US 11,743,122 B1
Network change verification based on observed network flows
Samuel Bayless, Seattle, WA (US); John David Backes, Minneapolis, MN (US); Daniel William Dacosta, Saint Paul, MN (US); Vaibhav Katkade, San Jose, CA (US); Sagar Chintamani Joshi, Redmond, WA (US); Nadia Labai, Redmond, WA (US); Syed Mubashir Iqbal, Seattle, WA (US); Patrick Trentin, Minneapolis, MN (US); Nathan Launchbury, Seattle, WA (US); Nikolaos Giannarakis, Seattle, WA (US); Victor Heorhiadi, Seattle, WA (US); and Nick Matthews, Westminster, CO (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Mar. 30, 2022, as Appl. No. 17/709,068.
Int. Cl. H04L 41/0869 (2022.01); H04L 41/08 (2022.01); H04L 41/22 (2022.01); H04L 41/0816 (2022.01); H04L 41/14 (2022.01); H04L 41/147 (2022.01); H04L 9/40 (2022.01)
CPC H04L 41/0869 (2013.01) [H04L 41/0816 (2013.01); H04L 41/0883 (2013.01); H04L 41/145 (2013.01); H04L 41/147 (2013.01); H04L 41/22 (2013.01); H04L 63/0263 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system, comprising:
one or more computing devices that implement a network change verification (NCV) system, configured to:
collect network flow data of a plurality of network flows observed in a network;
generate, based at least in part on the network flow data, an observed flow control model (OFCM) of the network that represents how individual ones of the observed network flows were controlled by the network, wherein the OFCM includes one or more mapping functions that map individual observed network flows to resulting control actions;
analyze a proposed configuration change to the network using the OFCM to determine that the proposed configuration change will alter how the network controls at least one of the observed network flows; and
generate an alert indicating that the proposed configuration change will alter how the network controls at least one of the observed network flows.