公开(公告)号：US12141274B2

公开(公告)日：2024-11-12

申请号：US17834446

申请日：2022-06-07

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Shabbir Ahmed ,  Manoj Sastry ,  Liuyang L. Yang ,  Vuk Lesi ,  Li Zhao

IPC: H04L9/40 ,  G06F21/55 ,  H04W4/38 ,  H04W4/48 ,  H04W12/122

Abstract: Methods and apparatus relating to a physics-based approach for attack detection and/or localization in closed-loop controls for autonomous vehicles are described. In an embodiment, multiple state estimators are used to compute a set of residuals to detect, classify, and/or localize attacks. This allows for determination of an attacker's location and the kind of attack being perpetrated. Other embodiments are also disclosed and claimed.

公开(公告)号：US11615716B2

公开(公告)日：2023-03-28

申请号：US16924960

申请日：2020-07-09

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Li Zhao ,  Manoj R. Sastry

IPC: H04L9/06 ,  G09C1/00

Abstract: One embodiment provides an apparatus. The apparatus includes a lightweight cryptographic engine (LCE), the LCE is optimized and has an associated throughput greater than or equal to a target throughput.

公开(公告)号：US11271965B2

公开(公告)日：2022-03-08

申请号：US16808254

申请日：2020-03-03

Applicant: Intel Corporation

Inventor： Kyong-Tak Cho ,  Li Zhao ,  Manoj R. Sastry

IPC: H04L29/06 ,  B60R16/023 ,  G01R19/04 ,  G01R19/165 ,  H04L5/00 ,  H04L12/40 ,  B60R25/20

Abstract: One embodiment provides an electronic control unit (ECU) for a vehicle. The ECU includes transceiver circuitry, voltage measurement circuitry and feature set circuitry. The transceiver circuitry is to at least one of send and/or receive a message. The voltage measurement circuitry is to determine at least one of a high bus line voltage (VCANH) value and/or a low bus line voltage (VCANL) value, for each zero bit of at least one zero bit of a received message. The received the message includes a plurality of bits. The feature set circuitry is to determine a value of at least one feature of a feature set based, at least in part, on at least one of a high acknowledge (ACK) threshold voltage (VthH) and/or a low ACK threshold voltage (VthL). The feature set includes at least one of an operating most frequently measured VCANH value (VfreqH2) of a number of VCANH values and/or an operating most frequently measured VCANL value (VfreqL2) of a number of VCANL values.

公开(公告)号：US10652147B2

公开(公告)日：2020-05-12

申请号：US15859301

申请日：2017-12-29

Applicant: Intel Corporation

Inventor： Srihari Makineni ,  Ravi Iyer ,  Dave Minturn ,  Sujoy Sen ,  Donald Newell ,  Li Zhao

IPC: H04L12/741 ,  H04L29/06 ,  H04L12/931

Abstract: In general, in one aspect, the disclosures describes a method that includes receiving multiple ingress Internet Protocol packets, each of the multiple ingress Internet Protocol packets having an Internet Protocol header and a Transmission Control Protocol segment having a Transmission Control Protocol header and a Transmission Control Protocol payload, where the multiple packets belonging to a same Transmission Control Protocol/Internet Protocol flow. The method also includes preparing an Internet Protocol packet having a single Internet Protocol header and a single Transmission Control Protocol segment having a single Transmission Control Protocol header and a single payload formed by a combination of the Transmission Control Protocol segment payloads of the multiple Internet Protocol packets. The method further includes generating a signal that causes receive processing of the Internet Protocol packet.

公开(公告)号：US10581906B2

公开(公告)日：2020-03-03

申请号：US15450650

申请日：2017-03-06

Applicant: Intel Corporation

Inventor： Kyong-Tak Cho ,  Li Zhao ,  Manoj R. Sastry

IPC: H04L29/06 ,  B60R16/023 ,  G01R19/04 ,  G01R19/165 ,  H04L5/00 ,  H04L12/40 ,  B60R25/20

Abstract: One embodiment provides an electronic control unit (ECU) for a vehicle. The ECU includes transceiver circuitry, voltage measurement circuitry and feature set circuitry. The transceiver circuitry is to at least one of send and/or receive a message. The voltage measurement circuitry is to determine at least one of a high bus line voltage (VCANH) value and/or a low bus line voltage (VCANL) value, for each zero bit of at least one zero bit of a received message. The received the message includes a plurality of bits. The feature set circuitry is to determine a value of at least one feature of a feature set based, at least in part, on at least one of a high acknowledge (ACK) threshold voltage (VthH) and/or a low ACK threshold voltage (VthL). The feature set includes at least one of an operating most frequently measured VCANH value (VfreqH2) of a number of VCANH values and/or an operating most frequently measured VCANL value (VfreqL2) of a number of VCANL values.

公开(公告)号：US10313130B2

公开(公告)日：2019-06-04

申请号：US15277462

申请日：2016-09-27

Applicant: Intel Corporation

Inventor： Rafael Misoczki ,  Steffen Schulz ,  Manoj R. Sastry ,  Santosh Ghosh ,  Li Zhao

IPC: H04L29/06 ,  H04L9/32

Abstract: One embodiment provides a signer device. The signer device includes hash signature control logic and signer signature logic. The hash signature control logic is to retrieve a first nonce, to concatenate the first nonce and a message to be transmitted and to determine whether a first message representative satisfies a target threshold. The signer signature logic is to generate a first transmitted signature based, at least in part, on the first message representative, if the first message representative satisfies the target threshold. The hash signature control logic is to retrieve a second nonce, concatenate the second nonce and the message to be transmitted and to determine whether a second message representative satisfies the target threshold, if the first message representative does not satisfy the target threshold.

公开(公告)号：US20190104001A1

公开(公告)日：2019-04-04

申请号：US15720389

申请日：2017-09-29

Applicant: Intel Corporation

Inventor： Marcio Juliato ,  Li Zhao ,  Ahmed Shabbir ,  Manoj R. Sastry ,  Santosh Ghosh ,  Rafael Misoczki

IPC: H04L25/49

CPC classification number: H04L25/4917 ,  H04L12/40 ,  H04L2012/40215

Abstract: Embodiments may include systems and methods for authenticating a message between a transmitter and a receiver. An apparatus for communication may include a transmitter to transmit a message to a receiver via a physical channel coupling the transmitter and the receiver. The message may be transmitted via a plurality of transmission voltage levels varied from a plurality of nominal voltage levels on the physical channel. The transmitter may include a voltage generator to generate the plurality of transmission voltage levels varied in accordance with a sequence of voltage variations from the plurality of nominal voltage levels for the message. The sequence of voltage variations may serve to authenticate the message between the transmitter and the receiver. Other embodiments may be described and/or claimed.

公开(公告)号：US10124764B1

公开(公告)日：2018-11-13

申请号：US15720478

申请日：2017-09-29

Applicant: Intel Corporation

Inventor： Shabbir Ahmed ,  Marcio Rogerio Juliato ,  Li Zhao ,  Manoj R. Sastry

IPC: B60R25/10 ,  B60R16/023 ,  H04L29/06 ,  H04L12/40

Abstract: Various systems and methods for intrusion detection are described herein. An electronic device for intrusion detection includes memory circuitry to store a set of signature voltage ratios and a corresponding set of node identifiers, each node identifier corresponding to a unique signature voltage ratio; and security circuitry to: compare voltages received at a first and second measuring point on a bus, the voltages resulting from a message transmitted by a sending node on the bus, the first measuring point providing a first voltage and the second measuring point providing a second voltage; calculate a test voltage ratio from the first voltage and the second voltage; determine whether the test voltage ratio is in the set of signature voltage ratios; and initiate a security response based on whether the test voltage ratio is in the set of signature voltage ratios.

公开(公告)号：US20180139051A1

公开(公告)日：2018-05-17

申请号：US15351606

申请日：2016-11-15

Applicant: Intel Corporation

Inventor： Santosh Ghosh ,  Manoj R. Sastry ,  Jesse Walker ,  Li Zhao ,  Rafael Misoczki

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/08

CPC classification number: H04L9/3242 ,  H04L9/0637 ,  H04L9/0643

Abstract: Technologies for counter with CBC-MAC (CCM) mode encryption include a computing device that performs a CBC-MAC authentication operation on a message with an encryption key, using a 64-bit block cipher to generate a message authentication code. The computing device generates a first 64-bit authentication block including an 8-bit flag field and a length field of between 11 and 32 bits. The flag field indicates the length of the length field. Performing the CBC-MAC authentication operation includes formatting the message into one or more 64-bit authentication blocks. The computing device performs a counter mode encryption operation on the message with the encryption key using the 64-bit block cipher to generate a cipher text. Performing the counter mode encryption includes generating multiple 64-bit keystream blocks. The computing device generates an authentication tag based on the message authentication code and a first keystream block of keystream blocks. Other embodiments are described and claimed.

公开(公告)号：US20170048142A1

公开(公告)日：2017-02-16

申请号：US15339354

申请日：2016-10-31

Applicant: Intel Corporation

Inventor： Srihari Makineni ,  Ravi Iyer ,  Dave Minturn ,  Sujoy Sen ,  Donald Newell ,  Li Zhao

IPC: H04L12/741 ,  H04L29/06

CPC classification number: H04L45/74 ,  H04L49/20 ,  H04L69/16 ,  H04L69/161 ,  H04L69/166

Abstract: In general, in one aspect, the disclosures describes a method that includes receiving multiple ingress Internet Protocol packets, each of the multiple ingress Internet Protocol packets having an Internet Protocol header and a Transmission Control Protocol segment having a Transmission Control Protocol header and a Transmission Control Protocol payload, where the multiple packets belonging to a same Transmission Control Protocol/Internet Protocol flow. The method also includes preparing an Internet Protocol packet having a single Internet Protocol header and a single Transmission Control Protocol segment having a single Transmission Control Protocol header and a single payload formed by a combination of the Transmission Control Protocol segment payloads of the multiple Internet Protocol packets. The method further includes generating a signal that causes receive processing of the Internet Protocol packet.

Abstract translation: 一般来说，一方面，本公开内容描述了一种方法，其包括接收多个入口因特网协议分组，所述多个入口因特网协议分组中的每一个具有因特网协议报头和具有传输控制协议报头和传输控制的传输控制协议段 协议有效载荷，其中属于相同传输控制协议/因特网协议的多个分组流。 该方法还包括准备具有单个因特网协议报头的互联网协议分组和具有单个传输控制协议报头的单个传输控制协议段和由多个因特网协议分组的传输控制协议段有效载荷的组合形成的单个有效载荷 。 该方法还包括产生导致因特网协议分组的接收处理的信号。