公开(公告)号：US11611580B1

公开(公告)日：2023-03-21

申请号：US16807055

申请日：2020-03-02

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Amit Jagannath Mhatre

IPC: H04L9/40

Abstract: Various embodiments of apparatuses and methods for malware infection detection for edge devices, such as IoT (“Internet of Things”) devices, are described. In some embodiments, a malware infection detection service receives data from a plurality of edge devices of a remote network. It can identify a variety of different detection mechanisms to detect whether an edge device is potentially infected with malware, and determine confidence levels for the different detection mechanisms. Using the detection mechanisms with the received data, it can determine one or more findings that an edge device is potentially infected with malware. It can then determine a confidence level for each finding. It can then determine an accumulated confidence, based on the confidence levels of the detection mechanisms and the findings. The malware infection detection service might then identify one or more of the edge devices as potentially being infected by malware based on the accumulated confidence.

公开(公告)号：US11777823B1

公开(公告)日：2023-10-03

申请号：US17535455

申请日：2021-11-24

Applicant: Amazon Technologies, Inc.

Inventor： Eknath Venkataramani ,  Amit Jagannath Mhatre

IPC: H04L43/0817 ,  H04L43/065 ,  H04L43/0823

CPC classification number: H04L43/0817 ,  H04L43/065 ,  H04L43/0823

Abstract: An anomaly detection service of a provider network may be used to efficiently monitor for metric anomalies across a large number of IoT devices using mandatory and optional values for metrics. A client may configure any number of mandatory and optional values for a metric to be collected from IoT devices of a fleet. The client may also configure one or more criteria to by used for evaluating the mandatory values (e.g., a threshold percentage such as 99%). When the service receives metric values for the metric, the service determines whether the values satisfy the criteria for the mandatory value. If not, then the service indicates an anomaly. The service may also determine if any values other than the mandatory and optional values are present. If not, then the service indicates an anomaly.