利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

59 条记录 (耗时 0.041 秒)

    TECHNOLOGIES TO DEFEAT SECURE ENCLAVE SIDE-CHANNEL ATTACKS USING FAULT-ORIENTED PROGRAMMING
    2.
    发明申请
    TECHNOLOGIES TO DEFEAT SECURE ENCLAVE SIDE-CHANNEL ATTACKS USING FAULT-ORIENTED PROGRAMMING 审中-公开

    公开(公告)号:US20170255416A1

    公开(公告)日:2017-09-07

    申请号:US15061489

    申请日:2016-03-04

    申请人: Mingwei Zhang Ravi L. Sahita

    发明人: Mingwei Zhang Ravi L. Sahita

    IPC分类号: G06F3/06 G06F21/53

    摘要: Technologies for defeating secure enclave side-channel attacks include a computing device having a processor with secure enclave support. The computing device instruments an executable binary with multiple gadgets, a fault-generating function, and at least one invocation of the fault-generating function. The computing device executes the instrumented executable binary within a secure enclave. During execution of the instrumented binary, each gadget may be located at a different memory page of the secure enclave. The computing device invokes the fault-generating function, which selects a random sequence of the gadgets and executes the random sequence of gadgets. The processor may generate a page fault in response to executing each of the gadgets. Each gadget may generate one or more data accesses to memory pages within the secure enclave. The processor may generate a page fault in response to each of the data accesses. Other embodiments are described and claimed.

    TECHNOLOGIES FOR HARDWARE ASSISTED NATIVE MALWARE DETECTION
    4.
    发明申请
    TECHNOLOGIES FOR HARDWARE ASSISTED NATIVE MALWARE DETECTION 审中-公开

    公开(公告)号:US20180046803A1

    公开(公告)日:2018-02-15

    申请号:US15235806

    申请日:2016-08-12

    申请人: Xiaoning Li Ravi L. Sahita David M. Durham

    发明人: Xiaoning Li Ravi L. Sahita David M. Durham

    IPC分类号: G06F21/56 G06F21/52 G06F11/14

    CPC分类号: G06F21/566 G06F11/1417 G06F11/302 G06F11/3089 G06F21/54 G06F2201/84

    摘要: Technologies for hardware assisted native malware detection include a computing device. The computing device includes one or more processors with hook logic to monitor for execution of branch instructions of an application, compare the monitored branch instructions to filter criteria, and determine whether a monitored branch instruction satisfies the filter criteria. Additionally, the computing device includes a malware detector to provide the filter criteria to the hook logic, provide an address of a callback function to the hook logic to be executed in response to a determination that a monitored branch instruction satisfies the filter criteria, and analyze, in response to execution of the callback function, the monitored branch instruction to determine whether the monitored branch instruction is indicative of malware. Other embodiments are also described and claimed.

    SECURE HANDLING OF INTERRUPTED EVENTS
    5.
    发明申请
    SECURE HANDLING OF INTERRUPTED EVENTS 有权
    安全处理中断事件

    公开(公告)号:US20130007325A1

    公开(公告)日:2013-01-03

    申请号:US13175544

    申请日:2011-07-01

    申请人: Ravi L. Sahita Xiaoning Li Manohar R. Castelino

    发明人: Ravi L. Sahita Xiaoning Li Manohar R. Castelino

    IPC分类号: G06F13/24

    CPC分类号: G06F13/24 G06F9/45558 G06F21/53 G06F2009/45579

    摘要: Various embodiments of this disclosure may describe method, apparatus and system for reducing system latency caused by switching memory page permission views between programs while still protecting critical regions of the memory from attacks of malwares. Other embodiments may be disclosed and claimed.

    摘要翻译: 本公开的各种实施例可以描述用于减少由程序之间切换存储​​器页面许可视图而引起的系统延迟的方法,装置和系统,同时仍保护存储器的关键区域免受恶意软件的攻击。 可以公开和要求保护其他实施例。

    TECHNOLOGIES FOR CONTROL FLOW EXPLOIT MITIGATION USING PROCESSOR TRACE
    7.
    发明申请
    TECHNOLOGIES FOR CONTROL FLOW EXPLOIT MITIGATION USING PROCESSOR TRACE 有权
    使用处理器跟踪控制流量开采减少的技术

    公开(公告)号:US20160283714A1

    公开(公告)日:2016-09-29

    申请号:US14670988

    申请日:2015-03-27

    申请人: Michael LeMay Ravi L. Sahita Beeman C. Strong Thilo Schmitt Yuriy Bulygin Markus T. Metzger

    发明人: Michael LeMay Ravi L. Sahita Beeman C. Strong Thilo Schmitt Yuriy Bulygin Markus T. Metzger

    IPC分类号: G06F21/56 G06F21/44

    CPC分类号: G06F21/56 G06F21/44 G06F21/52

    摘要: Technologies for control flow exploit mitigation include a computing device having a processor with real-time instruction tracing support. During execution of a process, the processor generates trace data indicative of control flow of the process. The computing device analyzes the trace data to identify suspected control flow exploits. The computing device may use heuristic algorithms to identify return-oriented programming exploits. The computing device may maintain a shadow stack based on the trace data. The computing device may identify indirect branches to unauthorized addresses based on the trace data to identify jump-oriented programming exploits. The computing device may check the trace data whenever the process is preempted. The processor may detect mispredicted return instructions in real time and invoke a software handler in the process space of the process to verify and maintain the shadow stack. Other embodiments are described and claimed.

    摘要翻译: 用于控制流利用减轻的技术包括具有具有实时指令跟踪支持的处理器的计算设备。 在处理过程中,处理器产生指示过程控制流的跟踪数据。 计算设备分析跟踪数据以识别可疑的控制流攻击。 计算设备可以使用启发式算法来识别返回导向的编程漏洞。 计算设备可以基于跟踪数据来维护阴影栈。 计算设备可以基于跟踪数据来识别对未授权地址的间接分支,以识别面向跳跃的编程漏洞。 每当进程被抢占时,计算设备可以检查跟踪数据。 处理器可以实时地检测错误的返回指令,并且在该过程的过程空间中调用软件处理程序以验证和维护该影子栈。 描述和要求保护其他实施例。

    Hardware enforced memory access permissions
    8.
    发明授权
    Hardware enforced memory access permissions 有权
    硬件强制执行内存访问权限

    公开(公告)号:US09286245B2

    公开(公告)日:2016-03-15

    申请号:US13995360

    申请日:2011-12-30

    申请人: David M. Durham Ravi L. Sahita Prashant Dewan

    发明人: David M. Durham Ravi L. Sahita Prashant Dewan

    IPC分类号: G06F21/00 G06F12/14 G06F21/50 G06F21/12 G06F21/79

    CPC分类号: G06F12/1458 G06F21/121 G06F21/50 G06F21/79

    摘要: Embodiments of apparatuses and methods for hardware enforced memory access permissions are disclosed. In one embodiment, a processor includes address translation hardware and memory access hardware. The address translation hardware is to support translation of a first address, used by software to access a memory, to a second address, used by the processor to access the memory. The memory access hardware is to detect an access permission violation.

    摘要翻译: 公开了用于硬件强制存储器访问许可的装置和方法的实施例。 在一个实施例中,处理器包括地址转换硬件和存储器访问硬件。 地址转换硬件是支持由软件使用的访问存储器的第一地址到由处理器使用以访问存储器的第二地址的翻译。 内存访问硬件是检测访问权限冲突。

    PROTECTED MEMORY VIEW FOR NESTED PAGE TABLE ACCESS BY VIRTUAL MACHINE GUESTS
    9.
    发明申请
    PROTECTED MEMORY VIEW FOR NESTED PAGE TABLE ACCESS BY VIRTUAL MACHINE GUESTS 审中-公开
    受保护的内存视图,用于虚拟机客户访问的页面表

    公开(公告)号:US20140380009A1

    公开(公告)日:2014-12-25

    申请号:US14127561

    申请日:2013-06-24

    申请人: Michael Lemay David M. Durham Ravi L. Sahita Andrew V. Anderson

    发明人: Michael Lemay David M. Durham Ravi L. Sahita Andrew V. Anderson

    IPC分类号: G06F12/14 G06F9/455 G06F12/10

    CPC分类号: G06F12/145 G06F9/30076 G06F9/45558 G06F12/1009 G06F12/1491 G06F2009/45583 G06F2212/1052 G06F2212/151

    摘要: Generally, this disclosure provides systems, methods and computer readable media for a protected memory view in a virtual machine (VM) environment enabling nested page table access by trusted guest software outside of VMX root mode. The system may include an editor module configured to provide access to a nested page table structure, by operating system (OS) kernel components and by user space applications within a guest of the VM, wherein the nested page table structure is associated with one of the protected memory views. The system may also include a page handling processor configured to secure that access by maintaining security information in the nested page table structure.

    摘要翻译: 通常,本公开提供了用于虚拟机(VM)环境中的受保护的存储器视图的系统,方法和计算机可读介质,其实现了受VMX根模式之外的受信任客户机的嵌套页表访问。 该系统可以包括被配置为通过操作系统(OS)内核组件和由VM的来宾内的用户空间应用提供对嵌套页表结构的访问的编辑器模块,其中嵌套页表结构与 受保护的内存视图。 该系统还可以包括页面处理处理器,其被配置为通过维护嵌套页表结构中的安全信息来保护该访问。