Techniques for data routing and management using risk classification and data sampling
First Claim
Patent Images
1. A system, comprising:
- at least one computing device configured to implement one or more services, wherein the one or more services are configured to;
receive risk profiles associated with traffic flows; and
route, based on the risk profiles, the traffic flows by at least;
if a first subset of the risk profiles indicate that a first associated subset of the traffic flows is below or equal to a predetermined first risk level, routing the first associated subset of the traffic flows via a first path;
if a second subset of the risk profiles indicate that a second associated subset of the traffic flows is above the predetermined first risk level and below or equal to a predetermined second risk level, routing the second associated subset of the traffic flows via a second path that is isolated from at least a subset of a population of hosts used by the first path, the subset of the population hosts storing data designated by the system as sensitive; and
if a third subset of the risk profiles indicate that a third associated subset of the traffic flows is above the predetermined second risk level, routing the third associated subset of the traffic flows via a third path that is isolated from the population of hosts.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques described and suggested herein include various systems and methods for determining risk levels associated with transiting data, and routing portions of the data in accordance with the determined risk levels. For example, a risk analyzer may apply risk classifiers to transiting data to determine overall risk levels of some or all of the transiting data. A traffic router may route transiting data according to determined risk profiles for the data. A sandbox may be implemented to compare, for a given input, expected and observed outputs for a subset of transiting data, so as to determine risk profiles associated with at least the subset.
-
Citations
20 Claims
-
1. A system, comprising:
-
at least one computing device configured to implement one or more services, wherein the one or more services are configured to; receive risk profiles associated with traffic flows; and route, based on the risk profiles, the traffic flows by at least; if a first subset of the risk profiles indicate that a first associated subset of the traffic flows is below or equal to a predetermined first risk level, routing the first associated subset of the traffic flows via a first path; if a second subset of the risk profiles indicate that a second associated subset of the traffic flows is above the predetermined first risk level and below or equal to a predetermined second risk level, routing the second associated subset of the traffic flows via a second path that is isolated from at least a subset of a population of hosts used by the first path, the subset of the population hosts storing data designated by the system as sensitive; and if a third subset of the risk profiles indicate that a third associated subset of the traffic flows is above the predetermined second risk level, routing the third associated subset of the traffic flows via a third path that is isolated from the population of hosts. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method, comprising:
-
processing, by a computer system, a plurality of traffic flows to generate risk profiles associated with at least a subset of the plurality of traffic flows, the risk profiles including a risk level quantifying a relative level of risk associated with the subset of the plurality of traffic flows; and causing, by the computer system, routing of the plurality of traffic flows to be routed according to the generated risk profiles, such that; if a first subset of the risk profiles indicate that a first associated subset of the plurality of traffic flows has a risk level below or equal to a predetermined first risk level, the first associated subset of the traffic flows is routed via a first path; if a second subset of the risk profiles indicate that a second associated subset of the traffic flows has a risk level above the predetermined first risk level and below or equal to a predetermined second risk level, the second associated subset of the traffic flows is routed via a second path excluding at least a subset of a population of hosts used by the first path, the subset of the population of hosts storing data designated as sensitive; and if a third subset of the risk profiles indicate that a third associated subset of the traffic flows has a risk level above the predetermined second risk level, the third associated subset of the traffic flows is routed via a third path that excludes the population of hosts. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium having stored thereon executable instructions that, when executed by one or more processors of a computer system, cause the computer system to at least:
segregate, based at least in part on risk profiles associated with a plurality of traffic flows, the plurality of traffic flows by at least; if a first subset of the risk profiles indicate that a first associated subset of the traffic flows is below or equal to a predetermined first risk level, routing the first associated subset of the traffic flows via a first path; if a second subset of the risk profiles indicate that a second associated subset of the traffic flows is above the predetermined first risk level and below or equal to a predetermined second risk level, routing the second associated subset of the traffic flows via a second path that is isolated from at least a subset of a population of hosts used by the first path; and if a third subset of the risk profiles indicate that a third associated subset of the traffic flows is above the predetermined second risk level, routing the third associated subset of the traffic flows via a third path that is isolated from the population of hosts. - View Dependent Claims (16, 17, 18, 19, 20)
Specification