公开(公告)号：US20200159969A1

公开(公告)日：2020-05-21

申请号：US16687561

申请日：2019-11-18

Applicant: Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Erdem Aktas

Inventor： Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Erdem Aktas

IPC: G06F21/85 ,  G06F9/455 ,  G06F13/28 ,  G06F13/42 ,  G06F21/44

Abstract: Systems, apparatuses, methods, and computer-readable media are provided for device interface management. A device includes a device interface, a virtual machine (VM) includes a device driver, both to facilitate assignment of the device to the VM, access of the device by the VM, or removal of the device from being assigned to the VM. The VM is managed by a hypervisor of a computing platform coupled to the device by a computer bus. The device interface includes logic in support of a device management protocol to place the device interface in an unlocked state, a locked state to prevent changes to be made to the device interface, or an operational state to enable access to device registers of the device by the VM or direct memory access to memory address spaces of the VM, or an error state. Other embodiments may be described and/or claimed.

公开(公告)号：US20190138719A1

公开(公告)日：2019-05-09

申请号：US16234140

申请日：2018-12-27

Applicant: Salmin Sultana ,  Li Chen ,  Abhishek Basak ,  Jason Martin ,  Justin Gottschlich

Inventor： Salmin Sultana ,  Li Chen ,  Abhishek Basak ,  Jason Martin ,  Justin Gottschlich

IPC: G06F21/55 ,  G06N20/00

Abstract: Methods, apparatus, systems and articles of manufacture for detecting a side channel attack are disclosed. An example apparatus includes a histogram generator to generate a histogram representing cache access activities. A histogram analyzer is to determine at least one statistic based on the histogram. A machine learning model processor is to apply a machine learning model to the at least one statistic to attempt to identify a side channel attack. A multiple hypothesis tester to perform multiple hypothesis testing to determine a probability of the cache access activities being benign. An anomaly detection orchestrator is to, in response to the machine learning model processor identifying that the at least one statistic is indicative of the side channel attack and the probability not satisfying a similarity threshold, cause the performance of a responsive action to mitigate the side channel attack.

公开(公告)号：US20190228155A1

公开(公告)日：2019-07-25

申请号：US16370849

申请日：2019-03-29

Applicant: Abhishek Basak ,  Li Chen ,  Salmin Sultana ,  Anna Trikalinou ,  Erdem Aktas ,  Saeedeh Komijani

Inventor： Abhishek Basak ,  Li Chen ,  Salmin Sultana ,  Anna Trikalinou ,  Erdem Aktas ,  Saeedeh Komijani

IPC: G06F21/56 ,  G06F12/1027 ,  G06F21/55 ,  G06N20/00

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for anomalous memory access pattern detection for translational lookaside buffers. An example apparatus includes a communication interface to retrieve a first eviction data set from a translational lookaside buffer associated with a central processing unit; a machine learning engine to: generate an anomaly detection model based upon at least one of a second eviction data set not including an anomaly and a third eviction data set including the anomaly; and determine whether the anomaly is present in the first eviction data set based on the anomaly detection model; and an alert generator to at least one of modify a bit value or terminate memory access operations when the anomaly is determined to be present.

公开(公告)号：US20190130101A1

公开(公告)日：2019-05-02

申请号：US16234144

申请日：2018-12-27

Applicant: Li Chen ,  Abhishek Basak ,  Salmin Sultana ,  Justin Gottschlich

Inventor： Li Chen ,  Abhishek Basak ,  Salmin Sultana ,  Justin Gottschlich

IPC: G06F21/55 ,  G06N20/00 ,  G06N3/08

Abstract: Methods, apparatus, systems and articles of manufacture for detecting a side channel attack using hardware performance counters are disclosed. An example apparatus includes a hardware performance counter data organizer to collect a first value of a hardware performance counter at a first time and a second value of the hardware performance counter at a second time. A machine learning model processor is to apply a machine learning model to predict a third value corresponding to the second time. An error vector generator is to generate an error vector representing a difference between the second value and the third value. An error vector analyzer is to determine a probability of the error vector indicating an anomaly. An anomaly detection orchestrator is to, in response to the probability satisfying a threshold, cause the performance of a responsive action to mitigate the side channel anomaly.

公开(公告)号：US20190042463A1

公开(公告)日：2019-02-07

申请号：US16147191

申请日：2018-09-28

Applicant: Vedvyas Shanbhogue ,  Ravi Sahita ,  Rajesh Sankaran ,  Siddhartha Chhabra ,  Abhishek Basak ,  Krystof Zmudzinski

Inventor： Vedvyas Shanbhogue ,  Ravi Sahita ,  Rajesh Sankaran ,  Siddhartha Chhabra ,  Abhishek Basak ,  Krystof Zmudzinski

IPC: G06F12/1009 ,  G06F12/14 ,  G06F21/57 ,  G06F9/30 ,  G06F9/455

Abstract: Examples include an apparatus which accesses secure pages in a trust domain using secure lookups in first and second sets of page tables. For example, one embodiment of the processor comprises: a decoder to decode a plurality of instructions including instructions related to a trusted domain; execution circuitry to execute a first one or more of the instructions to establish a first trusted domain using a first trusted domain key, the trusted domain key to be used to encrypt memory pages within the first trusted domain; and the execution circuitry to execute a second one or more of the instructions to associate a first process address space identifier (PASID) with the first trusted domain, the first PASID to uniquely identify a first execution context associated with the first trusted domain.

公开(公告)号：US20190228145A1

公开(公告)日：2019-07-25

申请号：US16370921

申请日：2019-03-30

Applicant: Vedvyas Shanbhogue ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Utkarsh Kakaiya ,  Ravi Sahita ,  Rupin Vakharwala

Inventor： Vedvyas Shanbhogue ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Utkarsh Kakaiya ,  Ravi Sahita ,  Rupin Vakharwala

IPC: G06F21/44 ,  G06F13/16 ,  G06F3/06

Abstract: Systems, methods, and apparatuses relating to performing an attachment of an input-output memory management unit (IOMMU) to a device, and a verification of the attachment. In one embodiment, a protocol and IOMMU extensions are used by a secure arbitration mode (SEAM) module and/or circuitry to determine if the IOMMU that is attached to the device requested to be mapped to a trusted domain.