System and method of assigning reputation scores to hosts
US-2016359888-A1 · Dec 8, 2016 · US
Group-based treatment of network addresses
US11075911B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11075911-B2 |
| Application number | US-201916384690-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 15, 2019 |
| Priority date | Mar 4, 2016 |
| Publication date | Jul 27, 2021 |
| Grant date | Jul 27, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems, methods, and computer-readable media are described for a network address block treatment server. The network address block treatment server identifies blocks of network addresses, associates them with treatments, and generates compact representations of the network address blocks. Blocks may be identified based on network activity data or on the treatment of individual network addresses, and treatments may be associated with address blocks based on address-level and/or block-level criteria. Treatments may include, for example, denying service requests, throttling, queueing, issuing a challenge-response, or limiting the number or scope of services. The network address block treatment server may review treatments periodically or upon receipt of additional network activity data. The server may implement treatments in connection with firewall or routing services, or may transmit address block representations and associated treatments to network service providers for implementation.
First claim
Opening claim text (preview).
What is claimed is: 1. A non-transitory computer-readable storage medium including specific computer-executable instructions that, when executed by a computing device, cause the computing device to at least: obtain network address treatment data associating individual network addresses with respective treatments; identify, based at least in part on the network address treatment data, a first plurality of network addresses, the first plurality of network addresses including at least one network address that the network address treatment data associates with a treatment; obtain a first criterion for evaluating any set of network addresses for potential application of a first treatment; evaluate the first plurality of network addresses for potential application of the first treatment, wherein evaluating the first plurality of network addresses comprises determining that the first plurality of network addresses satisfies the first criterion; and in response to determining that the first plurality of network addresses satisfies the first criterion: generate a first representation of the first plurality of network addresses; and cause the first treatment to be applied to a network address that corresponds to the first representation of the first plurality of network addresses. 2. The non-transitory computer-readable storage medium of claim 1 , wherein the non-transitory computer-readable storage medium includes further specific computer-executable instructions that, when executed by the computing device, further cause the computing device to at least transmit the first representation and the first treatment to a network service provider, and wherein the network service provider is configured to: identify the first plurality of network addresses from the first representation; and cause the first treatment to be applied to the network address that corresponds to the first representation of the first plurality of network addresses. 3. The non-transitory computer-readable storage medium of claim 2 , wherein the non-transitory computer-readable storage medium includes further specific computer-executable instructions that, when executed by the computing device, further cause the computing device to at least: identify a subset of the first plurality of network addresses; obtain a second criterion for determining that a second treatment should be applied to a set of network addresses; determine that the subset of the first plurality of network addresses satisfies the second criterion; generate a second representation of the subset of the first plurality of network addresses; and transmit the second representation and the second treatment to the network service provider. 4. The non-transitory computer-readable storage medium of claim 3 , wherein the network service provider is configured to: identify the subset of the first plurality of network addresses from the second representation; and cause the first treatment and the second treatment to be applied to a network address that corresponds to the second representation. 5. The non-transitory computer-readable storage medium of claim 3 , wherein the network service provider is configured to: identify the subset of the first plurality of network addresses from the second representation; and cause only the second treatment to be applied to a network address that corresponds to the second representation. 6. The non-transitory computer-readable storage medium of claim 1 , wherein the non-transitory computer-readable storage medium includes further specific computer-executable instructions that, when executed by the computing device, further cause the computing device to at least: obtain network activity data associating individual network addresses with respective network activities; and generate the network address treatment data at least in part from the network activity data. 7. The non-transitory computer-readable storage medium of claim 1 , wherein the non-transitory computer-readable storage medium includes further specific computer-executable instructions that, when executed by the computing device, further cause the computing device to at least: obtain service level agreement data associating individual network addresses with respective service levels; and generate the network address treatment data at least in part from the service level agreement data. 8. A system comprising: a data store configured to store network address treatment data; and a processor in communication with the data store, wherein the processor executes specific computer-executable instructions to perform operations including: obtaining network address treatment data associating individual network addresses with respective treatments; identifying, based at least in part on the network address treatment data, a first group of network addresses, the first group of network addresses including a network address that the network address treatment data associates with a first treatment; obtaining a first criterion for evaluating any group of network addresses for potential application of the first treatment; evaluating the first group of network addresses for potential application of the first treatment, wherein evaluating the first group of network addresses comprises determining that the first group of network addresses satisfies the first criterion; and responsive to determining that the first group of network addresses satisfies the first criterion: generating a representation of the first group of network addresses; and causing the first treatment to be applied to at least one network address that corresponds to the representation of the first group of network addresses. 9. The system of claim 8 , wherein the processor executes additional specific computer-executable instructions to perform additional operations including: determining, based at least in part on a second criterion, that a second treatment should be associated with at least the first group of network addresses; and determining that the first treatment takes precedence over the second treatment. 10. The system of claim 9 , wherein determining that the first treatment takes precedence over the second treatment is based at least in part on an order of precedence. 11. The system of claim 9 , wherein determining that the first treatment takes precedence over the second treatment comprises determining that a quantity of network addresses associated with the first treatment by the first criterion is smaller than a quantity of network addresses associated with the second treatment by the second criterion. 12. The system of claim 8 , wherein the processor executes additional specific computer-executable instructions to perform additional operations including: determining, based at least in part on a second criterion, that a second treatment should be applied to a second group of network addresses, wherein the first group of network addresses includes the second group; generating a representation of the second group of network addresses; and causing the second treatment to be applied to at least one network address that corresponds to the representation of the second group. 13. The system of claim 12 , wherein the second criterion comprises a threshold quantity of previously identified groups of network addresses that are included within the first group. 14. The system of claim 8 , wherein the processor executes additional specific computer-executable instructions to perform additional operations including: obtaining network activity data that corresponds to individual network addresses in the first group of network ad
Assignees
Inventors
Classifications
Internet protocol [IP] address subnets · CPC title
Address structures or formats · CPC title
Denial of Service · CPC title
- H04L63/10Primary
for controlling access to devices or network resources · CPC title
for separating internal from external traffic, e.g. firewalls · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11075911B2 cover?
- Systems, methods, and computer-readable media are described for a network address block treatment server. The network address block treatment server identifies blocks of network addresses, associates them with treatments, and generates compact representations of the network address blocks. Blocks may be identified based on network activity data or on the treatment of individual network addresse…
- Who is the assignee on this patent?
- Amazon Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/10. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 27 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).