公开(公告)号：US10032037B1

公开(公告)日：2018-07-24

申请号：US14494336

申请日：2014-09-23

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F21/62 ,  G06F21/60

Abstract: An application of a mobile device may be granted access to sensitive or private information. The mobile device may be configured to monitor the application's use of any sensitive data obtained by the application. The mobile device may include, with the sensitive data, taint propagation data configured to enable the mobile device to detect that application's use of the cloaked sensitive data. As a result of detecting the application use of the sensitive data, trust information corresponding to the applications use of the cloaked sensitive data may be provided a service provider. The service provider may be configured to determine a trust level of the application and perform remedial operations based at least in part on the determined trust level.

公开(公告)号：US09892254B2

公开(公告)日：2018-02-13

申请号：US14852361

申请日：2015-09-11

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F11/00 ,  G06F21/53 ,  G06F9/455

CPC classification number: G06F21/53 ,  G06F9/45558 ,  G06F2009/45587 ,  G06F2221/034

Abstract: Techniques for restricting the execution of algorithms contained in applications executing on virtual machines executing within a computer system are described herein. A first sampled set of computer executable instructions is gathered from a virtual machine by a controlling domain and compared against a reference set of computer executable instructions. If the first set is similar to the reference set, and if the execution of the algorithm corresponding to the reference set is restricted by one or more computer system polices, one or more operations limiting the execution of the restricted algorithm are performed, thus ensuring conformance with the computer system policies.

公开(公告)号：US09875192B1

公开(公告)日：2018-01-23

申请号：US14750973

申请日：2015-06-25

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F12/12 ,  G06F12/122 ,  G06F9/455 ,  G06F9/50 ,  G06F9/30 ,  G06F17/30 ,  G06F12/0871

CPC classification number: G06F12/122 ,  G06F9/45558 ,  G06F9/50 ,  G06F12/0871 ,  G06F17/30088 ,  G06F2009/45583 ,  G06F2212/1016 ,  G06F2212/152 ,  G06F2212/455 ,  G06F2212/463 ,  G06F2212/604 ,  G06F2212/69

Abstract: A system and method that includes receiving a call, from a thread, of a plurality of threads performing the same operations in parallel, in association with a virtual machine, to read a block of data from a file, allocating memory accessible by both the virtual machine and the plurality of threads for receiving the block, and providing the block by causing the block to be copied from the file associated with a file descriptor into the memory. A system and method that includes receiving a call from a thread of a plurality of threads executing the same instructions in parallel in association with a virtual machine, to write a block of data to a file, configuring a buffer accessible by the virtual machine to receive the block, writing the block to the configured buffer, and causing the block to be copied from the configured buffer to the file.

公开(公告)号：US20170357573A1

公开(公告)日：2017-12-14

申请号：US15689282

申请日：2017-08-29

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F12/02 ,  G06F9/32

CPC classification number: G06F12/0246 ,  G06F9/321 ,  G06F2212/1044 ,  G06F2212/7201

Abstract: Non-volatile devices may be configured such that a clear operation on a single bit clears an entire block of bits. The representation of particular data structures may be optimized to reduce the number of clear operations required to store the representation in non-volatile memory. A data schema may indicate that a data structure of an application may be optimized for storage in non-volatile memory. A translation layer may convert an application level representation of a data value associated with the data structure to an optimized storage representation of the data value before storing the optimized storage representation of the data value in non-volatile memory.

公开(公告)号：US09778968B1

公开(公告)日：2017-10-03

申请号：US14983223

申请日：2015-12-29

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F9/54 ,  G06F9/50

CPC classification number: G06F9/547 ,  G06F8/30 ,  G06F9/451 ,  G06F9/5011 ,  G06F11/3006 ,  G06F11/302 ,  G06F11/3072

Abstract: Systems and methods for generating a programmatic implementation based on a set of recorded API calls. One example includes determining an interval of time during which actions made on an interface associated with a session user account are made, obtaining a set of records from an API call log that indicates a set of API calls made during the interval of time, and generating a programmatic implementation that is usable to submit the set of API calls.

公开(公告)号：US09767276B1

公开(公告)日：2017-09-19

申请号：US14468943

申请日：2014-08-26

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F21/55 ,  G06F12/14

CPC classification number: G06F21/554

Abstract: A method and apparatus for detecting kernel data structure tampering are disclosed. In the method and apparatus, a memory region of a computer system is scanned for one or more characteristics of a kernel data structure of an operating system kernel. It is then determined, based at least in part on identifying whether the one or more characteristics are found in the memory region, whether the kernel data structure is stored in the memory region of the computer system for tampering with the kernel data structure.

公开(公告)号：US09766921B2

公开(公告)日：2017-09-19

申请号：US15152448

申请日：2016-05-11

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F9/455 ,  G06F9/44 ,  G06F9/445

CPC classification number: G06F9/45558 ,  G06F3/0619 ,  G06F3/065 ,  G06F3/067 ,  G06F8/63 ,  G06F8/71 ,  G06F9/4401 ,  G06F9/4406 ,  G06F2009/45562 ,  G06F2009/45583

Abstract: A method and apparatus for configuring an overlay network are provided. In the method and apparatus, an application source comprising an executable portion is obtained. A computer system instance is caused to execute at least some of the executable portion, and a snapshot of the computer system instance after partial but incomplete execution of the executable portion is obtained such that the snapshot is usable to instantiate another computer system instance to continue execution of the executable portion from a point in execution at which the snapshot was obtained.

公开(公告)号：US09727726B1

公开(公告)日：2017-08-08

申请号：US14135170

申请日：2013-12-19

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F7/04 ,  G06F17/30 ,  H04N7/16 ,  G06F21/55

CPC classification number: G06F21/55 ,  G06F21/53 ,  G06F21/554

Abstract: Remote computing resource service providers allow customers to execute one or more applications in a virtual environment on computer systems provided by the computing resource service provider. The customer applications are generally executed by multiple virtual machine instances working together. The virtual machines may be managed by a hypervisor executing on computer systems operated by the service provider. These computer systems may be vulnerable to intrusions and other malicious attack, thereby exposing the virtual machines and corresponding customer applications executing on the computer systems. A monitoring device may be used in one or more of the computing systems, operated by the service provider, in order to monitor and prevent a variety of different attacks.

公开(公告)号：US20170054748A1

公开(公告)日：2017-02-23

申请号：US15344396

申请日：2016-11-04

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  H04L63/1408

Abstract: A method and apparatus for detecting covert routing is disclosed. In the method and apparatus, data addressed to a remote computer system are forwarded over a first network path, whereby the data is associated with a computer system of a plurality of computer systems. Further, a plurality of first network performance metrics is obtained. A likelihood of covert routing is determined based at least in part on the plurality of first network performance metrics.

Abstract translation: 公开了一种用于检测隐蔽路由的方法和装置。 在所述方法和装置中，寻址到远程计算机系统的数据通过第一网络路径转发，由此数据与多个计算机系统的计算机系统相关联。 此外，获得多个第一网络性能度量。 至少部分地基于多个第一网络性能度量确定隐蔽路由的可能性。

公开(公告)号：US09575793B1

公开(公告)日：2017-02-21

申请号：US14469390

申请日：2014-08-26

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F9/4406 ,  G06F9/455 ,  G06F21/53 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2221/034

Abstract: Techniques for identifying kernel data structures are disclosed herein. A representation of memory location relationships between pairs of memory locations is created based on a virtual machine image. A virtual machine is instantiated based at least in part on the representation and based at least in part on the virtual machine image. The representation is validated based on confidence scores associated with correlations between one or more memory snapshots of the virtual machine and the memory locations, and the parts of the representation that are not valid are removed from the representation.

Abstract translation: 本文公开了用于识别内核数据结构的技术。 基于虚拟机映像创建存储器位置对之间的存储器位置关系的表示。 至少部分地基于表示来实例化虚拟机，并至少部分地基于虚拟机映像。 该表示基于与虚拟机的一个或多个存储器快照与存储器位置之间的相关性相关联的置信度得分来验证，并且从表示中移除无效的部分表示。