公开(公告)号：US20150043382A1

公开(公告)日：2015-02-12

申请号：US14453054

申请日：2014-08-06

Applicant: NEC Laboratories America, Inc.

Inventor： Nipun Arora ,  Hui Zhang ,  Cristian Lumezanu ,  Junghwan Rhee ,  Guofei Jiang ,  Hui Lu

IPC: H04L12/24 ,  H04L12/46

CPC classification number: H04L41/082 ,  H04L12/4675 ,  H04L41/0226 ,  H04L41/0803 ,  H04L41/12 ,  H04L41/20

Abstract: Method and systems for controlling a hybrid network having software-defined network (SDN) switches and legacy switches include initializing a hybrid network topology by retrieving information on a physical and virtual infrastructure of the hybrid network; generating a path between two nodes on the hybrid network based on the physical and virtual infrastructure of the hybrid network; generating a virtual local area network by issuing remote procedure call instructions to legacy switches in accordance with a network configuration request; and generating an SDN network slice by issuing SDN commands to SDN switches in accordance with the network configuration request.

Abstract translation: 用于控制具有软件定义网络（SDN）交换机和传统交换机的混合网络的方法和系统包括通过检索混合网络的物理和虚拟基础设施上的信息来初始化混合网络拓扑; 基于混合网络的物理和虚拟基础设施，在混合网络上生成两个节点之间的路径; 通过根据网络配置请求向传统交换机发出远程过程呼叫指令来产生虚拟局域网; 以及根据网络配置请求向SDN交换机发出SDN命令来生成SDN网络切片。

公开(公告)号：US20130318505A1

公开(公告)日：2013-11-28

申请号：US13901964

申请日：2013-05-24

Applicant: NEC Laboratories America, Inc.

Inventor： Junghwan Rhee ,  Hui Zhang ,  Nipun Arora ,  Guofei Jiang ,  Kenji Yoshihira

IPC: G06F11/36

CPC classification number: G06F11/3636 ,  G06F11/3466 ,  G06F11/3476 ,  G06F2201/86 ,  G06F2201/865

Abstract: The invention efficiently provides user code information for kernel level tracing approaches. It applies an advanced variation of stack walking called multi-mode stack walking to the entire system level and generates the unified trace where the user code and kernel events are integrated. The invention uses runtime stack information and internal kernel data structures. Therefore, source code for user level code and libraries are not required for inspection. The invention introduces the mechanism to narrow down the monitoring focus to specific application software and improve monitoring performance.

Abstract translation: 本发明有效地提供用于内核级跟踪方法的用户代码信息。 它将堆栈行走的高级变体称为多模式堆栈走向整个系统级别，并生成用户代码和内核事件集成的统一跟踪。 本发明使用运行时堆栈信息和内部内核数据结构。 因此，用户级代码和库的源代码不需要进行检查。 本发明介绍了将监控重点缩小到具体应用软件的机制，提高监控性能。

公开(公告)号：US11989983B2

公开(公告)日：2024-05-21

申请号：US17241481

申请日：2021-04-27

Applicant: NEC Laboratories America, Inc.

Inventor： LuAn Tang ,  Haifeng Chen ,  Wei Cheng ,  Junghwan Rhee ,  Jumpei Kamimura

IPC: G07C5/08 ,  B60W50/02 ,  B60W50/035 ,  B60W50/038 ,  G06N3/044 ,  G06N3/045 ,  G06N3/08 ,  G06N3/088 ,  G07C5/00

CPC classification number: G07C5/085 ,  B60W50/0205 ,  B60W50/035 ,  B60W50/038 ,  G06N3/044 ,  G06N3/045 ,  G06N3/08 ,  G06N3/088 ,  G07C5/008 ,  G07C5/0808 ,  B60W2710/06 ,  B60W2710/18

Abstract: Methods and systems for vehicle fault detection include collecting operational data from sensors in a vehicle. The sensors are associated with vehicle sub-systems. The operational data is processed with a neural network to generate a fault score, which represents a similarity to fault state training scenarios, and an anomaly score, which represents a dissimilarity to normal state training scenarios. The fault score is determined to be above a fault score threshold and the anomaly score is determined to be above an anomaly score threshold to detect a fault. A corrective action is performed responsive the fault, based on a sub-system associated with the fault.

公开(公告)号：US11573828B2

公开(公告)日：2023-02-07

申请号：US16816715

申请日：2020-03-12

Applicant: NEC Laboratories America, Inc.

Inventor： Chung Hwan Kim ,  Junghwan Rhee ,  Xiao Yu ,  Luan Tang ,  Haifeng Chen ,  Kyungtae Kim

IPC: G06F9/50 ,  G06F11/34 ,  G06N3/04

Abstract: A computer-implemented method for efficient and scalable enclave protection for machine learning (ML) programs includes tailoring at least one ML program to generate at least one tailored ML program for execution within at least one enclave, and executing the at least one tailored ML program within the at least one enclave.

公开(公告)号：US11321066B2

公开(公告)日：2022-05-03

申请号：US16985647

申请日：2020-08-05

Applicant: NEC Laboratories America, Inc.

Inventor： Xiao Yu ,  Xueyuan Han ,  Ding Li ,  Junghwan Rhee ,  Haifeng Chen

IPC: G06F8/61 ,  G06F16/901 ,  G06N3/04

Abstract: A computer-implemented method for securing software installation through deep graph learning includes extracting a new software installation graph (SIG) corresponding to a new software installation based on installation data associated with the new software installation, using at least two node embedding models to generate a first vector representation by embedding the nodes of the new SIG and inferring any embeddings for out-of-vocabulary (OOV) words corresponding to unseen pathnames, utilizing a deep graph autoencoder to reconstruct nodes of the new SIG from latent vector representations encoded by the graph LSTM, wherein reconstruction losses resulting from a difference of a second vector representation generated by the deep graph autoencoder and the first vector representation represent anomaly scores for each node, and performing anomaly detection by comparing an overall anomaly score of the anomaly scores to a threshold of normal software installation.

公开(公告)号：US20210064751A1

公开(公告)日：2021-03-04

申请号：US16991288

申请日：2020-08-12

Applicant: NEC Laboratories America, Inc.

Inventor： Ding Li ,  Xiao Yu ,  Junghwan Rhee ,  Haifeng Chen ,  Qi Wang

IPC: G06F21/56 ,  G06F21/54 ,  G06F21/55 ,  G06K9/62

Abstract: Systems and methods for a provenance based threat detection tool that builds a provenance graph including a plurality of paths using a processor device from provenance data obtained from one or more computer systems and/or networks; samples the provenance graph to form a plurality of linear sample paths, and calculates a regularity score for each of the plurality of linear sample paths using a processor device; selects a subset of linear sample paths from the plurality of linear sample paths based on the regularity score, and embeds each of the subset of linear sample paths by converting each of the subset of linear sample paths into a numerical vector using a processor device; detects anomalies in the embedded paths to identify malicious process activities, and terminates a process related to the embedded path having the identified malicious process activities.

公开(公告)号：US20200257794A1

公开(公告)日：2020-08-13

申请号：US16787610

申请日：2020-02-11

Applicant: NEC Laboratories America, Inc.

Inventor： Chung Hwan Kim ,  Junghwan Rhee ,  Kangkook Jee ,  Zhichun Li ,  Adil Ahmad ,  Haifeng Chen

IPC: G06F21/53 ,  G06F21/60 ,  G06F21/12 ,  G06F9/455 ,  G06F21/44 ,  G06F21/54

Abstract: Systems and methods for implementing a system architecture to support a trusted execution environment (TEE) with computational acceleration are provided. The method includes establishing a first trusted channel between a user application stored on an enclave and a graphics processing unit (GPU) driver loaded on a hypervisor. Establishing the first trusted channel includes leveraging page permissions in an extended page table (EPT) to isolate the first trusted channel between the enclave and the GPU driver in a physical memory of an operating system (OS). The method further includes establishing a second trusted channel between the GPU driver and a GPU device. The method also includes launching a unified TEE that includes the enclave and the hypervisor with execution of application code of the user application.

公开(公告)号：US20200184070A1

公开(公告)日：2020-06-11

申请号：US16693710

申请日：2019-11-25

Applicant: NEC Laboratories America, Inc.

Inventor： Chung Hwan Kim ,  Junghwan Rhee ,  Kangkook Jee ,  Zhichun Li

IPC: G06F21/54 ,  G06N20/00 ,  G06F8/73 ,  G06F8/75 ,  G06F8/41 ,  G06F21/53

Abstract: A method for implementing confidential machine learning with program compartmentalization includes implementing a development stage to design an ML program, including annotating source code of the ML program to generate an ML program annotation, performing program analysis based on the development stage, including compiling the source code of the ML program based on the ML program annotation, inserting binary code based on the program analysis, including inserting run-time code into a confidential part of the ML program and a non-confidential part of the ML program, and generating an ML model by executing the ML program with the inserted binary code to protect the confidentiality of the ML model and the ML program from attack.

公开(公告)号：US10114728B2

公开(公告)日：2018-10-30

申请号：US14250340

申请日：2014-04-10

Applicant: NEC Laboratories America, Inc.

Inventor： Hui Zhang ,  Nipun Arora ,  Junghwan Rhee ,  Kai Ma ,  Guofei Jiang

IPC: G06F11/36

Abstract: The invention is directed to a computer implemented method and a system that implements an application performance profiler with hardware performance event information. The profiler provides dynamic tracing of application programs, and offers fine-grained hardware performance event profiling at function levels. To control the perturbation on target applications, the profiler also includes a control mechanism to constraint the function profiling overhead within a budget configured by users.

公开(公告)号：US20180054445A1

公开(公告)日：2018-02-22

申请号：US15623538

申请日：2017-06-15

Applicant: NEC Laboratories America, Inc.

Inventor： Junghwan Rhee ,  Yuseok Jeon ,  Zhichun Li ,  Kangkook Jee ,  Zhenyu Wu ,  Guofei Jiang

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  G06F21/55 ,  G06F21/606 ,  G06F2221/2141 ,  G06F2221/2145 ,  H04L63/1433

Abstract: A computer-implemented method for performing privilege flow analysis is presented. The computer-implemented method includes monitoring at least one program operating system (OS) event handled by a program, generating a privilege flow graph, determining an inferred program behavior context, and generating, based on a combination of the privilege flow graph and the inferred program behavior context, an inferred behavior context-aware privilege flow graph to distinguish different roles of processes and/or threads within the program.