公开(公告)号：US20190318085A1

公开(公告)日：2019-10-17

申请号：US16455473

申请日：2019-06-27

Applicant: Intel Corporation

Inventor： Rachit Mathur ,  Brendan Traw ,  Justin Gottschlich

IPC: G06F21/55 ,  G06N5/02

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed that analyze computer system attack mechanisms. An example apparatus includes a graph generator utilizing a natural language processing model to generate a graph based on a publication, an analyzer to: analyze two or more nodes in the graph by identifying respective attributes of the two or more nodes in the graph, and provide an indication of the two or more nodes that include similar respective attributes, a variation generator to generate an attack mechanism based on the indication, and a weight postulator to obtain the generated attack mechanism and, based on (A) the two or more nodes in the graph and (B) the generated attack mechanism, indicate a weight associated with a severity of the generated attack mechanism.

公开(公告)号：US11258813B2

公开(公告)日：2022-02-22

申请号：US16455189

申请日：2019-06-27

Applicant: Intel Corporation

Inventor： Justin Gottschlich ,  Rachit Mathur ,  Zheng Zhang

IPC: H04L29/06 ,  G06K9/62 ,  G06F21/55 ,  G06F21/56

Abstract: Apparatus, systems, methods, and articles of manufacture for fingerprinting and classifying application behaviors using telemetry are disclosed. An example apparatus includes a trace processor to process events in a processor trace to capture application execution behavior; a fingerprint extractor to extract a first fingerprint from the captured application execution behavior and performance monitor information; a fingerprint clusterer to, in a training mode cluster the first fingerprint and the second fingerprint into a cluster of fingerprints to be stored in a fingerprint database with a classification; and a fingerprint classifier to, in a deployed mode, classify a third fingerprint, the fingerprint classifier to trigger a remedial action when the classification is malicious.

公开(公告)号：US20190319977A1

公开(公告)日：2019-10-17

申请号：US16455189

申请日：2019-06-27

Applicant: Intel Corporation

Inventor： Justin Gottschlich ,  Rachit Mathur ,  Zheng Zhang

IPC: H04L29/06 ,  G06K9/62

Abstract: Apparatus, systems, methods, and articles of manufacture for fingerprinting and classifying application behaviors using telemetry are disclosed. An example apparatus includes a trace processor to process events in a processor trace to capture application execution behavior; a fingerprint extractor to extract a first fingerprint from the captured application execution behavior and performance monitor information; a fingerprint clusterer to, in a training mode cluster the first fingerprint and the second fingerprint into a cluster of fingerprints to be stored in a fingerprint database with a classification; and a fingerprint classifier to, in a deployed mode, classify a third fingerprint, the fingerprint classifier to trigger a remedial action when the classification is malicious.