公开(公告)号：US20240303471A1

公开(公告)日：2024-09-12

申请号：US18178684

申请日：2023-03-06

Applicant: Intel Corporation

Inventor： Raizy Kellerman ,  Alex Nayshtut ,  Omer Ben-Shalom

IPC: G06N3/047

CPC classification number: G06N3/047

Abstract: Implementations herein disclose an activation function for homomorphically-encrypted neural networks. A data-agnostic activation technique is provided that collects information about the distribution of the most-dominant activated locations in the feature maps of the trained model and maintains a map of those locations. This map, along with a defined percent of random locations, decides which neurons in the model are activated using an activation function. Advantages of implementations herein include allowing for efficient activation function computations in encrypted computations of neural networks, yet no data-dependent computation is done during inference time (e.g., data-agnostic). Implementations utilize negligible overhead in model storage, while preserving the same accuracy as with general activation functions and runs in orders of magnitude faster than approximation-based activation functions. Furthermore, implementations herein can be applied post-hoc to already-trained models and, as such, do not utilize fine-tuning.

公开(公告)号：US20230075259A1

公开(公告)日：2023-03-09

申请号：US18051825

申请日：2022-11-01

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Omer Ben-Shalom ,  Alex Nayshtut

IPC: H04L9/14 ,  H04L9/32 ,  H04L9/08

Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.

公开(公告)号：US11568211B2

公开(公告)日：2023-01-31

申请号：US16233700

申请日：2018-12-27

Applicant: Intel Corporation

Inventor： David Durham ,  Michael Kounavis ,  Oleg Pogorelik ,  Alex Nayshtut ,  Omer Ben-Shalom ,  Antonios Papadimitriou

IPC: G06N3/04 ,  G06N3/063 ,  G06F7/58 ,  G06F17/18 ,  G06N3/08

Abstract: The present disclosure is directed to systems and methods for the selective introduction of low-level pseudo-random noise into at least a portion of the weights used in a neural network model to increase the robustness of the neural network and provide a stochastic transformation defense against perturbation type attacks. Random number generation circuitry provides a plurality of pseudo-random values. Combiner circuitry combines the pseudo-random values with a defined number of least significant bits/digits in at least some of the weights used to provide a neural network model implemented by neural network circuitry. In some instances, selection circuitry selects pseudo-random values for combination with the network weights based on a defined pseudo-random value probability distribution.

公开(公告)号：US20220141026A1

公开(公告)日：2022-05-05

申请号：US17133367

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Gaurav Kumar ,  Alex Nayshtut ,  Reshma Lal ,  Prashant Dewan ,  Pradeep Pappachan ,  Rajesh Poornachandran ,  Omer Ben-Shalom

IPC: H04L9/32 ,  G06T1/20 ,  G06T1/60 ,  H04L9/08 ,  H04L29/06 ,  G06F9/50 ,  G06F8/65 ,  G06N3/04 ,  G06N3/08

Abstract: Methods, apparatuses and system provide for technology that interleaves a plurality of verification commands with a plurality of copy commands in a command buffer, wherein each copy command includes a message authentication code (MAC) derived from a master session key, wherein one or more of the plurality of verification commands corresponds to a copy command in the plurality of copy commands, and wherein a verification command at an end of the command buffer corresponds to contents of the command buffer. The technology may also add a MAC generation command to the command buffer, wherein the MAC generation command references an address of a compute result.

公开(公告)号：US20210406652A1

公开(公告)日：2021-12-30

申请号：US16912152

申请日：2020-06-25

Applicant: Intel Corporation

Inventor： Oleg Pogorelik ,  Alex Nayshtut ,  Michael E. Kounavis ,  Raizy Kellermann ,  David M. Durham

IPC: G06N3/063 ,  G06F21/62 ,  G06K9/62 ,  G06N3/08 ,  G06N5/04 ,  G06N3/04

Abstract: Embodiments are directed to security optimizing compute distribution in a hybrid deep learning environment. An embodiment of an apparatus includes one or more processors to determine security capabilities and compute capabilities of a client machine requesting to use a machine learning (ML) model hosted by the apparatus; determine, based on the security capabilities and based on exposure criteria of the ML model, that one or more layers of the ML model can be offloaded to the client machine for processing; define, based on the compute capabilities of the client machine, a split level of the one or more layers of the ML model for partition of the ML model, the partition comprising offload layers of the one or more layers of the ML model to be processed at the client machine; and cause the offload layers of the ML model to be downloaded to the client machine.

公开(公告)号：US20200326937A1

公开(公告)日：2020-10-15

申请号：US16912148

申请日：2020-06-25

Applicant: Intel Corporation

Inventor： Itamar Levin ,  Guilad Melzer ,  Alex Nayshtut ,  Raizy Kellerman

IPC: G06F9/22 ,  G06F21/52 ,  G06F9/28 ,  G06F21/62 ,  G06F21/55

Abstract: The present disclosure provides privacy preservation of analytic workflows based on splitting the workflow into sub-workflows each with different privacy-preserving characteristics. Libraries are generated that provide for formatting and/or encrypting data for use in the sub-workflows and also for compiling a machine learning algorithm for the sub-workflows. Subsequently, the sub-workflows can be executed using the compiled algorithm and formatted data.

公开(公告)号：US10440046B2

公开(公告)日：2019-10-08

申请号：US14866628

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Abhilasha Bhargav-Spantzel ,  Hormuzd M. Khosravi ,  Alex Nayshtut

IPC: H04L29/06 ,  H04L9/32

Abstract: Technologies for anonymous context attestation and threat analytics include a computing device to receive sensor data generated by one or more sensors of the computing device and generate an attestation quote based on the sensor data. The attestation quote includes obfuscated attributes of the computing device based on the sensor data. The computing device transmits zero knowledge commitment of the attestation quote to a server and receives a challenge from the server in response to transmitting the zero knowledge commitment. The challenge requests an indication regarding whether the obfuscated attributes of the computing device have commonality with attributes identified in a challenge profile received with the challenge. The computing device generates a zero knowledge proof that the obfuscated attributes of the computing device have commonality with the attributes identified in the challenge profile.

公开(公告)号：US20190230411A1

公开(公告)日：2019-07-25

申请号：US16222622

申请日：2018-12-17

Applicant: Intel Corporation

Inventor： Lenitra M. Durham ,  Tamir Damian Munafo ,  Rita H. Wouhaybi ,  Adi Shaliv ,  Giuseppe Raffa ,  Oleg Pogorelik ,  Sangita Ravi Sharma ,  Alex Nayshtut

IPC: H04N21/442 ,  H04N21/4545 ,  H04N21/234 ,  H04N21/4223 ,  H04N21/454 ,  H04N21/258 ,  G06K9/00 ,  H04N21/45 ,  H04N21/2343

CPC classification number: H04N21/44218 ,  G06K9/00335 ,  G06K9/00597 ,  H04N21/23424 ,  H04N21/23439 ,  H04N21/25883 ,  H04N21/4223 ,  H04N21/4532 ,  H04N21/4542 ,  H04N21/45455

Abstract: A system and method for real-time alteration of media content based on stress monitoring is disclosed. A computer system present a single media content item in two distinct content streams to a first and second user. Using sensor generated data the computer system measures at least one user response indicator for the first and second user and estimates a stress level for the first and second users. The computer system determines whether the estimated stress level for the first user exceeds a first predetermined stress threshold. In accordance with a determination that the estimated stress level for the first user exceeds a first predetermined stress threshold the computer system alters the first stream of the presented media content item to modify the particular portion of the media content item associated with the estimated stress level for the first user.

公开(公告)号：US20190188386A1

公开(公告)日：2019-06-20

申请号：US16233663

申请日：2018-12-27

Applicant: Intel Corporation

Inventor： Oleg Pogorelik ,  Alex Nayshtut ,  Raizy Kellermann ,  Venkat Gokulrangan

IPC: G06F21/57 ,  G06F15/78 ,  G06F9/54 ,  G06F21/60 ,  G06N20/00

CPC classification number: G06F21/57 ,  G06F9/544 ,  G06F15/7807 ,  G06F21/602 ,  G06N20/00

Abstract: Methods and apparatus relating to protecting Artificial Intelligence (AI) payloads running in Graphics Processing Unit (GPU) against main Central Processing Unit (CPU) residing adversaries are described. In an embodiment, memory stores data corresponding to one or more Artificial Intelligence (AI) tasks. The memory comprises at least a shared memory partition and a Graphics Processing Unit (GPU) only memory partition. Logic circuitry performs one or more operations in a protected environment to cause transmission of the stored data from the shared memory partition of the memory to the GPU only memory partition of the memory. The shared memory partition is accessible by both a GPU and a Central Processing Unit (CPU), and the GPU only memory partition is only accessible by the GPU. Other embodiments are also disclosed and claimed.

公开(公告)号：US20190042747A1

公开(公告)日：2019-02-07

申请号：US16023160

申请日：2018-06-29

Applicant: Intel Corporation

Inventor： Vadim Sukhomlinov ,  Kshitij Doshi ,  Francesc Guim ,  Alex Nayshtut

IPC: G06F21/56 ,  G06F21/62

Abstract: The present disclosure is directed to systems and methods for mitigating or eliminating the effectiveness of a side channel attack, such as a Meltdown or Spectre type attack by selectively introducing a variable, but controlled, quantity of uncertainty into the externally accessible system parameters visible and useful to the attacker. The systems and methods described herein provide perturbation circuitry that includes perturbation selector circuitry and perturbation block circuitry. The perturbation selector circuitry detects a potential attack by monitoring the performance/timing data generated by the processor. Upon detecting an attack, the perturbation selector circuitry determines a variable quantity of uncertainty to introduce to the externally accessible system data. The perturbation block circuitry adds the determined uncertainty into the externally accessible system data. The added uncertainty may be based on the frequency or interval of the event occurrences indicative of an attack.