公开(公告)号：US20220147617A1

公开(公告)日：2022-05-12

申请号：US17437636

申请日：2019-03-19

Applicant: NEC Corporation

Inventor： Toshiki KOBAYASHI

IPC: G06F21/54 ,  G06F21/55

Abstract: An information processing apparatus includes an analysis unit, a storage unit, and a verification unit. The analysis unit analyzes a program before it is executed and extracts a branch in the program. The analysis unit acquires branch information regarding the branch and program part information regarding the part of the program that may be executed from a branch destination of the branch to a next branch part. The storage unit stores the branch information, the program part information, and a first eigenvalue acquired in advance for the program part regarding the program part information. When the program is executed and an execution part reaches the branch, the verification unit acquires a second eigenvalue for the program part. The verification unit determines whether or not the second eigenvalue matches the first eigenvalue, thereby verifying integrity of the program part.

公开(公告)号：US20220188420A1

公开(公告)日：2022-06-16

申请号：US17436736

申请日：2019-03-18

Applicant: NEC Corporation

Inventor： Toshiki KOBAYASHI ,  Takayuki SASAKI ,  Yusuke MORITA

IPC: G06F21/57 ,  G06F8/70

Abstract: According to an example embodiment, a firmware rewriting apparatus includes: call position specifying means for specifying, among instructions described in a program of firmware stored in a memory, the instructions for changing a control flow; free area specifying means for specifying a free area in a storage area of the memory in which the program is not stored; and program rewriting means for rewriting the instruction specified by the call position specifying means into a call instruction of a frequency adjustment code and writing the frequency adjustment code for calling an inspection code at a frequency corresponding to a frequency of calling the frequency adjustment code and the inspection code for performing a security check of the program in response to a call from the frequency adjustment code into the free area specified by the free area specifying means.

公开(公告)号：US20220358211A1

公开(公告)日：2022-11-10

申请号：US17620804

申请日：2019-06-25

Applicant: NEC Corporation

Inventor： Astha JADA ,  Toshiki KOBAYASHI ,  Takayuki SASAKI ,  Daniele Enrico ASONI ,  Adrian PERRIG

IPC: G06F21/54 ,  G06F21/53

Abstract: A semiconductor device (100) includes: a determination unit (110) configured to determine whether an avoidance condition of inspection of control flow integrity is satisfied (e.g., a degree of similarity with a previous input value is in a predetermined range) based on determination auxiliary information, which is at least an input value in a target code block to be executed among a plurality of code blocks in a predetermined program, and an inspection unit (120) configured to avoid inspection of control flow integrity in the target code block when it is determined that the avoidance condition is satisfied.

公开(公告)号：US20220261476A1

公开(公告)日：2022-08-18

申请号：US17626975

申请日：2019-07-22

Applicant: NEC Corporation

Inventor： Yusuke MORITA ,  Takayuki SASAKI ,  Toshiki KOBAYASHI

IPC: G06F21/53

Abstract: A security management device (20) has a processing unit (21) operating in a normal environment (10A) and a processing unit (22) operating in a secure environment (10B). The processing unit (21) acquires information about an “inspection target”. The “inspection target” is a target of an inspection about normality, and programs executed in an execution environment included in the normal environment (10A) (an OS (operating system) and the like) are included. After the inspection about the normality of the inspection target based on the information about the inspection target acquired by the processing unit (21) is performed, the processing unit (22) inspects normality of the processing unit (21).

公开(公告)号：US20220245054A1

公开(公告)日：2022-08-04

申请号：US17618930

申请日：2019-06-25

Applicant: NEC Corporation

Inventor： Astha JADA ,  Toshiki KOBAYASHI ,  Takayuki SASAKI ,  Daniele Enrico ASONI ,  Adrian PERRIG

IPC: G06F11/36

Abstract: A semiconductor device (100) includes: first storage means (110) storing, in advance, a plurality of pieces of execution order inspection information (111˜11n) used for inspection of an execution order of a plurality of code blocks in a predetermined program, second storage means (120), which is a cache for the first storage means, and prediction means (130) for predicting a storage area of the execution order inspection information based on prediction auxiliary information in a first code block of the plurality of code blocks and a control flow graph of the program, the storage area being a prefetch target to be prefetched from the first storage means to the second storage means.

公开(公告)号：US20220058259A1

公开(公告)日：2022-02-24

申请号：US17420329

申请日：2019-01-07

Applicant: NEC Corporation

Inventor： Toshiki KOBAYASHI

IPC: G06F21/44 ,  G06F21/57

Abstract: An information processing device 10 includes a configuration information storage unit which stores cluster configuration information making it possible to identify which cluster each information processing device in a system including multiple information processing devices belongs to, a verification information management unit which manages a first value corresponding to a content of a program of each of the information processing devices in the system; and a verification unit which derives a second value for a program in the information processing device by a method identical to a method of deriving the first value in response to reception of a verification request, and transmits the second value to a transmission source of the verification request, wherein the verification unit verifies the program in the information processing device by comparing the second value received from the information processing device with the first value.

公开(公告)号：US20210034758A1

公开(公告)日：2021-02-04

申请号：US16965727

申请日：2019-01-21

Applicant: NEC Corporation

Inventor： Toshiki KOBAYASHI

IPC: G06F21/57 ,  G06F21/54 ,  G06F21/56 ,  G06F21/64 ,  G06F9/54 ,  G06F9/30

Abstract: An information processing device according to the present invention includes: a storage unit that stores a first unique value calculated for each portion of a program in advance; and an inspection unit that inspects whether or not there is a tampering in the portion by newly calculating a second unique value for the portion and comparing the first unique value with the second unique value.