Abstract: Methods and apparatus for content preloading using predictive models are disclosed. A system includes computing devices that generate a model to determine a predicted set of additional network content assets anticipated to be requested by a client after the client has requested a given set of assets. The devices determine, based on characteristics of a client's content request, whether to initiate an asset preload operation using the model. If a decision is made to initiate an asset preload, the devices identify, using the model, the predicted set of assets corresponding to the request, and initiate delivery of at least a portion of the predicted set to one or more destinations on behalf of the client.

Abstract: Techniques are described for managing cached data in a network environment. In one example, the techniques include receiving a client request for a data group, determining that a cached copy of the requested data group that is stored in the persistent cache storage is no longer valid relative to a current copy of the data group stored at a remote data source system, obtaining from the remote data source system information about differences between the cached copy and the current copy and instructions associated with the identified differences, modifying, by the configured server computing system, the cached copy to include the identified differences in accordance with the received instructions, and providing, by the configured server computing system, the modified cached copy of the requested data group to the client in response to the client request.

Abstract: Systems and methods are described that enable the mitigation of network attacks directed to specific sets of content on a content delivery system. A set of content targeted in the attack may be identified based at least in part on a combination of network addresses to which attacked-related packets are transmitted. Thereafter, the content delivery system may mitigate the attack based on the identified target. For example, where both targeted and non-targeted sets of content are associated with the attacked network addresses, traffic directed to these sets of content may be separated, e.g., in order to reduce the impact of the attack on the non-targeted sets of content or increase the computing resources available to the targeted content. Redirection of traffic may occur using either or both of resolution-based redirection or routing-based redirection.

Abstract: Systems and methods for configuration of network-based firewall services based on network firewall configuration information provided by one or more sources are provided. The network firewall configuration information can include one or more lists of network address ranges that will be used by the network firewall to process data communications received at a data center. The received network firewall configuration information can be prioritized and filtered to conform to a maximum threshold number of network address ranges that can be configured on a network firewall service. The filtered and processed network address range information can then be utilized to configure one or more network firewall services or application hosted within a data center.

Abstract: Systems and methods are described to enable identification of computing resources targeted in a network attack. Network attacks, such as denial of service attacks, are frequently directed to network addresses that host multiple sets of content, each representing a distinct potential target of the network attack. Aspects of this disclosure enable each set of content to be assigned a unique or semi-unique combination of network addresses at which the set of content is accessible. During a network attack, a hosting system can compare the network addresses under attack to those assigned to each set of content to determine which sets of content are potentially targeted by the attack. Where the combination of network addresses is associated with only a single set of content, that set of content can be identified as the target of the network attack.

Abstract: Systems and methods are described that enable the mitigation of network attacks directed to specific sets of content on a content delivery system. A set of content targeted in the attack may be identified based at least in part on a combination of network addresses to which attacked-related packets are transmitted. Thereafter, the content delivery system may mitigate the attack based on the identified target. For example, where both targeted and non-targeted sets of content are associated with the attacked network addresses, traffic directed to these sets of content may be separated, e.g., in order to reduce the impact of the attack on the non-targeted sets of content or increase the computing resources available to the targeted content. Redirection of traffic may occur using either or both of resolution-based redirection or routing-based redirection.

Abstract: Techniques are described for managing cached data in a network environment. In one example, the techniques include receiving a client request for a data group, determining that a cached copy of the requested data group that is stored in the persistent cache storage is no longer valid relative to a current copy of the data group stored at a remote data source system, obtaining from the remote data source system information about differences between the cached copy and the current copy and instructions associated with the identified differences, modifying, by the configured server computing system, the cached copy to include the identified differences in accordance with the received instructions, and providing, by the configured server computing system, the modified cached copy of the requested data group to the client in response to the client request.

Abstract: Techniques are described for managing cached data in a network environment. In one example, the techniques include receiving a client request for a data group, determining that a cached copy of the requested data group that is stored in the persistent cache storage is no longer valid relative to a current copy of the data group stored at a remote data source system, obtaining from the remote data source system information about differences between the cached copy and the current copy and instructions associated with the identified differences, modifying, by the configured server computing system, the cached copy to include the identified differences in accordance with the received instructions, and providing, by the configured server computing system, the modified cached copy of the requested data group to the client in response to the client request.

Abstract: Systems and methods are described to enable identification of computing devices associated with network attacks, such as denial of service attacks. Data packets used to execute a network attack often include forged source address information, such that the address of an attacker is difficult or impossible to determine based on those data packets. However, attackers generally provide legitimate address information when resolving an identifier, such as a universal resource identifier (URI), of an attack target into corresponding destination addresses. The application enables individual client computing devices to be provided with different combinations of destination addresses, such that when an attack is detected on a given combination of destination address, the client computing device to which that combination of destination addresses was provided can be identified as a source of the attack.

Abstract: Systems and methods are described that enable the mitigation of network attacks directed to specific sets of content on a content delivery system. A set of content targeted in the attack may be identified based at least in part on a combination of network addresses to which attacked-related packets are transmitted. Thereafter, the content delivery system may mitigate the attack based on the identified target. For example, where both targeted and non-targeted sets of content are associated with the attacked network addresses, traffic directed to these sets of content may be separated, e.g., in order to reduce the impact of the attack on the non-targeted sets of content or increase the computing resources available to the targeted content. Redirection of traffic may occur using either or both of resolution-based redirection or routing-based redirection.

Abstract: Systems and methods are described that enable the mitigation of network attacks directed to specific sets of content on a content delivery system. A set of content targeted in the attack may be identified based at least in part on a combination of network addresses to which attacked-related packets are transmitted. Thereafter, the content delivery system may mitigate the attack based on the identified target. For example, where both targeted and non-targeted sets of content are associated with the attacked network addresses, traffic directed to these sets of content may be separated, e.g., in order to reduce the impact of the attack on the non-targeted sets of content or increase the computing resources available to the targeted content. Redirection of traffic may occur using either or both of resolution-based redirection or routing-based redirection.

Abstract: Disclosed herein are various embodiments of systems and methods for providing electronic medical support that utilize an electronic examination template. According to various embodiments, the electronic examination template may include an examination step relating to a medical complaint, a clinical clue associated with the examination step to inform a user on how to proceed with the examination step, and an information field to allow a user to input information related to the examination step.