METHODS, SYSTEMS AND APPARATUS TO DETECT POLYMORPHIC MALWARE

    公开(公告)号:US20190042746A1

    公开(公告)日:2019-02-07

    申请号:US16021411

    申请日:2018-06-28

    Abstract: The disclosed embodiments generally relate to detecting malware through detection of micro-architectural changes (morphing events) when executing a code at a hardware level (e.g., CPU). An exemplary embodiment relates to a computer system having: a memory circuitry comprising an executable code; a central processing unit (CPU) in communication with the memory circuitry and configured to execute the code; a performance monitoring unit (PMU) associated with the CPU, the PMU configured to detect and count one or more morphing events associated with execution of the code and to determine if the counted number of morphine events exceed a threshold value; and a co-processor configured to initiate a memory scan of the memory circuitry to identify a malware in the code.

    METHODS AND APPARATUS TO PERFORM ATOMIC TRANSACTIONS IN NONVOLATILE MEMORY UNDER HARDWARE TRANSACTIONAL MEMORY

    公开(公告)号:US20190004851A1

    公开(公告)日:2019-01-03

    申请号:US15637476

    申请日:2017-06-29

    Abstract: A method to perform atomic transactions in non-volatile memory (NVM) under hardware transactional memory is disclosed. The method includes tracking an order among transaction log entries that includes arranging transaction logs in an order that is based on when corresponding transactions were executed. Moreover, the method includes, using the ordered transaction logs to recover data states of the nonvolatile memory, by identifying a first unconfirmed transaction associated with a transaction completion uncertainty event based on a corresponding one of the transaction logs including a first commit marker but not including a confirm marker, undoing first ones of the transactions in reverse time order starting at a last transaction that recorded a second commit marker, up to and including the first unconfirmed transaction that recorded the first commit marker, and redoing second ones of the transactions in forward time order from a first confirmed transaction up to but not including the first unconfirmed transaction that recorded the first commit marker.

Patent Agency Ranking