公开(公告)号：US12284110B1

公开(公告)日：2025-04-22

申请号：US17853531

申请日：2022-06-29

Applicant: Amazon Technologies, Inc.

Inventor： Joan Barcelo Llado ,  Eric Charles Briffa ,  Bobby Brown ,  Kenan Yang ,  Seyed Arash Sadrieh ,  Tahir Azim ,  Julien Ridoux ,  Harvo Reyzell Jones ,  Thomas Bradley Scholl ,  Ali Khayam ,  Robert Louis Mosher ,  Michael W. Palladino ,  Rajat Chaudhary ,  Nikhil Ashok Arjunagi ,  Fiachra John Groarke

IPC: H04L45/12 ,  H04L43/087 ,  H04L43/0888 ,  H04L45/121 ,  H04L47/125

Abstract: Technologies are disclosed for performing context-aware routing of traffic based on an application of a series of filters and/or selectors to determine an optimal group of interfaces for servicing traffic relating to a prefix. A traffic management control plane processes input data corresponding to aggregated telemetry data for a network by determining candidate groups of interfaces to service a network prefix and applies tunable filters and/or selectors to the candidate groups to determine a targeted group to use for servicing traffic corresponding to the prefix. The determined targeted group is mapped to the prefix in a mapping result, which is then provided to an actuator interface to control network devices to inject the new mapping into the network to control traffic according to the mapping.

公开(公告)号：US12155690B1

公开(公告)日：2024-11-26

申请号：US17643762

申请日：2021-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Kelly Anne Rooker ,  Thomas Bradley Scholl ,  Kushal Mall ,  Darshan Narayana Reddy ,  Lewis Iain McLean ,  Andrew Robert Hassall ,  Grace Marie Hatamyar ,  Bradford Sachin Chatterjee ,  Sidath Manawadu ,  Bobby Brown ,  John Shields ,  Karthik Chandrashekar

IPC: H04L29/06 ,  H04L9/40 ,  H04L41/0816 ,  H04L41/28

Abstract: The present disclosure generally relates to systems and methods for utilization of network mitigation techniques in the form of null address routing to mitigate coordinated DDOS attacks. A monitoring and mitigation service can characterize a command and control node as compromised or otherwise manipulated for purposes of generating distributed attacks. The monitoring and mitigation service can then identify network mitigation information in the form of null routing addresses that will cause network communications associated with the identified command and control node to be terminated or otherwise not delivered to the intended network-based resources. The monitoring and mitigation service can propagate the null routing address to routing components. The network mitigation information can be associated with expiration criteria for the routing components that receive and implement the network mitigation technique.