公开(公告)号：US09329922B1

公开(公告)日：2016-05-03

申请号：US14104783

申请日：2013-12-12

Applicant: Amazon Technologies, Inc.

Inventor： Joshua William McFarlane ,  Andrew Thomas Troutman ,  Matthew Roy Noble ,  Nicholas Alexander Allen

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/36

CPC classification number: G06F11/079 ,  G06F11/0709 ,  G06F11/1446 ,  G06F11/3006 ,  G06F11/3051 ,  G06F11/3055 ,  G06F11/3664 ,  G06F11/3668

Abstract: Technologies are described herein for performing a defect analysis on a software component based upon collected data that describes the operational state of hardware devices in an execution environment utilized to execute the software component at different points in time. The hardware state data is collected from the hardware devices in the execution environment at different points in time and stored in a version control system. A defect analysis may then be performed for an issue identified in the software component utilizing the hardware state data stored in the version control system. Based upon the results of the defect analysis, one or more actions may be taken such as, but not limited to, rolling the hardware or software configuration of one or more of the hardware devices in the execution environment back to a previous point in time.

Abstract translation: 本文描述了用于基于收集的在不同时间点描述用于执行软件组件的执行环境中的硬件设备的操作状态的数据来对软件组件执行缺陷分析的技术。 硬件状态数据从执行环境中的硬件设备在不同时间点收集并存储在版本控制系统中。 然后可以利用存储在版本控制系统中的硬件状态数据来执行在软件组件中识别的问题的缺陷分析。 基于缺陷分析的结果，可以采取一种或多种动作，例如但不限于将执行环境中的一个或多个硬件设备的硬件或软件配置滚动回到先前的时间点。

公开(公告)号：US20160080367A1

公开(公告)日：2016-03-17

申请号：US14954744

申请日：2015-11-30

Applicant: Amazon Technologies, Inc.

Inventor： Gregory B. Roth ,  Nicholas Alexander Allen ,  Cristian M. Ilac

IPC: H04L29/06 ,  H04L12/26 ,  H04L29/08

CPC classification number: H04L63/083 ,  H04L43/106 ,  H04L63/08 ,  H04L63/0807 ,  H04L63/0846 ,  H04L63/108 ,  H04L63/168 ,  H04L63/20 ,  H04L67/14 ,  H04L67/146 ,  H04L67/42 ,  H04L2463/121

Abstract: Session-specific information stored to a cookie or other secure token can be selected and/or caused to vary over time, such that older copies will become less useful over time. Such an approach reduces the ability of entities obtaining a copy of the cookie from performing unauthorized tasks on a session. A cookie received with a request can contain a timestamp and an operation count for a session that may need to fall within an acceptable range of the current values in order for the request to be processed. A cookie returned with a response can be set to the correct value or incremented from the previous value based on various factors. The allowable bands can decrease with age of the session, and various parameter values such as a badness factor for a session can be updated continually based on the events for the session.

Abstract translation: 存储到cookie或其他安全令牌的会话专用信息可以被选择和/或导致随时间变化，使得较旧的副本随着时间变得不那么有用。 这种方法降低了获取cookie副本的实体在会话中执行未授权任务的能力。 使用请求收到的cookie可以包含可能需要落在当前值的可接受范围内的会话的时间戳和操作计数，以便请求被处理。 返回响应的cookie可以根据各种因素设置为正确的值或从先前值递增。 允许的频带可以随着会话的年龄而减小，并且可以基于会话的事件来连续地更新诸如会话的不良因素的各种参数值。

公开(公告)号：US09280372B2

公开(公告)日：2016-03-08

申请号：US13964889

申请日：2013-08-12

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F9/455 ,  G06F9/50

CPC classification number: G06F9/45558 ,  G06F9/45533 ,  G06F9/45541 ,  G06F9/4555 ,  G06F9/50 ,  G06F9/5027 ,  G06F12/023 ,  G06F2009/45562 ,  G06F2009/4557 ,  G06F2009/45583

Abstract: A computer system implements a hypervisor which, in turn, implements one or more computer system instances and a controller. The controller and a computer system instance share a memory. A request is processed using facilities of both the computer system instance and the controller. As part of request processing, information is passed between the computer system instance and the controller via the shared memory.

Abstract translation: 计算机系统实现管理程序，其又实现一个或多个计算机系统实例和控制器。 控制器和计算机系统实例共享内存。 使用计算机系统实例和控制器的设施来处理请求。 作为请求处理的一部分，信息通过共享存储器在计算机系统实例和控制器之间传递。

公开(公告)号：US09262251B1

公开(公告)日：2016-02-16

申请号：US14257861

申请日：2014-04-21

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F11/00 ,  G06F11/07

CPC classification number: G06F11/076 ,  G06F11/073 ,  G06F11/0751 ,  G06F11/079 ,  G06F11/362

Abstract: Systems and methods for the analysis of memory information of a computing device are provided. One or more user computing devices may transmit memory information to a memory analysis system. The memory analysis system may generate a weighted object graph based on the received memory information, and identify subgraphs to inspect for potential memory use patterns. If such patterns are common in an identified subgraph, they may indicate a potential memory leak. The memory analysis system may further analyze a larger portion of the weighted object graph based on a detected common pattern. Each detected pattern may be ranked based on the likelihood that it corresponds to a memory leak.

Abstract translation: 提供了用于分析计算设备的存储器信息的系统和方法。 一个或多个用户计算设备可以将存储器信息发送到存储器分析系统。 存储器分析系统可以基于接收到的存储器信息生成加权对象图，并且识别子图以检查潜在的存储器使用模式。 如果这种图案在识别的子图中是常见的，则它们可以指示潜在的存储器泄漏。 存储器分析系统可以基于检测到的公共模式进一步分析加权对象图的较大部分。 可以基于其对应于存储器泄漏的可能性对每个检测到的模式进行排名。

公开(公告)号：US09202038B1

公开(公告)日：2015-12-01

申请号：US13858792

申请日：2013-04-08

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F7/04 ,  G06F21/40

CPC classification number: G06F21/40

Abstract: A method for authenticating a request for access to resources is described. A request for access to a resource is received from a user, and the user accesses a proof-of-work challenge. An adjustment factor associated with the user is determined. The adjustment factor may be generated as a function of a password associated with the user and the requested resource. The proof-of-work challenge may have a complexity that is determined based on the adjustment factor. A selected password and a solution to the proof-of-work challenge are received from the user. It is determined whether the received solution is correct based on the determined adjustment factor.

Abstract translation: 描述用于认证对资源的访问请求的方法。 从用户接收到对资源的​​访问请求，并且用户访问工作证明的挑战。 确定与用户相关联的调整因子。 可以根据与用户和所请求的资源相关联的密码来生成调整因子。 工作证明的挑战可能具有基于调整因素确定的复杂性。 从用户那里接收到选择的密码和解决工作中的质疑。 基于所确定的调整因子确定接收到的解是否正确。

公开(公告)号：US09185003B1

公开(公告)日：2015-11-10

申请号：US13875980

申请日：2013-05-02

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: H04L12/24 ,  G06F1/12

CPC classification number: G06F1/12 ,  G06F9/452 ,  H04L41/0893 ,  H04L41/50 ,  H04L43/0811 ,  H04L43/0817

Abstract: Systems and methods are described for coordinating clocks in a distributed computing environment. In one embodiment, a plurality of groups of nodes are formed. Nodes within a group may be time-synchronized and time differences between groups may be tracked. Clock adjustments between groups may be accumulated for tracked activities. The accumulated clock adjustments may be used to determine an ordering of the tracked activities.

Abstract translation: 描述了用于在分布式计算环境中协调时钟的系统和方法。 在一个实施例中，形成多个节点组。 组内的节点可以是时间同步的，并且可以跟踪组之间的时间差。 可能会为跟踪的活动累积群组之间的时钟调整。 积累的时钟调整可以用于确定所跟踪的活动的顺序。

公开(公告)号：US09104877B1

公开(公告)日：2015-08-11

申请号：US13966749

申请日：2013-08-14

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F21/57 ,  G06F11/30

CPC classification number: G06F21/577 ,  G06F11/3065 ,  G06F11/3476 ,  G06F17/40 ,  G06F21/552 ,  G06F2201/81

Abstract: Techniques and systems are provided for detecting penetration attempts with fuzzing techniques utilizing historical log data of target system. The techniques may, for example, include comparing logs captured in response to fuzzed inputs with large numbers of historical logs and then modifying how the inputs are fuzzed based on how the fuzzed inputs resulting in a high similarity score were fuzzed. In some implementations, historical logs and captured logs with high similarity scores may cause an alarm condition to be triggered to alert a human operator.

Abstract translation: 提供技术和系统，用于利用目标系统的历史日志数据用模糊技术检测穿透尝试。 这些技术可以例如包括将响应于模糊输入捕获的日志与大量历史日志进行比较，然后基于如何使得高相似性得分的模糊输入模糊化来修改输入如何模糊化。 在一些实现中，具有高相似性分数的历史记录和捕获的日志可能导致触发报警条件以警告操作者。