-
公开(公告)号:US20240320332A1
公开(公告)日:2024-09-26
申请号:US18186454
申请日:2023-03-20
Applicant: Arm Limited
Inventor: Michael BARTLING
CPC classification number: G06F21/563 , G06F21/53
Abstract: A live attack shadow replay can be performed at a shadow replay box that receives a snapshot of a computer program executed by an operating system of a device; mirrors an execution environment of the snapshot; determines a typical execution of the computer program comprising a first set of variables; performs a static analysis on the snapshot of the computer program to determine a second set of variables; determines a divergence between the first set of variables and the second set of variables; marks variables of the second set of variables that are associated with the divergence; replays a portion of the computer program corresponding to at least the snapshot; and monitors the marked variables of the second set of variables during the replaying of the portion of the computer program.
-
公开(公告)号:US20240264924A1
公开(公告)日:2024-08-08
申请号:US18106666
申请日:2023-02-07
Applicant: Arm Limited
Inventor: Michael BARTLING , Brendan James MORAN , Andreas Lars SANDBERG
IPC: G06F11/36
CPC classification number: G06F11/3612 , G06F11/3664
Abstract: A computer implemented method is provided. The computer implemented method includes receiving an intermediate representation of a source code, intentionally injecting a weak code path at a point within the intermediate representation to create a modified intermediate representation, performing a path profiling on the modified intermediate representation to generate a particular path identifier for each path within the modified intermediate representation, and identifying the particular path identifier of the weak code path for use by a monitoring system. A monitoring system is also provided. The monitoring system monitors an executable code during runtime for execution of a path having a particular path identifier corresponding to the injected intentionally weak code path.
-
公开(公告)号:US20230195588A1
公开(公告)日:2023-06-22
申请号:US17559202
申请日:2021-12-22
Applicant: Arm Limited
Inventor: Michael BARTLING , Rishikanth CHANDRASEKARAN
CPC classification number: G06F11/3072 , G06F11/076 , G06F11/2273 , G06N20/00
Abstract: A data processing apparatus is provided that includes storage circuitry that stores a plurality of future time series forecasters of an aspect of a system and, for each of the future time series forecasters, a representation of a confidence interval associated with that future time series forecaster. Unknown-unknown detection circuitry determines whether a new measurement falls outside confidence intervals generated from the representation of the confidence interval associated with each future time series forecaster of the aspect of the system, and in response to the new measurement falling outside the confidence intervals, labels the new measurement as an unknown-unknown.
-
公开(公告)号:US20240296049A1
公开(公告)日:2024-09-05
申请号:US18117186
申请日:2023-03-03
Applicant: Arm Limited
Inventor: Brendan James MORAN , Michael BARTLING
CPC classification number: G06F9/30087 , G06F9/3861 , G06F11/34 , G06F2201/865 , G06F2201/88
Abstract: There is provided an apparatus and method, the apparatus comprising storage circuitry to store event information associated with instructions occurring between instrumentation points. The event information indicates a plurality of different types of events expected to occur during execution of the instructions. The event information comprises, for each event, type information indicating a type of that event and an expected number of occurrences of that event. The apparatus is also provided with monitoring circuitry comprising a plurality of programmable counters. The monitoring circuitry is responsive to a start instrumentation point, to assign at least a subset of the plurality of programmable counters to measure, during execution of the program instructions, occurrences of the plurality of different types of events identified in the event information. The monitoring circuitry is responsive to at least one counter deviating from the expected number of occurrences indicated by that counter, to perform a predetermined action.
-
公开(公告)号:US20240086502A1
公开(公告)日:2024-03-14
申请号:US17943428
申请日:2022-09-13
Applicant: Arm Limited
Inventor: Michael BARTLING , Derek Del MILLER , Mark Richard NUTTER , Hugo John Martin VINCENT
IPC: G06F21/31
CPC classification number: G06F21/31
Abstract: A computer-implemented method of operating a device is provided. The method comprises operating a sensor to capture a data input, individuating an element of the data input, tagging an individuated element with metadata, matching the metadata with an associated permission set, and applying a restricting function defined in the associated permission set to the individuated element during a process flow to produce augmented reality output data restricted as required by the associated permission set. A device is also provided, comprising a sensor, an individuating component to individuate an element of sensor data from the sensor, a tagging component to tag the individuated element, a matching component to match a tag of the individuated element with a permission of a permission set, and a restricting function component to restrict an application's interaction with the individuated element.
-
Patent Agency Ranking
公开(公告)号:US20230315609A1
公开(公告)日:2023-10-05
申请号:US17709683
申请日:2022-03-31
Applicant: Arm Limited
Inventor: Michael BARTLING
CPC classification number: G06F11/3608 , G06F11/3409 , G06F9/45516 , G06F11/3616
Abstract: A data processing apparatus is provided that includes storage circuitry to store a plurality of interconnected instructions. Analysis circuitry analyses the instructions to determine a degree of uniqueness of profile measurements of a control flow path fragments within the instructions.
-
公开(公告)号:US20240419785A1
公开(公告)日:2024-12-19
申请号:US18211392
申请日:2023-06-19
Applicant: Arm Limited
Inventor: Michael BARTLING , Brendan James MORAN
Abstract: A method includes receiving precursor alerts from a precursor detector that detects events from a processing unit, wherein each precursor alert comprises information of an event from the processing unit, the information of an event from the processing unit, detecting a first event in the precursor alerts indicating undesirable behavior and including a first score that is above a first value, setting a first timer for a first period of time, accumulating a score update with the first score of the first event. Upon the score update reaching or exceeding a first threshold value within the first period of time, generating a refined alert.
-
8.发明公开公开(公告)号:US20240303335A1
公开(公告)日:2024-09-12
申请号:US18178974
申请日:2023-03-06
Applicant: Arm Limited
Inventor: Michael BARTLING , Brendan James MORAN
CPC classification number: G06F21/566 , G06F21/554 , G06F2221/034
Abstract: A behavioral system level detector and method that filters local alerts to generate system alerts with an increased confidence level is provided. The method includes receiving local alerts from a local detector that detects events from a processing unit, wherein each local alert comprises information of an event from the processing unit and a timing relationship for the event, filtering the local alerts to determine events indicating an undesirable behavior or attack, and responsive to the determination that there are events indicating the undesirable behavior or the attack, generating a system alert. The behavioral system-level detector includes a shared data structure for storing local alerts received from at least one local detector and system processing unit coupled to the shared data structure to receive the local alerts and coupled to receive state information from the processing units.
-
公开(公告)号:US20240264801A1
公开(公告)日:2024-08-08
申请号:US18106274
申请日:2023-02-06
Applicant: Arm Limited
Inventor: Brendan James MORAN , Michael BARTLING , Andreas Lars SANDBERG
Abstract: A 1-hot path signature accelerator includes a register, first and second accumulator, and an outer product circuit. The register stores an input frame, where the input frame has, at most, one bit of each element set. The first accumulator calculates a present summation by adding the input frame to a previous sum of previous input frames inputted to the 1-hot path signature accelerator within a timeframe. The outer product circuit receives each element of the present summation from the first accumulator and each element of the input frame stored in the register to output a present outer product. Since the input frame has at most one bit of each element set, the outer product circuit is reduced to a logical operation. The second accumulator outputs a present second-layer summation by adding the present outer product to a previous second-layer sum of outputs from the outer product circuit within the timeframe.
-
公开(公告)号:US20230195846A1
公开(公告)日:2023-06-22
申请号:US17559246
申请日:2021-12-22
Applicant: Arm Limited
Inventor: Michael BARTLING
IPC: G06K9/62
CPC classification number: G06K9/6265
Abstract: A data processing apparatus is provided that includes forecast circuitry for generating a forecast of an aspect of a system for a next future time and for one or more subsequent future times following the next future time. Measurement circuitry generates, at the next future time, a new measurement of the aspect of the system. Aggregation circuitry produces an aggregation of the forecast of the aspect of the system for the next future time and of the new measurement of the aspect of the system. The forecast circuitry revises the forecast of the aspect of the system for the one or more subsequent future times using the aggregation.
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.023 seconds)
