公开(公告)号：US11743122B1

公开(公告)日：2023-08-29

申请号：US17709068

申请日：2022-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Samuel Bayless ,  John David Backes ,  Daniel William Dacosta ,  Vaibhav Katkade ,  Sagar Chintamani Joshi ,  Nadia Labai ,  Syed Mubashir Iqbal ,  Patrick Trentin ,  Nathan Launchbury ,  Nikolaos Giannarakis ,  Victor Heorhiadi ,  Nick Matthews

IPC: H04L41/0869 ,  H04L41/08 ,  H04L41/22 ,  H04L41/0816 ,  H04L41/14 ,  H04L41/147 ,  H04L9/40

CPC classification number: H04L41/0869 ,  H04L41/0816 ,  H04L41/0883 ,  H04L41/145 ,  H04L41/147 ,  H04L41/22 ,  H04L63/0263

Abstract: A network change verification (NCV) system is disclosed for checking whether a proposed configuration change on a network alters the way that the network controls recently observed network flows. In embodiments, the system builds an observed flow control model (OFCM) from logs of recent flows observed in the network. The OFCM, which may be periodically updated based on newly observed flows, provides a compact representation of how individual network flows were ostensibly controlled by the network. When a proposed configuration change is received, the system analyzes the change against the OFCM to check whether the change will alter how the network controls recently observed flows. If so, the proposed change is blocked, and an alert is generated identifying flows that are affected by the change. The NCV system thus prevents network operators from accidentally making changes on the network that will materially alter the behavior of the network.