公开(公告)号：US20200175166A1

公开(公告)日：2020-06-04

申请号：US16780218

申请日：2020-02-03

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Xiaoning Li ,  Ravi L. Sahita ,  Aravind Subramanian ,  Abhay S. Kanhere ,  Chih-Yuan Yang ,  Yi Gai

IPC: G06F21/56 ,  G06N20/00 ,  H04L29/06

Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

公开(公告)号：US10649746B2

公开(公告)日：2020-05-12

申请号：US15237443

申请日：2016-08-15

Applicant: Intel Corporation

Inventor： Abhay S. Kanhere ,  Paul Caprioli ,  Koichi Yamada ,  Suriya Madras-Subramanian ,  Srinivas Suresh

IPC: G06F9/30 ,  G06F9/38 ,  G06F9/455 ,  G06F9/46 ,  G06F8/40 ,  G06F8/51 ,  G06F8/41

Abstract: A micro-architecture may provide a hardware and software co-designed dynamic binary translation. The micro-architecture may invoke a method to perform a dynamic binary translation. The method may comprise executing original software code compiled targeting a first instruction set, using processor hardware to detect a hot spot in the software code and passing control to a binary translation translator, determining a hot spot region for translation, generating the translated code using a second instruction set, placing the translated code in a translation cache, executing the translated code from the translated cache, and transitioning back to the original software code after the translated code finishes execution.

公开(公告)号：US20170212825A1

公开(公告)日：2017-07-27

申请号：US15403120

申请日：2017-01-10

Applicant: Intel Corporation

Inventor： Paul Caprioli ,  Matthew C. Merten ,  Muawya M. Al-Otoom ,  Omar M. Shaikh ,  Abhay S. Kanhere ,  Suresh Srinivas ,  Koichi Yamada ,  Vivek Thakkar ,  Pawel Osciak

IPC: G06F11/34 ,  G06F9/455 ,  G06F11/36 ,  G06F11/07 ,  G06F9/45

CPC classification number: G06F11/3466 ,  G06F8/40 ,  G06F8/52 ,  G06F9/3017 ,  G06F9/3842 ,  G06F9/4552 ,  G06F11/073 ,  G06F11/3616 ,  G06F11/3652

Abstract: A hardware profiling mechanism implemented by performance monitoring hardware enables page level automatic binary translation. The hardware during runtime identifies a code page in memory containing potentially optimizable instructions. The hardware requests allocation of a new page in memory associated with the code page, where the new page contains a collection of counters and each of the counters corresponds to one of the instructions in the code page. When the hardware detects a branch instruction having a branch target within the code page, it increments one of the counters that has the same position in the new page as the branch target in the code page. The execution of the code page is repeated and the counters are incremented when branch targets fall within the code page. The hardware then provides the counter values in the new page to a binary translator for binary translation.

公开(公告)号：US20170046140A1

公开(公告)日：2017-02-16

申请号：US15335709

申请日：2016-10-27

Applicant: Intel Corporation

Inventor： Abhay S. Kanhere ,  Saurabh Shukla ,  Suriya Subramanian ,  Paul Caprioli

IPC: G06F9/45 ,  G06F9/455 ,  G06F11/14

CPC classification number: G06F8/443 ,  G06F9/45516 ,  G06F11/1405 ,  G06F2201/805

Abstract: State recovery methods and apparatus for computing platforms are disclosed. An example method includes inserting, with a processor, a first instruction into optimized code to cause a first portion of a register in a first state to be saved to memory before execution of a region of the optimized code, maintaining, with the processor, a first indication of a first manner in which the first portion of the register is to be restored in connection with a state recovery after execution of the region of the optimized code, and maintaining, with the processor, a second indication of a second manner in which a second portion of the register is to be restored in connection with the state recovery after execution of the region of the optimized code.

Abstract translation: 披露了用于计算平台的状态恢复方法和装置。 一个示例性方法包括：利用处理器将第一指令插入到优化的代码中，以使得在执行优化代码的区域之前将处于第一状态的寄存器的第一部分保存到存储器， 与执行优化代码的区域之后的状态恢复相关联地恢复寄存器的第一部分的第一方式的第一指示，并且用处理器维持第二方式的第二指示，其中第二指示 寄存器的第二部分将在执行优化代码的区域之后与状态恢复相关联地恢复。

公开(公告)号：US09910646B2

公开(公告)日：2018-03-06

申请号：US14998274

申请日：2015-12-26

Applicant: Intel Corporation

Inventor： Abhay S. Kanhere ,  Haitao Feng ,  Paul H Hohensee ,  Aravind Subramanian

IPC: G06F9/45

CPC classification number: G06F8/433 ,  G06F8/53

Abstract: Technologies for native code invocation using binary analysis are described. A computing device for invoking native code from managed code using binary analysis receives a call from a thread executing a managed code segment to execute a native code segment. The computing device performs a binary analysis of the native code segment and generates, from the binary analysis, a complexity indicator that indicates a level of complexity of the native code segment by comparing the native code segment to at least one predefined complexity rule. Additionally, the computing device stores a status of the thread based on the complexity indicator and executes the native code segment. Other embodiments are described and claimed.

公开(公告)号：US11568051B2

公开(公告)日：2023-01-31

申请号：US16780218

申请日：2020-02-03

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Xiaoning Li ,  Ravi L. Sahita ,  Aravind Subramanian ,  Abhay S. Kanhere ,  Chih-Yuan Yang ,  Yi Gai

IPC: G06F21/56 ,  G06N20/00 ,  H04L29/06 ,  H04L9/40

Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

公开(公告)号：US10552609B2

公开(公告)日：2020-02-04

申请号：US15395053

申请日：2016-12-30

Applicant: INTEL CORPORATION

Inventor： Mingwei Zhang ,  Xiaoning Li ,  Ravi L. Sahita ,  Aravind Subramanian ,  Abhay S. Kanhere ,  Chih-Yuan Yang ,  Yi Gai

IPC: G06F21/56 ,  H04L29/06 ,  G06N99/00 ,  G06N20/00

Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

公开(公告)号：US09507575B2

公开(公告)日：2016-11-29

申请号：US14709154

申请日：2015-05-11

Applicant: Intel Corporation

Inventor： Abhay S. Kanhere ,  Saurabh Shukla ,  Suriya Subramanian ,  Paul Caprioli

IPC: G06F9/45 ,  G06F9/455

CPC classification number: G06F8/443 ,  G06F9/45516 ,  G06F11/1405 ,  G06F2201/805

Abstract: State recovery methods and apparatus for computing platforms are disclosed. An example method includes inserting a first instruction into optimized code to cause a first portion of a register in a first state to be saved to memory before execution of a region of the optimized code; and maintaining a value indicative of a manner in which a second portion of the register in the first state is to be restored in connection with a state recovery from the optimized code.

公开(公告)号：US10209989B2

公开(公告)日：2019-02-19

申请号：US15452479

申请日：2017-03-07

Applicant: Intel Corporation

Inventor： Paul Caprioli ,  Abhay S. Kanhere ,  Jeffrey J. Cook ,  Muawya M. Al-Otoom

IPC: G06F7/38 ,  G06F9/00 ,  G06F9/44 ,  G06F9/30 ,  G06F9/38

Abstract: A vector reduction instruction is executed by a processor to provide efficient reduction operations on an array of data elements. The processor includes vector registers. Each vector register is divided into a plurality of lanes, and each lane stores the same number of data elements. The processor also includes execution circuitry that receives the vector reduction instruction to reduce the array of data elements stored in a source operand into a result in a destination operand using a reduction operator. Each of the source operand and the destination operand is one of the vector registers. Responsive to the vector reduction instruction, the execution circuitry applies the reduction operator to two of the data elements in each lane, and shifts one or more remaining data elements when there is at least one of the data elements remaining in each lane.

公开(公告)号：US20160283712A1

公开(公告)日：2016-09-29

申请号：US14671194

申请日：2015-03-27

Applicant: INTEL CORPORATION

Inventor： Abhay S. Kanhere ,  Paul Caprioli

IPC: G06F21/54

CPC classification number: G06F21/54 ,  G06F9/45516 ,  G06F9/4856 ,  G06F9/5088 ,  G06F21/12 ,  G06F21/51 ,  G06F21/52 ,  G06F21/53 ,  G06F21/566

Abstract: A data processing system (DPS) supports control-flow integrity (CFI). The DPS comprises a processing element with a CFI enforcement mechanism that supports one or more CFI instructions. The DPS also comprises at least one machine-accessible medium responsive to the processing element. Managed code in the machine-accessible medium is configured (a) to execute in a managed runtime environment (MRE) in the data processing system, and (b) to transfer control out from the MRE to unmanaged code, in response to a transfer control statement in the managed code. The machine-accessible medium also comprises a binary translator which, when executed, converts unmanaged code in the data processing system into hardened unmanaged code (HUC) by including CFI features in the HUC. The CFI features comprise one or more CFI instructions to utilize the CFI enforcement mechanism of the processing element for transfers of control initiated by the HUC. Other embodiments are described and claimed.

Abstract translation: 数据处理系统（DPS）支持控制流完整性（CFI）。 DPS包括具有支持一个或多个CFI指令的CFI执行机制的处理元件。 DPS还包括响应于处理元件的至少一个机器可访问介质。 机器可访问介质中的托管代码被配置为（a）在数据处理系统中的受管理运行时环境（MRE）中执行，以及（b）响应于传送控制将控制从MRE传送到非托管代码 托管代码中的语句。 机器可访问介质还包括二进制翻译器，当执行时，通过在HUC中包括CFI特征将数据处理系统中的非托管代码转换为硬化的非托管代码（HUC）。 CFI特征包括一个或多个CFI指令，以利用处理元件的CFI执行机制来传送由HUC发起的控制。 描述和要求保护其他实施例。