-
公开(公告)号:US20160110542A1
公开(公告)日:2016-04-21
申请号:US14518507
申请日:2014-10-20
申请人: Intel Corporation
CPC分类号: G06F21/52
摘要: In one embodiment, a processor comprises: a first register to store a first bound value for a stack to be stored in a memory; a second register to store a second bound value for the stack; a checker logic to determine, prior to an exit point at a conclusion of a function to be executed on the processor, whether a value of a stack pointer is within a range between the first bound value and the second bound value; and a logic to prevent a return to a caller of the function if the stack pointer value is not within the range. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,处理器包括:第一寄存器,用于存储要存储在存储器中的堆栈的第一绑定值; 第二寄存器,用于存储堆栈的第二绑定值; 检查器逻辑,用于在处理器执行的函数的结论处的退出点之前确定堆栈指针的值是否在所述第一绑定值和所述第二绑定值之间的范围内; 并且如果堆栈指针值不在该范围内,则阻止返回到函数的调用者的逻辑。 描述和要求保护其他实施例。
-
公开(公告)号:US09251348B2
公开(公告)日:2016-02-02
申请号:US13799663
申请日:2013-03-13
申请人: Intel Corporation
CPC分类号: G06F21/552 , G06F9/30145 , G06F21/566 , G06F2221/034
摘要: In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.
-
3.发明申请公开(公告)号:US20150220927A1
公开(公告)日:2015-08-06
申请号:US14129543
申请日:2013-09-25
申请人: Ned M. SMITH , Thomas J. SAWICKI , Rajiv MATHUR , Tolga ACAR , Yuriy BULYGIN , Thomas G. WILLIS , Intel Corporation
发明人: Ned M. Smith , Thomas J. Sawicki , Rajiv Mathur , Tolga Acar , Yuriy Bulygin , Thomas G. Willis
CPC分类号: G06Q20/4016 , G06Q30/06 , G06Q40/08 , H04L67/10
摘要: Techniques and mechanisms to provide indemnification for a transaction involving communications between networked devices. In an embodiment, attestation logic of a first device sends to a second device attestation information to indicate a trustworthiness level of first device. Based on the attestation information, indemnification logic of the second device determines an indemnification value representing a cost of an indemnification for a first transaction. Indemnification logic of the first device receives the indemnification value and determines, based on the indemnification value, whether a participation in the transaction is to take place.
摘要翻译: 为涉及网络设备之间通信的交易提供赔偿的技术和机制。 在一个实施例中,第一设备的认证逻辑发送到第二设备认证信息以指示第一设备的可信赖级别。 基于认证信息,第二设备的赔偿逻辑确定代表第一交易的赔偿成本的赔偿价值。 第一设备的赔偿逻辑接收赔偿价值,并根据赔偿价值确定是否要进行交易。
-
公开(公告)号:US20190050566A1
公开(公告)日:2019-02-14
申请号:US15966358
申请日:2018-04-30
申请人: Intel Corporation
发明人: Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
摘要: Technologies for control flow exploit mitigation include a computing device having a processor with real-time instruction tracing support. During execution of a process, the processor generates trace data indicative of control flow of the process. The computing device analyzes the trace data to identify suspected control flow exploits. The computing device may use heuristic algorithms to identify return-oriented programming exploits. The computing device may maintain a shadow stack based on the trace data. The computing device may identify indirect branches to unauthorized addresses based on the trace data to identify jump-oriented programming exploits. The computing device may check the trace data whenever the process is preempted. The processor may detect mispredicted return instructions in real time and invoke a software handler in the process space of the process to verify and maintain the shadow stack. Other embodiments are described and claimed.
-
公开(公告)号:US09946875B2
公开(公告)日:2018-04-17
申请号:US15398930
申请日:2017-01-05
申请人: Intel Corporation
CPC分类号: G06F21/552 , G06F9/30145 , G06F21/566 , G06F2221/034
摘要: In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.
-
公开(公告)号:US09223979B2
公开(公告)日:2015-12-29
申请号:US13664532
申请日:2012-10-31
申请人: Intel Corporation
CPC分类号: G06F21/552 , G06F9/30145 , G06F21/566 , G06F2221/034
摘要: In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.
摘要翻译: 在一个实施例中,处理器包括至少一个执行单元和返回定向编程(ROP)检测逻辑。 ROP检测逻辑可以基于多个控制传送事件来确定ROP度量。 ROP检测逻辑还可以确定ROP度量是否超过阈值。 ROP检测逻辑还可以响应于ROP度量超过阈值的确定,提供ROP攻击通知。
-
公开(公告)号:US20170329961A1
公开(公告)日:2017-11-16
申请号:US15658699
申请日:2017-07-25
申请人: Intel Corporation
IPC分类号: G06F21/52
CPC分类号: G06F21/52 , G06F9/30021 , G06F9/30054 , G06F9/30076 , G06F9/30134 , G06F9/3861 , G06F9/4484
摘要: In one embodiment, a processor comprises: a first register to store a first bound value for a stack to be stored in a memory; a second register to store a second bound value for the stack; a checker logic to determine, prior to an exit point at a conclusion of a function to be executed on the processor, whether a value of a stack pointer is within a range between the first bound value and the second bound value; and a logic to prevent a return to a caller of the function if the stack pointer value is not within the range. Other embodiments are described and claimed.
-
公开(公告)号:US09767272B2
公开(公告)日:2017-09-19
申请号:US14518507
申请日:2014-10-20
申请人: Intel Corporation
CPC分类号: G06F21/52
摘要: In one embodiment, a processor comprises: a first register to store a first bound value for a stack to be stored in a memory; a second register to store a second bound value for the stack; a checker logic to determine, prior to an exit point at a conclusion of a function to be executed on the processor, whether a value of a stack pointer is within a range between the first bound value and the second bound value; and a logic to prevent a return to a caller of the function if the stack pointer value is not within the range. Other embodiments are described and claimed.
-
公开(公告)号:US09582663B2
公开(公告)日:2017-02-28
申请号:US14960709
申请日:2015-12-07
申请人: Intel Corporation
CPC分类号: G06F21/552 , G06F9/30145 , G06F21/566 , G06F2221/034
摘要: In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.
摘要翻译: 在一个实施例中,处理器包括至少一个执行单元和返回定向编程(ROP)检测逻辑。 ROP检测逻辑可以基于多个控制传送事件来确定ROP度量。 ROP检测逻辑还可以确定ROP度量是否超过阈值。 ROP检测逻辑还可以响应于ROP度量超过阈值的确定,提供ROP攻击通知。
-
公开(公告)号:US10445494B2
公开(公告)日:2019-10-15
申请号:US15658699
申请日:2017-07-25
申请人: Intel Corporation
摘要: In one embodiment, a processor comprises: a first register to store a first bound value for a stack to be stored in a memory; a second register to store a second bound value for the stack; a checker logic to determine, prior to an exit point at a conclusion of a function to be executed on the processor, whether a value of a stack pointer is within a range between the first bound value and the second bound value; and a logic to prevent a return to a caller of the function if the stack pointer value is not within the range. Other embodiments are described and claimed.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.018 秒)
