-
1.发明授权Methods, devices, and systems for detecting return oriented programming exploits 有权用于检测返回导向编程漏洞的方法,设备和系统公开(公告)号:US09262627B2
公开(公告)日:2016-02-16
申请号:US14473736
申请日:2014-08-29
发明人: Daniel Komaromy , Alexander Gantman , Brian Rosenberg , Arun Balakrishnan , Renwei Ge , Gregory Rose , Anand Palanigounder
CPC分类号: G06F21/52 , G06F11/3037 , G06F11/3466 , G06F12/0811 , G06F12/0848 , G06F12/0875 , G06F12/14 , G06F21/554 , G06F21/566 , G06F2212/452
摘要: Methods, devices, and systems for detecting return-oriented programming (ROP) exploits are disclosed. A system includes a processor, a main memory, and a cache memory. A cache monitor develops an instruction loading profile by monitoring accesses to cached instructions found in the cache memory and misses to instructions not currently in the cache memory. A remedial action unit terminates execution of one or more of the valid code sequences if the instruction loading profile is indicative of execution of an ROP exploit involving one or more valid code sequences. The instruction loading profile may be a hit/miss ratio derived from monitoring cache hits relative to cache misses. The ROP exploits may include code snippets that each include an executable instruction and a return instruction from valid code sequences.
摘要翻译: 公开了用于检测返回式编程(ROP)漏洞的方法,设备和系统。 系统包括处理器,主存储器和高速缓冲存储器。 高速缓存监视器通过监视对高速缓冲存储器中发现的高速缓存指令的访问来开发指令加载简档,并且错过当前不在高速缓冲存储器中的指令。 如果指令加载简档指示涉及一个或多个有效代码序列的ROP利用的执行,补救动作单元终止一个或多个有效代码序列的执行。 指令加载简档可以是相对于高速缓存未命中从监视高速缓存命中得到的命中/未命中比率。 ROP利用可能包括代码段,每个代码片段都包含可执行指令和来自有效代码序列的返回指令。
-
公开(公告)号:US09198215B2
公开(公告)日:2015-11-24
申请号:US13938792
申请日:2013-07-10
发明人: Alexander Gantman , Dedy Lansky , Yossef Tsfaty
摘要: Reciprocal wireless connections may be established between a pair of devices to support failover, load balancing, traffic distribution, or other peer-to-peer connectivity features. Each device of a pair of devices may implement both a local wireless access point and a local wireless station to communicate with the other device of the pair of devices. Establishment of a second wireless connection between the pair of devices may be coordinated using a protocol extension of a first wireless connection. A multiplexing (MUX) component may coordinate traffic among the reciprocal wireless connections.
摘要翻译: 可以在一对设备之间建立交互无线连接,以支持故障转移,负载平衡,流量分配或其他对等连接功能。 一对设备的每个设备可以实现本地无线接入点和本地无线站两者以与一对设备中的另一设备进行通信。 可以使用第一无线连接的协议扩展来协调该对设备之间的第二无线连接的建立。 多路复用(MUX)组件可以协调相互无线连接之间的通信。
-
3.发明申请METHOD FOR AUTHENTICATING A DEVICE CONNECTION FOR WEBSITE ACCESS WITHOUT USING A WEBSITE PASSWORD 有权用于网站访问的设备连接的验证方法,不使用网站密码公开(公告)号:US20150040200A1
公开(公告)日:2015-02-05
申请号:US13958331
申请日:2013-08-02
发明人: Alexander Gantman
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06F21/128 , G06F21/44 , H04L63/18 , H04L67/02
摘要: A method herein is for authenticating a device connection for website access without using a website password. In the method, a web server receives an access request over the device connection from a device requesting access to a website based on a pre-established identity. The web server, in response to the access request, forwards an access cookie to the device over the device connection and forwards an activation URL to an address associated with the pre-established identity. The web server receives a request for the forwarded activation URL and, using the access cookie, grants access to the device over the device connection.
摘要翻译: 这里的方法是用于认证用于网站访问的设备连接而不使用网站密码。 在该方法中,Web服务器通过设备连接从基于预先建立的身份请求访问网站的设备接收访问请求。 Web服务器响应于访问请求,通过设备连接将访问cookie转发到设备,并将激活URL转发到与预先建立的身份相关联的地址。 Web服务器接收到转发的激活URL的请求,并使用访问cookie通过设备连接授予对设备的访问权限。
-
公开(公告)号:US09779798B1
公开(公告)日:2017-10-03
申请号:US15400515
申请日:2017-01-06
发明人: Yanru Li , Dexter Chun , Jungwon Suh , Alexander Gantman
IPC分类号: G11C7/00 , G11C11/4078 , G11C11/406
CPC分类号: G11C8/12 , G11C7/1063 , G11C11/40603 , G11C11/40618 , G11C11/4087
摘要: Systems, methods, and computer programs for providing row tamper protection in a multi-bank memory cell array. One method comprises monitoring row activation activity for each of a plurality of banks in a multi-bank memory cell array. In response to monitoring the row activation activity, a row activation counter table is stored in a memory. The row activation counter table comprises a plurality of row address entries, each row address entry having a corresponding row activation counter. In response to detecting one of the plurality of row activation counters has exceeded a threshold indicating suspicious row tampering, the corresponding row address entry associated with the row activation counter exceeding the threshold is determined. A refresh operation is performed on one or more rows adjacent to the row address having the row activation counter exceeding the threshold.
-
公开(公告)号:US09652362B2
公开(公告)日:2017-05-16
申请号:US14259501
申请日:2014-04-23
IPC分类号: G06F11/00 , G06F11/36 , H04L29/06 , G06N5/04 , G06F21/55 , G06F21/56 , G06F21/44 , G06F21/52 , G06N99/00 , G06F19/00
CPC分类号: G06F11/3612 , G06F19/707 , G06F21/44 , G06F21/52 , G06F21/552 , G06F21/562 , G06F21/566 , G06F2221/034 , G06N5/04 , G06N5/043 , G06N99/005 , H04L63/14
摘要: Methods, and mobile devices implementing the methods, use application-specific and/or application-type specific classifier to improve the efficiency and performance of a comprehensive behavioral monitoring and analysis system predicting whether a software application is causing undesirable or performance depredating behavior. The application-specific and application-type specific classifier models may include a reduced and more focused subset of the decision nodes that are included in a full or more complete classifier model that may be received or generated in the mobile device. The locally generated application-specific and/or application-type specific classifier models may be used to perform real-time behavior monitoring and analysis operations by applying the application-based classifier models to a behavior/feature vector generated by monitoring mobile device behavior. The various aspects focus monitoring and analysis operations on a small number of features that are most important for determining whether operations of a software application are contributing to undesirable or performance depredating behavior.
-
公开(公告)号:US20160313938A1
公开(公告)日:2016-10-27
申请号:US14696229
申请日:2015-04-24
发明人: Alexander Gantman , Can Acar , Billy Brumley , Brian Rosenberg
IPC分类号: G06F3/06
CPC分类号: G06F3/0622 , G06F3/0637 , G06F3/0673 , G06F12/1425 , G06F21/79
摘要: A way is provided to protect memory blocks from unauthorized access from executable instructions by defining various sets of instructions that are specifically bound to operate on defined memory blocks and inhibited from operating in other memory blocks. For instance, executable code may include a plurality of distinct read and write instructions where each read and/or write instruction is specific to one memory access tag from a plurality of different memory access tags. Memory blocks are also established and each memory block is associated with one of the plurality of different memory access tags. Consequently, if a first read and/or write instruction, associated with a first memory access tag, attempts to access a memory block associated with a different memory access tag, then execution of the first read and/or write instruction is inhibited or aborted.
摘要翻译: 提供了一种方式来通过限定特定绑定以对定义的存储器块进行操作并禁止在其他存储器块中操作的各种指令集来保护存储器块免受未经授权的访问。 例如,可执行代码可以包括多个不同的读取和写入指令,其中每个读取和/或写入指令是特定于来自多个不同存储器访问标签的一个存储器访问标签。 还建立了存储器块,并且每个存储器块与多个不同的存储器访问标签中的一个相关联。 因此,如果与第一存储器访问标签相关联的第一读取和/或写入指令尝试访问与不同存储器访问标签相关联的存储器块,则禁止或中止第一读取和/或写入指令的执行。
-
7.发明授权Method for authenticating a device connection for a website access without using a website password 有权用于在不使用网站密码的情况下认证用于网站访问的设备连接的方法公开(公告)号:US09325684B2
公开(公告)日:2016-04-26
申请号:US13958331
申请日:2013-08-02
发明人: Alexander Gantman
CPC分类号: H04L63/08 , G06F21/128 , G06F21/44 , H04L63/18 , H04L67/02
摘要: A method herein is for authenticating a device connection for website access without using a website password. In the method, a web server receives an access request over the device connection from a device requesting access to a website based on a pre-established identity. The web server, in response to the access request, forwards an access cookie to the device over the device connection and forwards an activation URL to an address associated with the pre-established identity. The web server receives a request for the forwarded activation URL and, using the access cookie, grants access to the device over the device connection.
摘要翻译: 这里的方法是用于认证用于网站访问的设备连接而不使用网站密码。 在该方法中,Web服务器通过设备连接从基于预先建立的身份请求访问网站的设备接收访问请求。 Web服务器响应于访问请求,通过设备连接将访问cookie转发到设备,并将激活URL转发到与预先建立的身份相关联的地址。 Web服务器接收到转发的激活URL的请求,并使用访问cookie通过设备连接授予对设备的访问权限。
-
8.发明授权公开(公告)号:US11126586B2
公开(公告)日:2021-09-21
申请号:US16836982
申请日:2020-04-01
发明人: Dhamim Packer Ali , Sreenivasulu Reddy Chalamcharla , Ruchi Parekh , Daison Davis Koola , Dhaval Patel , Eric Taseski , Yanru Li , Alexander Gantman
IPC分类号: G06F15/177 , G06F9/4401 , G06F9/445 , G05B13/02 , G06F1/3293 , G06F1/3234 , G06F1/324 , G06F15/76 , G06F21/57 , G06F30/30
摘要: Various additional and alternative aspects are described herein. In some aspects, the present disclosure provides a method of calibrating a component. The method includes receiving previous calibration parameters for an external component at a secondary SoC from a primary SoC, wherein the secondary SoC is coupled to the external component and configured to calibrate the external component. The method further includes determining validity of the previous calibration parameters by the secondary SoC. The method further includes operating the external component by the secondary SoC based on the determined validity of the previous calibration parameters.
-
公开(公告)号:US11055402B2
公开(公告)日:2021-07-06
申请号:US16142611
申请日:2018-09-26
发明人: Can Acar , Robert Turner , Alexander Gantman
摘要: A method is provided for safely executing dynamically generated code to avoid the possibility of an attack in unprotected memory space. Upon ascertaining that dynamically generated code is to be executed, a processing circuit and/or operating system kernel restrict the dynamically generated code to use a first memory region within an unprotected memory space, where the first memory region is distinct (e.g., reserved) from other memory regions used by other processes executed by the processing circuit. A first processing stack is maintained for the dynamically generated code within the first memory region. This first processing stack is separate from a general processing stack used by other processes executed by the processing circuit. A stack pointer is switched/pointed to the first processing stack when the dynamically generated code is executed and the stack pointer is switched/pointed to the general processing stack when the dynamically generated code ends.
-
公开(公告)号:US09882722B2
公开(公告)日:2018-01-30
申请号:US14457912
申请日:2014-08-12
CPC分类号: H04L9/3247 , G06F21/10 , G06F21/16 , H04L9/3242 , H04L2209/38
摘要: A system is provided for inside-to-outside or outside-to-inside cryptographic coding that facilitates product authentication along a distribution channel. An association of authenticated, secured codes is generated between inner items (e.g., pharmaceutical doses such as pills, capsules, tablets) and outer items (e.g., packaging containing inner items). For instance, an inner code associated with a first item is used to generate (at least partially) an outer code associated with a second item that contains one or more first items. This process may be repeated multiple times with codes for outer items being a function of codes for inner items. The sequence of items may be authenticated by the dependent relationship between their codes.
-
-
-
-
-
-
-
-
-
搜索结果
27 条记录 (耗时 0.017 秒)
