中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

151 records (took 0.027 seconds)

    System for determining network anomalies
    101.
    发明授权
    System for determining network anomalies 有权

    公开(公告)号:US10158658B1

    公开(公告)日:2018-12-18

    申请号:US14960013

    申请日:2015-12-04

    Applicant: AMAZON TECHNOLOGIES, INC.

    Inventor: Nima Sharifi Mehr

    IPC: H04L29/06

    Abstract: Described are techniques for determining abnormalities in the transmission of data using one or more networks. Responsive to a request or other data, multiple anomaly detection services may determine anomaly values indicative of the likelihood that the request is anomalous. An aggregate value may also be determined based on at least a subset of the anomaly values. Based on correspondence between the aggregate value or any of the anomaly values and threshold data, the request may be determined to be anomalous or non-anomalous. The anomaly values may also be compared to security profile data indicative of sets of values determined based on previous requests. If the current anomaly values do not correspond to the security profile data, this determination may indicate that one or more of the anomaly detection services is compromised. Subsequent values from compromised anomaly detection services may be disregarded until remedied.

    MODIFYING PROVISIONED THROUGHPUT CAPACITY FOR DATA STORES ACCORDING TO CACHE PERFORMANCE
    102.
    发明申请
    MODIFYING PROVISIONED THROUGHPUT CAPACITY FOR DATA STORES ACCORDING TO CACHE PERFORMANCE 审中-公开

    公开(公告)号:US20180322066A1

    公开(公告)日:2018-11-08

    申请号:US16035461

    申请日:2018-07-13

    Applicant: Amazon Technologies, Inc.

    Inventor: Muhammad Wasiq Nima Sharifi Mehr

    IPC: G06F12/0877

    CPC classification number: G06F12/0877 G06F2212/1021 G06F2212/154 G06F2212/263 G06F2212/60

    Abstract: Modifications to throughput capacity provisioned at a data store for servicing access requests to the data store may be performed according to cache performance metrics. A cache that services access requests to the data store may be monitored to collected and evaluate cache performance metrics. The cache performance metrics may be evaluated with respect to criteria for triggering different throughput modifications. In response to triggering a throughput modification, the throughput capacity for the data store may be modified according to the triggered throughput modification. In some embodiments, the criteria for detecting throughput modifications may be determined and modified based on cache performance metrics.

    Separation of security credential verification
    103.
    发明授权
    Separation of security credential verification 有权

    公开(公告)号:US10103878B1

    公开(公告)日:2018-10-16

    申请号:US14854883

    申请日:2015-09-15

    Applicant: Amazon Technologies, Inc.

    Inventor: Nima Sharifi Mehr

    IPC: G06F21/00 H04L9/08 H04L29/06 G06F21/31 G06F21/30

    Abstract: Disclosed are various embodiments for separating security credential verification. A first authentication service receives a first security credential from a client. The first authentication service also receives an encrypted version of a second security credential from a second authentication service. The first authentication service determines a stored encrypted credential corresponding to the second security credential based at least in part on the first security credential. The first authentication service authenticates the client by comparing the encrypted version of the second security credential to the stored encrypted credential.

    Credit card reader authenticator
    104.
    发明授权
    Credit card reader authenticator 有权

    公开(公告)号:US10068232B2

    公开(公告)日:2018-09-04

    申请号:US15331179

    申请日:2016-10-21

    Applicant: Amazon Technologies, Inc.

    Inventor: Nima Sharifi Mehr

    IPC: G06K7/08 G06Q20/40 G06Q20/34 G06Q20/20 G06Q20/24 G07F7/08 G06Q20/32

    Abstract: A credit card reader is attached to a mobile device to process credit card transactions at the point of sale. In response to detecting attachment of the credit card reader to the mobile device, the credit card reader displays a one-time password for authenticating the credit card reader. The algorithm used to generate the one-time password is synchronized with a user token configured to display one-time passwords. If there is a match between the one-time passwords of the credit card reader and the token, the credit card reader is authentic. Further, if there is a match, the credit card reader may allow the user to process credit card transactions through the credit card reader.

    Detecting unknown software vulnerabilities and system compromises
    106.
    发明授权
    Detecting unknown software vulnerabilities and system compromises 有权

    公开(公告)号:US10032031B1

    公开(公告)日:2018-07-24

    申请号:US14837390

    申请日:2015-08-27

    Applicant: Amazon Technologies, Inc.

    Inventor: Nima Sharifi Mehr

    IPC: G06F9/00 G06F21/57

    Abstract: Disclosed are various embodiments for detecting unknown software vulnerabilities and system compromises. In a first implementation, a monitoring service records an indication of which portions of an imported software package are invoked by a service during a learning period. After the learning period, the monitoring service determines that a different portion of the imported software package is invoked by the service. The portion is different than those invoked by the service during the learning period. An action is then performed in response to determining that the different portion of the imported software package is invoked by the service.

    Detecting malicious activities by imported software packages
    107.
    发明授权
    Detecting malicious activities by imported software packages 有权

    公开(公告)号:US10019572B1

    公开(公告)日:2018-07-10

    申请号:US14837403

    申请日:2015-08-27

    Applicant: Amazon Technologies, Inc.

    Inventor: Nima Sharifi Mehr

    IPC: H04L29/06 G06F21/55 G06F17/30 G06F21/56

    CPC classification number: G06F21/554 G06F21/52 G06F2221/033

    Abstract: Disclosed are various embodiments for detecting malicious activities by imported software packages. A monitoring service determines that untrusted code executing in at least one computing device has invoked a privileged operation. A context in which the privileged operation is invoked is identified. The monitoring service determines whether the context and the privileged operation corresponds to an expected behavior of the untrusted code based at least in part on a past behavior profile of the untrusted code. An action is performed in response to determining that the context and the privileged operation do not correspond to the expected behavior.

    Buffer overflow exploit detection
    110.
    发明授权
    Buffer overflow exploit detection 有权

    公开(公告)号:US09892253B1

    公开(公告)日:2018-02-13

    申请号:US15187006

    申请日:2016-06-20

    Applicant: Amazon Technologies, Inc.

    Inventor: Nima Sharifi Mehr

    IPC: G06F21/00 G06F21/52

    CPC classification number: G06F21/52 G06F2221/033

    Abstract: A call to a memory management application programming interface (API) that results in a buffer overflow due to inaccurate bounds checking could potentially leave the system vulnerable to being exploited by a third party. Approaches presented herein can monitor calls to these APIs in order to determine typical memory sizes passed to these APIs. During an initial baselining period a number of profiles are generated that indicate expected memory size parameters under various different call conditions, such from specific sources or call stacks. Comparing subsequently received API calls against the expected values from the relevant profile enables the legitimacy of an API call to be determined with relatively high accuracy. A suspicious call is identified based at least in part upon determining that the memory size of the call falls outside an expected range for that API and the relevant context.

Patent Agency Ranking