公开(公告)号：US10382461B1

公开(公告)日：2019-08-13

申请号：US15165221

申请日：2016-05-26

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Nima Sharifi Mehr ,  Dominique Imjya Brezinski ,  Sunu Aby Mathew

IPC: H04L29/06

Abstract: Described are techniques for identifying anomalous and non-anomalous requests based on metric values determined from a request. Weights to be associated with particular metric values may be determined based on metric data for those values. The metric data may indicate a total number of accesses by requests having a particular metric value, a frequency of access, or particular access times. Based on the weight values and the metric values for the request, a security score for the request may be determined. The security score may indicate a confidence that the request is anomalous or non-anomalous. Potentially anomalous requests may be determined to be non-anomalous if the metric values correspond to known sets of metric values, determined from previous requests. In some cases, metric data may be normalized prior to use to facilitate faster queries and conserve available data storage.

公开(公告)号：US10187428B2

公开(公告)日：2019-01-22

申请号：US15618419

申请日：2017-06-09

Applicant: Amazon Technologies, Inc.

Inventor： Harsha Ramalingam ,  Dominique Imjya Brezinski ,  Jesper Mikael Johansson ,  Jon Arron McClintock ,  James Connelly Petts

IPC: H04L29/06 ,  G06F21/14 ,  G06F21/54 ,  G06F21/55

Abstract: Disclosed are various embodiments for active data that tracks usage. The active data includes instructions that are executable by a computing device. The computing device is scanned to identify characteristics of the computing device. The characteristics of the computing device are utilized to determine whether the usage of the active data is authorized. Data is transmitted to a network service, including identifying information for the particular computing device and data that identifies a deployment of the active data.

公开(公告)号：US10002177B1

公开(公告)日：2018-06-19

申请号：US14028360

申请日：2013-09-16

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Jon Arron McClintock ,  George Nikolaos Stathakopoulos ,  Dominique Imjya Brezinski

IPC: G06F17/30

CPC classification number: G06F16/284 ,  G06F16/24575

Abstract: Techniques are described for employing a crowdsourcing framework to analyze data related to the performance or operations of computing systems, or to analyze other types of data. A question is analyzed to determine data that is relevant to the question. The relevant data may be decontextualized to remove or alter contextual information included in the data, such as sensitive, personal, or business-related data. The question and the decontextualized data may then be presented to workers in a crowdsourcing framework, and the workers may determine an answer to the question based on an analysis or an examination of the decontextualized data. The answers may be combined, correlated, or otherwise processed to determine a processed answer to the question.

公开(公告)号：US09805215B1

公开(公告)日：2017-10-31

申请号：US14828276

申请日：2015-08-17

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Dominique Imjya Brezinski ,  Darren Ernest Canavor ,  Darin Keith McAdams ,  Jon Arron McClintock ,  Brandon William Porter

IPC: G06F21/62 ,  H04L29/06

CPC classification number: G06F21/6245 ,  G06F21/6227 ,  H04L67/42

Abstract: A technology is described for making a decision based on identifying without disclosing the identifying information. The method may include receiving a mapping value that represents identifying information that has been converted into a mapping value. A request for data associated with the identifying information may be made by providing the mapping value as a proxy for the identifying information whereby the data associated with the identifying information may be located using the mapping value and returned to a requesting client or service.

公开(公告)号：US09342796B1

公开(公告)日：2016-05-17

申请号：US14028396

申请日：2013-09-16

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Jon Arron McClintock ,  George Nikolaos Stathakopoulos ,  Dominique Imjya Brezinski

IPC: G06N99/00

CPC classification number: G06N99/005

Abstract: Techniques are described for employing a crowdsourcing framework to analyze data related to the performance or operations of computing systems, or to analyze other types of data. A question is analyzed to determine data that is relevant to the question. The relevant data may be decontextualized to remove or alter contextual information included in the data, such as sensitive, personal, or business-related data. The question and the decontextualized data may then be presented to workers in a crowdsourcing framework, and the workers may determine an answer to the question based on an analysis or an examination of the decontextualized data. The answers may be combined, correlated, or otherwise processed to determine a processed answer to the question. Machine learning techniques are employed to adjust and refine the decontextualization.

Abstract translation: 描述了使用众包框架来分析与计算系统的性能或操作相关的数据或分析其他类型的数据的技术。 分析一个问题来确定与问题相关的数据。 相关数据可以被解构化以去除或改变包括在数据中的上下文信息，诸如敏感的，个人的或与业务有关的数据。 然后可以在众包框架中将问题和解构图数据提供给工人，并且工作人员可以基于分析或检验解构数据来确定问题的答案。 答案可以组合，相关或以其他方式处理，以确定问题的处理答案。 机器学习技术被用于调整和完善解构文化。

公开(公告)号：US10560338B2

公开(公告)日：2020-02-11

申请号：US15829725

申请日：2017-12-01

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Dominique Imjya Brezinski ,  Tushaar Sethi ,  Maarten Van Horenbeeck

IPC: H04L12/24 ,  H04L12/733

Abstract: A method and apparatus for path detection are disclosed. In the method and apparatus, a data path may link two path-end nodes in a network. Event data for the network may be received and may be used to determine, for each node resident on the path, proximity measures to each path-end node. The proximity measure of network nodes may be evaluated to determine whether a path exists between the two path-end nodes.

公开(公告)号：US09154515B1

公开(公告)日：2015-10-06

申请号：US14134596

申请日：2013-12-19

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Francesco Russo ,  Dominique Imjya Brezinski ,  Robert Hanna Mahfoud ,  Martin Matthew O'Reilly

IPC: G06F21/56 ,  H04L29/06

CPC classification number: H04L63/1416 ,  G06F21/554 ,  G06F21/56 ,  H04L63/1433 ,  H04L63/1441

Abstract: Information security may include defending information from unauthorized access, use, disclosure, modification, destruction, and so forth. Described herein are systems, methods and devices for enabling a user device to implement functions for dynamically identifying and reacting to potentially malicious activity. In one example, a user device configures a sentinel node to identify potentially malicious behavior by causing the sentinel node to analyze data from selected emitter nodes and selected algorithms. The user device may also specify how the sentinel node reacts to potential malicious activity.

Abstract translation: 信息安全可能包括防止未经授权的访问，使用，披露，修改，销毁等信息。 这里描述了使得用户设备能够实现用于动态地识别潜在恶意活动并对其进行反应的功能的系统，方法和设备。 在一个示例中，用户设备通过使得前哨节点分析来自所选发射机节点和所选算法的数据来配置哨兵节点以识别潜在的恶意行为。 用户设备还可以指定前哨节点如何对潜在的恶意活动做出反应。

公开(公告)号：US09152808B1

公开(公告)日：2015-10-06

申请号：US13849772

申请日：2013-03-25

Applicant: Amazon Technologies, Inc.

Inventor： Harsha Ramalingam ,  Jesper Mikael Johansson ,  James Connelly Petts ,  Dominique Imjya Brezinski

IPC: G06F7/04 ,  G06F21/62 ,  H04L29/06

CPC classification number: G06F21/62 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1491 ,  H04L63/30

Abstract: Disclosed are various embodiments for obtaining policy data specifying decoy data eligible to be inserted within a response to an access of a data store. The decoy data is detected in the response among a plurality of non-decoy data based at least upon the policy data. An action associated with the decoy data is initiated in response to the access of the data store meeting a configurable threshold.

Abstract translation: 公开了用于获得策略数据的各种实施例，该策略数据指定在对数据存储的访问的响应中有资格插入的诱饵数据。 至少基于策略数据，在多个非诱饵数据之间的响应中检测诱饵数据。 响应于满足可配置阈值的数据存储的访问，启动与诱饵数据相关联的动作。

公开(公告)号：US09990507B2

公开(公告)日：2018-06-05

申请号：US14872880

申请日：2015-10-01

Applicant: Amazon Technologies, Inc.

Inventor： Harsha Ramalingam ,  Jesper Mikael Johansson ,  James Connelly Petts ,  Dominique Imjya Brezinski

IPC: G06F17/00 ,  G06F21/62 ,  H04L29/06

CPC classification number: G06F21/62 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1491 ,  H04L63/30

Abstract: Disclosed are various embodiments for obtaining policy data specifying decoy data eligible to be inserted within a response to an access of a data store. The decoy data is detected in the response among a plurality of non-decoy data based at least upon the policy data. An action associated with the decoy data is initiated in response to the access of the data store meeting a configurable threshold.

公开(公告)号：US09838260B1

公开(公告)日：2017-12-05

申请号：US14224544

申请日：2014-03-25

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Dominique Imjya Brezinski ,  Tushaar Sethi ,  Maarten Van Horenbeeck

IPC: H04L12/24 ,  H04L12/733

CPC classification number: H04L41/12 ,  H04L45/122

Abstract: A method and apparatus for path detection are disclosed. In the method and apparatus, a data path may link two path-end nodes in a network. Event data for the network may be received and may be used to determine, for each node resident on the path, proximity measures to each path-end node. The proximity measure of network nodes may be evaluated to determine whether a path exists between the two path-end nodes.