MALICIOUS OBJECT DETECTION IN A RUNTIME ENVIRONMENT

    公开(公告)号:US20200175166A1

    公开(公告)日:2020-06-04

    申请号:US16780218

    申请日:2020-02-03

    Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

    STATE RECOVERY METHODS AND APPARATUS FOR COMPUTING PLATFORMS
    4.
    发明申请
    STATE RECOVERY METHODS AND APPARATUS FOR COMPUTING PLATFORMS 审中-公开
    用于计算平台的状态恢复方法和装置

    公开(公告)号:US20170046140A1

    公开(公告)日:2017-02-16

    申请号:US15335709

    申请日:2016-10-27

    CPC classification number: G06F8/443 G06F9/45516 G06F11/1405 G06F2201/805

    Abstract: State recovery methods and apparatus for computing platforms are disclosed. An example method includes inserting, with a processor, a first instruction into optimized code to cause a first portion of a register in a first state to be saved to memory before execution of a region of the optimized code, maintaining, with the processor, a first indication of a first manner in which the first portion of the register is to be restored in connection with a state recovery after execution of the region of the optimized code, and maintaining, with the processor, a second indication of a second manner in which a second portion of the register is to be restored in connection with the state recovery after execution of the region of the optimized code.

    Abstract translation: 披露了用于计算平台的状态恢复方法和装置。 一个示例性方法包括:利用处理器将第一指令插入到优化的代码中,以使得在执行优化代码的区域之前将处于第一状态的寄存器的第一部分保存到存储器, 与执行优化代码的区域之后的状态恢复相关联地恢复寄存器的第一部分的第一方式的第一指示,并且用处理器维持第二方式的第二指示,其中第二指示 寄存器的第二部分将在执行优化代码的区域之后与状态恢复相关联地恢复。

    Technologies for native code invocation using binary analysis

    公开(公告)号:US09910646B2

    公开(公告)日:2018-03-06

    申请号:US14998274

    申请日:2015-12-26

    CPC classification number: G06F8/433 G06F8/53

    Abstract: Technologies for native code invocation using binary analysis are described. A computing device for invoking native code from managed code using binary analysis receives a call from a thread executing a managed code segment to execute a native code segment. The computing device performs a binary analysis of the native code segment and generates, from the binary analysis, a complexity indicator that indicates a level of complexity of the native code segment by comparing the native code segment to at least one predefined complexity rule. Additionally, the computing device stores a status of the thread based on the complexity indicator and executes the native code segment. Other embodiments are described and claimed.

    Malicious object detection in a runtime environment

    公开(公告)号:US11568051B2

    公开(公告)日:2023-01-31

    申请号:US16780218

    申请日:2020-02-03

    Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

    Malicious object detection in a runtime environment

    公开(公告)号:US10552609B2

    公开(公告)日:2020-02-04

    申请号:US15395053

    申请日:2016-12-30

    Abstract: A malicious object detection system for use in managed runtime environments includes a check circuit to receive call information generated by an application, such as an Android application. A machine learning circuit coupled to the check circuit applies a machine learning model to assess the information and/or data included in the call and detect the presence of a malicious object, such as malware or a virus, in the application generating the call. The machine learning model may include a global machine learning model distributed across a number of devices, a local machine learning model based on use patterns of a particular device, or combinations thereof. A graphical user interface management circuit halts execution of applications containing malicious objects and generates a user perceptible output.

    Accelerated interlane vector reduction instructions

    公开(公告)号:US10209989B2

    公开(公告)日:2019-02-19

    申请号:US15452479

    申请日:2017-03-07

    Abstract: A vector reduction instruction is executed by a processor to provide efficient reduction operations on an array of data elements. The processor includes vector registers. Each vector register is divided into a plurality of lanes, and each lane stores the same number of data elements. The processor also includes execution circuitry that receives the vector reduction instruction to reduce the array of data elements stored in a source operand into a result in a destination operand using a reduction operator. Each of the source operand and the destination operand is one of the vector registers. Responsive to the vector reduction instruction, the execution circuitry applies the reduction operator to two of the data elements in each lane, and shifts one or more remaining data elements when there is at least one of the data elements remaining in each lane.

    CONTROL-FLOW INTEGRITY WITH MANAGED CODE AND UNMANAGED CODE
    10.
    发明申请
    CONTROL-FLOW INTEGRITY WITH MANAGED CODE AND UNMANAGED CODE 审中-公开
    具有管理代码和未授权代码的控制流程完整性

    公开(公告)号:US20160283712A1

    公开(公告)日:2016-09-29

    申请号:US14671194

    申请日:2015-03-27

    Abstract: A data processing system (DPS) supports control-flow integrity (CFI). The DPS comprises a processing element with a CFI enforcement mechanism that supports one or more CFI instructions. The DPS also comprises at least one machine-accessible medium responsive to the processing element. Managed code in the machine-accessible medium is configured (a) to execute in a managed runtime environment (MRE) in the data processing system, and (b) to transfer control out from the MRE to unmanaged code, in response to a transfer control statement in the managed code. The machine-accessible medium also comprises a binary translator which, when executed, converts unmanaged code in the data processing system into hardened unmanaged code (HUC) by including CFI features in the HUC. The CFI features comprise one or more CFI instructions to utilize the CFI enforcement mechanism of the processing element for transfers of control initiated by the HUC. Other embodiments are described and claimed.

    Abstract translation: 数据处理系统(DPS)支持控制流完整性(CFI)。 DPS包括具有支持一个或多个CFI指令的CFI执行机制的处理元件。 DPS还包括响应于处理元件的至少一个机器可访问介质。 机器可访问介质中的托管代码被配置为(a)在数据处理系统中的受管理运行时环境(MRE)中执行,以及(b)响应于传送控制将控制从MRE传送到非托管代码 托管代码中的语句。 机器可访问介质还包括二进制翻译器,当执行时,通过在HUC中包括CFI特征将数据处理系统中的非托管代码转换为硬化的非托管代码(HUC)。 CFI特征包括一个或多个CFI指令,以利用处理元件的CFI执行机制来传送由HUC发起的控制。 描述和要求保护其他实施例。

Patent Agency Ranking