client and uses that information to modify the file and generate a robust digital fingerprint from the modified file. A server, with access to the same unpredictable information, verifies the generated robust digital fingerprint. An algorithm for generating the robust digital fingerprint has a property that different representations of the same content will produce matching digital fingerprints.

公开(公告)号：US10044728B1

公开(公告)日：2018-08-07

申请号：US14792003

申请日：2015-07-06

Applicant: Amazon Technologies, Inc.

Inventor： Aridaman Tripathi ,  Thibault Candebat

IPC: H04L29/06 ,  H04L29/08

Abstract: A secure and efficient technique to prevent cross-site scripting attacks based on segregating the content within a given content page among independent endpoints, or servers, where static content is provided from one endpoint and active content is provided from another endpoint. Together, the different endpoints make up an endpoint segregation system. Further, security features of HTTP/HTML are used to restrict sources from which active content may be executed according to the division of static and active content among the endpoints of the endpoint segregation system.

公开(公告)号：US09942267B1

公开(公告)日：2018-04-10

申请号：US14792010

申请日：2015-07-06

Applicant: Amazon Technologies, Inc.

Inventor： Aridaman Tripathi ,  Thibault Candebat

IPC: H04L29/06

CPC classification number: H04L63/1466 ,  H04L63/20

Abstract: A secure and efficient technique to prevent cross-site scripting attacks based on segregating the content within a given content page among independent endpoints, or servers, where static content is provided from one endpoint, active content for downloading a filtering component to enforce filtering of content passed to active content methods is provided from a loader endpoint, and active content is provided from an active content endpoint. Together, the different endpoints make up an endpoint segregation system. Further, security features of HTTP/HTML are used to restrict sources from which active content may be executed according to the division of static and active content among the endpoints of the endpoint segregation system.

公开(公告)号：US20180047399A1

公开(公告)日：2018-02-15

申请号：US15792540

申请日：2017-10-24

Applicant: Amazon Technologies, Inc.

Inventor： Thibault Candebat

IPC: G10L19/018

Abstract: A robust digital fingerprint of a file ensures that one able to produce the robust digital fingerprint has possession of the file. A client obtains information that is unpredictable to the client and uses that information to modify the file and generate a robust digital fingerprint from the modified file. A server, with access to the same unpredictable information, verifies the generated robust digital fingerprint. An algorithm for generating the robust digital fingerprint has a property that different representations of the same content will produce matching digital fingerprints.

公开(公告)号：US09336381B1

公开(公告)日：2016-05-10

申请号：US13858448

申请日：2013-04-08

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： David James Kane-Parry ,  Thibault Candebat

IPC: G06F21/00 ,  G06F21/50

CPC classification number: G06F21/50 ,  G06F21/577 ,  G06F2221/033

Abstract: Techniques are described for identifying security credentials or other sensitive information based on an entropy-based analysis of information included in documents such as source code files, object code files, or other types of files. A baseline information entropy may be determined for one or more documents, indicating a baseline level of randomness for information in the document(s). One or more of the documents may be analyzed to identify the presence of high entropy portions that have an information entropy above a threshold value. The threshold value may be based on the baseline information entropy, or based on other criteria such as a programming language of the document(s). Because security credentials may have a higher level of information entropy than the surrounding code, any high entropy portions of the document(s) may be identified as potential security risks.

Abstract translation: 描述了基于对诸如源代码文件，目标代码文件或其他类型的文件的文档中包括的信息的基于熵的分析来识别安全凭证或其他敏感信息的技术。 可以为一个或多个文档确定基线信息熵，指示文档中的信息的基准随机性水平。 可以分析一个或多个文档以识别具有高于阈值的信息熵的高熵部分的存在。 阈值可以基于基线信息熵，或者基于诸如文档的编程语言的其他标准。 由于安全凭证可能具有比周围代码更高级别的信息熵，所以文档的任何高熵部分可被识别为潜在的安全风险。

公开(公告)号：US10431228B2

公开(公告)日：2019-10-01

申请号：US15792540

申请日：2017-10-24

Applicant: Amazon Technologies, Inc.

Inventor： Thibault Candebat

IPC: G10L19/018 ,  G06F21/64 ,  G10L25/54

Abstract: A robust digital fingerprint of a file ensures that one able to produce the robust digital fingerprint has possession of the file. A client obtains information that is unpredictable to the client and uses that information to modify the file and generate a robust digital fingerprint from the modified file. A server, with access to the same unpredictable information, verifies the generated robust digital fingerprint. An algorithm for generating the robust digital fingerprint has a property that different representations of the same content will produce matching digital fingerprints.

公开(公告)号：US09575979B1

公开(公告)日：2017-02-21

申请号：US14107950

申请日：2013-12-16

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Jon Arron McClintock ,  Shailendra Batra ,  Thibault Candebat ,  Scott Gerard Carmack ,  Sachin Purushottam Joglekar ,  Alun Mark Jones ,  William Frederick Kruse ,  Narasimha Rao Lakkakula ,  Sunu Aby Mathew

IPC: G06F17/30 ,  G06F21/62

CPC classification number: G06F17/30109 ,  G06F21/604 ,  G06F21/6218 ,  G06F2221/034

Abstract: Techniques are described for automatically determining application composition and application ownership of an application that may include a plurality of files deployed to a plurality of host devices. The determination of application composition may be based on analyzing various types of metadata that may provide evidence of associations between deployed files, such as metadata describing the deployment of files to host devices, metadata describing the files tracked within a source control system, or other types of metadata. The determination of application ownership may also be based on analyzing the various types of metadata that provide evidence of associations between files and individuals or groups of individuals within an organization.

Abstract translation: 描述了用于自动确定应用程序的应用程序组成和应用程序所有权的技术，其中可能包括部署到多个主机设备的多个文件。 应用程序组合的确定可以基于分析可以提供部署文件之间的关联的各种类型的元数据，例如描述向主机设备部署文件的元数据，描述在源控制系统中跟踪的文件的元数据或其他类型 的元数据。 应用程序所有权的确定也可以基于分析各种类型的元数据，这些元数据提供文件与组织内的个人或个人组之间的关联的证据。

公开(公告)号：US09465942B1

公开(公告)日：2016-10-11

申请号：US14459037

申请日：2014-08-13

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： David James Kane-Parry ,  Thibault Candebat ,  Nima Sharifi Mehr

IPC: G06F21/00 ,  G06F21/57

CPC classification number: G06F21/57 ,  G06F21/125 ,  G06F21/577 ,  G06F21/75 ,  G06F2221/033

Abstract: Techniques are described for identifying security credentials or other sensitive information by creating a dictionary of data elements included in documents such as source code files, object code files, or other types of files. The data elements may be identified for inclusion in the dictionary based on parsing the documents for delimiter characters, and based on the context of the data elements within the documents. The data elements may also be identified through an entropy-based analysis to detect portions of the documents exhibiting a high degree of entropy compared to a baseline entropy for the documents. The dictionary may be used in a dictionary attack against various systems to determine whether any of the data elements included in the dictionary enable access the systems. The data elements that enable access may be designated as sensitive information hard-coded into the documents.

Abstract translation: 描述了通过创建诸如源代码文件，目标代码文件或其他类型的文件的文档中包括的数据元素的字典来识别安全凭证或其他敏感信息的技术。 可以基于解析用于定界符字符的文档，并且基于文档内的数据元素的上下文来识别数据元素以包括在字典中。 也可以通过基于熵的分析来识别数据元素，以便与文档的基线熵相比较，以检测表现出高度熵的文档的部分。 字典可以用于针对各种系统的字典攻击，以确定包括在字典中的任何数据元素是否能够访问系统。 可以将访问的数据元素指定为硬编码到文档中的敏感信息。

公开(公告)号：US20160261623A1

公开(公告)日：2016-09-08

申请号：US15155861

申请日：2016-05-16

Applicant: Amazon Technologies, Inc.

Inventor： Jon A. McClintock ,  Eric J. Martin ,  Karl A. McCabe ,  Thibault Candebat ,  Adam J. Cecchetti ,  David Erdmann

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  G06F21/00 ,  G06F21/566 ,  H04L63/1416

Abstract: Disclosed are various systems, methods, and other embodiments directed to detection of malware in content items. To detect the malware, for example, one or more content items are identified in association with the rendering of a network page in a simulated environment. A plurality of tests are applied to the one or more content items to detect an existence of malware associated with the content items.

Abstract translation: 公开了针对内容项目中的恶意软件的检测的各种系统，方法和其他实施例。 为了检测恶意软件，例如，在模拟环境中与网络页面的呈现相关联地识别一个或多个内容项目。 多个测试被应用于一个或多个内容项目以检测与内容项目相关联的恶意软件的存在。