&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12034740.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,034,740 B1</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Distributed denial of service mitigation in a container based framework</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Scott Gerard Carmack,  Mercer Island, WA (US);  Narasimha Rao Lakkakula,  Bothell, WA (US); and  Nima Sharifi Mehr,  Vancouver (CA)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Amazon Technologies, Inc.,  Seattle, WA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Amazon Technologies, Inc.,  Seattle, WA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Mar.  28, 2016, as Appl. No. 15/083,098.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/00</b></i> (2022.01); <i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1416</b></i> (2013.01)&#xa0;[<i><b>H04L 63/1458</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>22 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12034740-20240709-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A non-transitory computer-readable storage medium storing thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least:<div class="claim_text">receive metrics from a software agent executing on a physical host in which a first software container executes, the metrics including information regarding a network communication directed to a first software application executing in the first software container from a second software application executing in a second software container different from the first software container, the first software container and the second software container being managed through a container service provided by a computing resource service provider that controls the computer system;</div>
                <div class="claim_text">determine, based at least in part on the metrics, that a trigger for initiating migration of the second software application has been met, the migration being a process to move the second software application from a first zone to a second zone in a hierarchy of zones that would result in the second software application being in a more granular hierarchical proximity with respect to at least physical distance or a bandwidth to the first software application; and</div>
                <div class="claim_text">as a result of the trigger being met:<div class="claim_text">compute, based at least in part on a determination of whether the network communication is associated with a denial of service attack, a denial of service threat level;</div>
                  <div class="claim_text">as a result of the denial of service threat level being of a first severity, cause the second software application to be migrated to the second zone that allows for improved communications between the first software application and the second software application, wherein the denial of service threat level is of the first software application to the second software application;</div>
                  <div class="claim_text">as a result of the denial of service threat level being of a second severity, delay migration of the second software application for a predetermined period; and</div>
                  <div class="claim_text">as a result of the denial of service threat level being of a third severity, cause a denial of service mitigation action to be performed.</div>
                </div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>