公开(公告)号：US10719706B1

公开(公告)日：2020-07-21

申请号：US16012624

申请日：2018-06-19

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Paul Nicotera ,  Robert Joyce ,  Judson Powers ,  Daniel McArdle

IPC: G06K9/00

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a terrain segmentation and classification tool for synthetic aperture radar (SAR) imagery. The server accurately segments and classifies terrain types in SAR imagery and automatically adapts to new radar sensors data. The server receives a first SAR imagery and trains an autoencoder based on the first SAR imagery to generate learned representations of the first SAR imagery. The server trains a classifier based on labeled data of the first SAR imagery data to recognize terrain types from the learned representations of the first SAR imagery. The server receives a terrain query for a second SAR imagery. The server translates the second imagery data into the first imagery data and classifies the second SAR imagery terrain types using the classifier trained for the first SAR imagery. By reusing the original classifier, the server improves system efficiency.

公开(公告)号：US10554685B1

公开(公告)日：2020-02-04

申请号：US15604850

申请日：2017-05-25

Applicant: Architecture Technology Corporation

Inventor： Daniel McArdle ,  Judson Powers ,  Robert A. Joyce

IPC: H04L29/06 ,  G06F9/4401 ,  G06F9/455 ,  G06F11/20 ,  G06F8/41 ,  G06F8/61

Abstract: For each respective virtual machine (VM) of a plurality of VMs, a distributed computing system generates a unique Application Binary Interface (ABI) for an operating system for the respective VM, compiles a software application to use the unique ABI, and installs the operating system and the compiled software application on the respective VM. A dispatcher node dispatches, to one or more VMs of the plurality of VMs that provide a service and are in the active mode, request messages for the service. Furthermore, a first host device may determine, in response to software in the first VM invoking a system call in a manner inconsistent with the unique ABI for the operating system of the first VM, that a failover event has occurred. Responsive to the failover event, the distributed computing system fails over from the first VM to a second VM.

公开(公告)号：US20170177892A1

公开(公告)日：2017-06-22

申请号：US15164673

申请日：2016-05-25

Applicant: Architecture Technology Corporation

Inventor： Daniel James Tingstrom ,  Judson Powers ,  Matthew P. Donovan

IPC: G06F21/62 ,  H04W12/08 ,  H04W8/24 ,  G06F17/30

CPC classification number: G06F21/6218 ,  G06F16/22 ,  G06F21/53 ,  G06F2221/2113 ,  H04W12/08 ,  H04W12/0806

Abstract: An example method includes selecting, based at least on first and second policies, first and second containers in which to execute first and second applications, respectively. The example method further includes isolating execution of the first application in the first container, and isolating execution of the second application in the second container. The example method also includes applying, based at least on the first policy, a first group of security controls to the first application executing in the first container, wherein the first container defines a first domain in which the first application is executed, and applying, based at least on the second policy, a second group of security controls to the second application executing in the second container, wherein the second container defines a second domain in which the second application is executed.

公开(公告)号：US09081911B2

公开(公告)日：2015-07-14

申请号：US14339390

申请日：2014-07-23

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Matthew P. Donovan

IPC: G06F21/57 ,  G06F13/40 ,  G06F13/42 ,  G06F9/455 ,  G06F21/85

CPC classification number: G06F13/4072 ,  G06F9/45558 ,  G06F13/42 ,  G06F13/4252 ,  G06F21/57 ,  G06F21/85 ,  G06F2009/45579

Abstract: In an example, an apparatus includes a memory storing a hypervisor, where the hypervisor is configured to determine whether one or more universal serial bus (USB) devices in communication with the hypervisor are authorized to communicate with a guest operating system of the hypervisor and, after determining that the one or more USB devices are authorized to communicate with the guest, virtualize the one or more USB devices at the guest operating system and transfer messages between the one or more USB devices and the virtualized USB device.

Abstract translation: 在一个示例中，设备包括存储管理程序的存储器，其中管理程序被配置为确定与管理程序通信的一个或多个通用串行总线（USB）设备是否被授权与管理程序的客户操作系统通信， 在确定一个或多个USB设备被授权与访客通信之后，虚拟化客户操作系统处的一个或多个USB设备，并在一个或多个USB设备与虚拟化USB设备之间传送消息。

公开(公告)号：US20140337558A1

公开(公告)日：2014-11-13

申请号：US14339390

申请日：2014-07-23

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Judson Powers ,  Matthew P. Donovan

IPC: G06F13/40 ,  G06F9/455 ,  G06F13/42

CPC classification number: G06F13/4072 ,  G06F9/45558 ,  G06F13/42 ,  G06F13/4252 ,  G06F21/57 ,  G06F21/85 ,  G06F2009/45579

Abstract: In an example, an apparatus includes a memory storing a hypervisor, where the hypervisor is configured to determine whether one or more universal serial bus (USB) devices in communication with the hypervisor are authorized to communicate with a guest operating system of the hypervisor and, after determining that the one or more USB devices are authorized to communicate with the guest, virtualize the one or more USB devices at the guest operating system and transfer messages between the one or more USB devices and the virtualized USB device.

Abstract translation: 在一个示例中，设备包括存储管理程序的存储器，其中管理程序被配置为确定与管理程序通信的一个或多个通用串行总线（USB）设备是否被授权与管理程序的客户操作系统通信， 在确定一个或多个USB设备被授权与访客通信之后，虚拟化客户操作系统处的一个或多个USB设备，并在一个或多个USB设备与虚拟化USB设备之间传送消息。

公开(公告)号：US12175103B1

公开(公告)日：2024-12-24

申请号：US16126728

申请日：2018-09-10

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Colleen Kimball ,  Matthew A. Stillerman

IPC: G06F3/06

Abstract: Systems and methods for analyzing memory architectures and for mapping data structures in software programs to appropriate memory to take advantage of the different memory architectures. A computer architecture having a processor connected to one or more first memories and one or more second memories is defined, wherein the first memories and the second memories are characterized by different performance profiles. An executable of a software program is instrumented to capture, during runtime, patterns of access to selected data structures of the executable. Based on an analysis of the patterns of access, allocation of the selected data structures between the first and second memories is determined.

公开(公告)号：US12158960B2

公开(公告)日：2024-12-03

申请号：US18317807

申请日：2023-05-15

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Judson Powers

IPC: G06F21/57 ,  G06N20/00

Abstract: A computer-implemented method of securing vulnerabilities in a program, the method including receiving, by a computer, state information generated by an executed application program, training, by the computer, a constraints model based on the state information, generating, by the computer, one or more constraints with the constraints model, each of the one or more constraints describing an execution constraint for executing the application program, wherein the execution constraint enforces an intended operation of the application program, and applying, by the computer, the one or more constraints to the application program.

公开(公告)号：US11669642B1

公开(公告)日：2023-06-06

申请号：US17322524

申请日：2021-05-17

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Daniel Mcardle ,  Judson Powers

IPC: G06F21/52 ,  G06F21/64 ,  G06F8/52

CPC classification number: G06F21/64 ,  G06F8/52 ,  G06F21/52

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise a processor, which provides runtime enforcement of data flow integrity. The processor accesses the application binary file from the disk to execute an application and translates the application binary into intermediate representation. The processor applies the logic of data flow integrity controls to the intermediate representation. Specifically, the processor identifies the vulnerable code in the intermediate representation. The processor applies data flow integrity controls to the vulnerable code. The processor adds simple instrumentation that only changes the application's behavior when unauthorized data tampering occurs while preserving the application's normal behavior. When certain operations may cause unauthorized data tampering, the processor takes proper measures to stop the operations. The processor translates the intermediate representation back to a machine code and replaces the original binary with the machine code.

公开(公告)号：US11645388B1

公开(公告)日：2023-05-09

申请号：US17080359

申请日：2020-10-26

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Colleen Kimball ,  Robert A. Joyce ,  Judson Powers ,  Matthew Donovan

IPC: G06F21/56 ,  G06F8/73 ,  G06N20/00 ,  G06F21/57

CPC classification number: G06F21/563 ,  G06F8/73 ,  G06F21/577 ,  G06N20/00 ,  G06F2221/033

Abstract: Disclosed herein are embodiments of systems, methods, and products that execute tools to identify non-malicious faults in source codes introduced by engineers and programmers. The tools may execute a machine learning model on the source codes to perform sentiment analysis and pattern analysis on information associated with the source codes to generate annotated source code files identifying anomalies based on the sentiment analysis and the pattern analysis. One or more threat levels are then identified and ranked based on the one or more anomalies and a ranked list of the one or more threat levels is displayed on a graphical user interface of a computer.

公开(公告)号：US11429713B1

公开(公告)日：2022-08-30

申请号：US16256810

申请日：2019-01-24

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Matthew Donovan ,  Paul Nicotera ,  Dahyun Hollister ,  Robert Joyce ,  Judson Powers

IPC: G06F21/53 ,  G06N3/04 ,  H04L9/40 ,  G06F21/55

Abstract: The methods and systems disclosed herein generally relate to automated execution and evaluation of computer network training exercises, such as in a virtual environment. A server generates a training system having a virtual attack machine and a virtual target machine where the virtual target machine is operatively controlled by a trainee computer. The server then executes a simulated cyber-attack and monitors/collects actions and responses by the trainee. The server then executes an artificial intelligence model to evaluate the trainee's action and to identify a subsequent simulated cyber-attack (e.g., a next step to the simulated cyber-attack). The server may then train the artificial intelligence model using various machine-learning techniques using the collected data during the exercise.