公开(公告)号：US10552609B2

公开(公告)日：2020-02-04

申请号：US15395053

申请日：2016-12-30

Applicant: INTEL CORPORATION

Inventor： Mingwei Zhang ,  Xiaoning Li ,  Ravi L. Sahita ,  Aravind Subramanian ,  Abhay S. Kanhere ,  Chih-Yuan Yang ,  Yi Gai

IPC: G06F21/56 ,  H04L29/06 ,  G06N99/00 ,  G06N20/00

Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

公开(公告)号：US10445494B2

公开(公告)日：2019-10-15

申请号：US15658699

申请日：2017-07-25

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Ravi L. Sahita ,  Yuriy Bulygin ,  Xiaoning Li ,  Jason W. Brandt

IPC: G06F21/00 ,  G06F21/52 ,  G06F9/30 ,  G06F9/38 ,  G06F9/448

Abstract: In one embodiment, a processor comprises: a first register to store a first bound value for a stack to be stored in a memory; a second register to store a second bound value for the stack; a checker logic to determine, prior to an exit point at a conclusion of a function to be executed on the processor, whether a value of a stack pointer is within a range between the first bound value and the second bound value; and a logic to prevent a return to a caller of the function if the stack pointer value is not within the range. Other embodiments are described and claimed.

公开(公告)号：US20190102537A1

公开(公告)日：2019-04-04

申请号：US15720083

申请日：2017-09-29

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Mingqiu Sun ,  Ravi L. Sahita ,  Chunhui Zhang ,  Xiaoning Li

IPC: G06F21/53 ,  G06F21/12 ,  G06F9/38 ,  G06F9/45

Abstract: Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.

公开(公告)号：US20180189508A1

公开(公告)日：2018-07-05

申请号：US15394958

申请日：2016-12-30

Applicant: Intel Corporation

Inventor： Xiaoning Li ,  Ravi L. Sahita ,  Benjamin W. Boyer ,  Sanjeev Trika ,  Adrian Pearson

IPC: G06F21/62 ,  G06F3/06 ,  G06F21/50

CPC classification number: G06F21/6218 ,  G06F3/062 ,  G06F3/0659 ,  G06F3/0665 ,  G06F3/0673 ,  G06F21/52 ,  G06F21/78

Abstract: In one embodiment, a system comprises a processor to, in response to a determination that a write command is suspect, identify a logical address associated with the write command; and send a checkpoint command identifying the logical address to a storage device to preserve data stored in the storage device at a physical address associated with the logical address.

公开(公告)号：US09134878B2

公开(公告)日：2015-09-15

申请号：US13631288

申请日：2012-09-28

Applicant: Intel Corporation

Inventor： Prashant Dewan ,  Siddhartha Chhabra ,  Xiaozhu Kang ,  Xiaoning Li ,  Uday R. Savagaonkar ,  David M. Durham ,  Paul S. Schmitz ,  Michael A. Goldsmith ,  Jason Martin

IPC: G06F3/041 ,  G06F3/0481 ,  G06F3/0488 ,  G06F21/74 ,  G06F21/82

CPC classification number: G06F3/0481 ,  G06F3/041 ,  G06F3/04883 ,  G06F21/74 ,  G06F21/82

Abstract: A device and method for securely rendering content on a gesture-enabled computing device includes initializing a secure execution environment on a processor graphics of the computing device. The computing device transfers view rendering code and associated state data to the secure execution environment. An initial view of the content is rendered by executing the view rendering code in the secure execution environment. A gesture is recognized, and an updated view of the content is rendered in the secure execution environment in response to the gesture. The gesture may include a touch gesture recognized on a touch screen, or a physical gesture of the user recognized by a camera. After the updated view of the content is rendered, the main processor of the computing device may receive updated view data from the secure execution environment.

Abstract translation: 用于在启用姿势的计算设备上安全地呈现内容的设备和方法包括在计算设备的处理器图形上初始化安全执行环境。 计算设备将视图呈现代码和相关联的状态数据传送到安全执行环境。 通过在安全执行环境中执行视图呈现代码来呈现内容的初始视图。 识别手势，并且响应于手势在安全执行环境中呈现内容的更新视图。 手势可以包括在触摸屏上识别的触摸手势，或者由相机识别的用户的身体手势。 在呈现内容的更新视图之后，计算设备的主处理器可以从安全执行环境接收更新的视图数据。

公开(公告)号：US20240095340A1

公开(公告)日：2024-03-21

申请号：US18526279

申请日：2023-12-01

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Mingqiu Sun ,  Ravi L. Sahita ,  Chunhui Zhang ,  Xiaoning Li

IPC: G06F21/53 ,  G06F8/41 ,  G06F9/38 ,  G06F21/12

CPC classification number: G06F21/53 ,  G06F8/441 ,  G06F9/3836 ,  G06F21/126 ,  G06F2221/2143

Abstract: Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.

公开(公告)号：US20220121737A1

公开(公告)日：2022-04-21

申请号：US17367106

申请日：2021-07-02

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Mingqiu Sun ,  Ravi L. Sahita ,  Chunhui Zhang ,  Xiaoning Li

IPC: G06F21/53 ,  G06F8/41 ,  G06F9/38 ,  G06F21/12

Abstract: Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.

公开(公告)号：US20200225950A1

公开(公告)日：2020-07-16

申请号：US16741498

申请日：2020-01-13

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Xiaoning Li

IPC: G06F9/30 ,  G06F9/38 ,  G06F21/55

Abstract: A processor includes an execution unit and a processing logic operatively coupled to the execution unit, the processing logic to: enter a first execution state and transition to a second execution state responsive to executing a control transfer instruction. Responsive to executing a target instruction of the control transfer instruction, the processing logic further transitions to the first execution state responsive to the target instruction being a control transfer termination instruction of a mode identical to a mode of the processing logic following the execution of the control transfer instruction; and raises an execution exception responsive to the target instruction being a control transfer termination instruction of a mode different than the mode of the processing logic following the execution of the control transfer instruction.

公开(公告)号：US20200175166A1

公开(公告)日：2020-06-04

申请号：US16780218

申请日：2020-02-03

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Xiaoning Li ,  Ravi L. Sahita ,  Aravind Subramanian ,  Abhay S. Kanhere ,  Chih-Yuan Yang ,  Yi Gai

IPC: G06F21/56 ,  G06N20/00 ,  H04L29/06

Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

公开(公告)号：US20170329961A1

公开(公告)日：2017-11-16

申请号：US15658699

申请日：2017-07-25

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Ravi L. Sahita ,  Yuriy Bulygin ,  Xiaoning Li ,  Jason W. Brandt

IPC: G06F21/52

CPC classification number: G06F21/52 ,  G06F9/30021 ,  G06F9/30054 ,  G06F9/30076 ,  G06F9/30134 ,  G06F9/3861 ,  G06F9/4484

Abstract: In one embodiment, a processor comprises: a first register to store a first bound value for a stack to be stored in a memory; a second register to store a second bound value for the stack; a checker logic to determine, prior to an exit point at a conclusion of a function to be executed on the processor, whether a value of a stack pointer is within a range between the first bound value and the second bound value; and a logic to prevent a return to a caller of the function if the stack pointer value is not within the range. Other embodiments are described and claimed.