公开(公告)号：US10574686B2

公开(公告)日：2020-02-25

申请号：US16230901

申请日：2018-12-21

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Christopher Dunn ,  Alexis Floyd ,  David James Kane-Parry ,  Volker Helmut Mosthaf ,  Christopher Gordon Williams

IPC: H04L29/00 ,  H04L29/06 ,  H04L29/08 ,  H04L12/46 ,  G06Q10/08 ,  G06Q20/40 ,  H04L9/32

Abstract: A first computer is selected for testing. Information sent from a second computer system to the first computer is intercepted. The information is modified to be noncompliant with a communication protocol, thereby producing noncompliant information. A determination is made whether the first computer device has failed to provide a particular response to receipt of the noncompliant information, and an operation is performed based at least in part on the determination.

公开(公告)号：US20170149817A1

公开(公告)日：2017-05-25

申请号：US15422253

申请日：2017-02-01

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Christopher Dunn ,  Alexis Floyd ,  David James Kane-Parry ,  Volker Helmut Mosthaf ,  Christopher Gordon Williams

IPC: H04L29/06 ,  G06Q20/40 ,  G06Q10/08 ,  H04L9/32

CPC classification number: H04L63/1433 ,  G06Q10/083 ,  G06Q20/405 ,  H04L9/3268 ,  H04L12/4625 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/101 ,  H04L63/1441 ,  H04L63/1483 ,  H04L67/10 ,  H04L2209/26 ,  H04L2209/56

Abstract: A first computer is selected for testing. Information sent from a second computer system to the first computer is intercepted. The information is modified to be noncompliant with a communication protocol, thereby producing noncompliant information. A determination is made whether the first computer device has failed to provide a particular response to receipt of the noncompliant information, and an operation is performed based at least in part on the determination.

公开(公告)号：US10164997B2

公开(公告)日：2018-12-25

申请号：US15422253

申请日：2017-02-01

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Christopher Dunn ,  Alexis Floyd ,  David James Kane-Parry ,  Volker Helmut Mosthaf ,  Christopher Gordon Williams

IPC: H04L29/06 ,  H04L29/08 ,  G06Q10/08 ,  G06Q20/40 ,  H04L9/32

Abstract: A first computer is selected for testing. Information sent from a second computer system to the first computer is intercepted. The information is modified to be noncompliant with a communication protocol, thereby producing noncompliant information. A determination is made whether the first computer device has failed to provide a particular response to receipt of the noncompliant information, and an operation is performed based at least in part on the determination.

公开(公告)号：US20190124110A1

公开(公告)日：2019-04-25

申请号：US16230901

申请日：2018-12-21

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Christopher Dunn ,  Alexis Floyd ,  David James Kane-Parry ,  Volker Helmut Mosthaf ,  Christopher Gordon Williams

IPC: H04L29/06 ,  H04L29/08 ,  G06Q10/08 ,  G06Q20/40 ,  H04L9/32 ,  H04L12/46

CPC classification number: H04L63/1433 ,  G06Q10/083 ,  G06Q20/405 ,  H04L9/3268 ,  H04L12/4625 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/101 ,  H04L63/1441 ,  H04L63/1483 ,  H04L67/10 ,  H04L2209/26 ,  H04L2209/56

Abstract: A first computer is selected for testing. Information sent from a second computer system to the first computer is intercepted. The information is modified to be noncompliant with a communication protocol, thereby producing noncompliant information. A determination is made whether the first computer device has failed to provide a particular response to receipt of the noncompliant information, and an operation is performed based at least in part on the determination.

公开(公告)号：US09602536B1

公开(公告)日：2017-03-21

申请号：US14560613

申请日：2014-12-04

Applicant: Amazon Technologies, Inc.

Inventor： Dennis Naylor Brown, Jr. ,  Volker Helmut Mosthaf

IPC: H04L29/00 ,  H04L29/06

CPC classification number: H04L63/1491 ,  G06F2221/2111 ,  H04L63/083

Abstract: Disclosed are various embodiments for virtualized network honeypots. In one embodiment, client computing devices that are coupled to a network are each configured with both a primary host and a secondary virtualized host. The primary host provides workstation functionality for users having permission. The secondary virtualized host is configured to route network traffic to and from a honeypot server. The honeypot server is configured to provide a honeypot environment. In another embodiment, a network connection request for a requested service is received from a connecting device. If the connecting device is authorized, the network connection request is routed to the requested service. If the connecting device is not authorized, the network connection request is routed to a honeypot server.

公开(公告)号：US09923922B1

公开(公告)日：2018-03-20

申请号：US15459465

申请日：2017-03-15

Applicant: Amazon Technologies, Inc.

Inventor： Dennis Naylor Brown, Jr. ,  Volker Helmut Mosthaf

IPC: H04L29/00 ,  H04L29/06

CPC classification number: H04L63/1491 ,  G06F2221/2111 ,  H04L63/083

Abstract: Disclosed are various embodiments for virtualized network honeypots. In one embodiment, client computing devices that are coupled to a network are each configured with both a primary operating system and a honeypot operating system. The primary operating system is configured to provide workstation functionality for a user having permission, and the honeypot operating system is configured to route unauthorized network traffic to a honeypot server. The honeypot server is configured to provide a honeypot environment that mimics characteristics of client or server computing devices.

公开(公告)号：US09571465B1

公开(公告)日：2017-02-14

申请号：US14490445

申请日：2014-09-18

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Christopher Dunn ,  Alexis Floyd ,  David James Kane-Parry ,  Volker Helmut Mosthaf ,  Christopher Gordon Williams

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/1433 ,  G06Q10/083 ,  G06Q20/405 ,  H04L9/3268 ,  H04L12/4625 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/101 ,  H04L63/1441 ,  H04L63/1483 ,  H04L67/10 ,  H04L2209/26 ,  H04L2209/56

Abstract: Data security is enhanced by injecting insecurity into communications between two computer systems to test one of the computer systems. The insecurity is injected by modifying the communications between the two computer systems by modifying or adding messages. A response from one of the computer systems is monitored to determine whether the computer system reacts to the modification in a secure manner or if mitigating actions need to be performed.

Abstract translation: 通过在两台计算机系统之间的通信中注入不安全性来测试其中一台计算机系统来增强数据安全性。 通过修改或添加消息来修改两台计算机系统之间的通信来注入不安全性。 监视来自其中一个计算机系统的响应，以确定计算机系统是否以安全的方式对修改做出反应，或者是否需要执行缓解措施。