-
公开(公告)号:US12124581B2
公开(公告)日:2024-10-22
申请号:US18489686
申请日:2023-10-18
发明人: Siheung Kim , Keunyoung Park , Dongjin Park
CPC分类号: G06F21/572 , G06F9/45533 , G06F12/1441 , G06F15/7807 , G06F21/54 , G06F21/64 , G06F2009/45583 , G06F2212/7201
摘要: A system on chip includes a memory, a main processor that runs an operating system, and first Intellectual Properties (IPs) that perform respective processing operations. The main processor operates to copy target firmware to the memory using a firmware loader, using a hypervisor, block access of the main processor and the first IPs to the target firmware before verification of the target firmware, and using the hypervisor, grant access to the target firmware by a target IP among the first IPs that corresponds to the target firmware after the verification of the target firmware.
-
2.发明公开公开(公告)号:US20240338427A1
公开(公告)日:2024-10-10
申请号:US18745350
申请日:2024-06-17
摘要: Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification.
-
公开(公告)号:US12113786B2
公开(公告)日:2024-10-08
申请号:US18216093
申请日:2023-06-29
IPC分类号: G06F21/71 , G06F21/54 , G06F21/57 , G06F21/64 , H04L9/08 , H04L9/14 , H04L9/32 , H04L9/40 , H04W12/04 , H04W12/041
CPC分类号: H04L63/0823 , G06F21/54 , G06F21/57 , G06F21/64 , G06F21/71 , H04L9/083 , H04L9/0897 , H04L9/14 , H04L9/3247 , H04L63/061 , H04L63/083 , H04W12/04 , H04W12/041 , G06F2221/2101
摘要: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.
-
公开(公告)号:US12111916B2
公开(公告)日:2024-10-08
申请号:US17455109
申请日:2021-11-16
CPC分类号: G06F21/54 , G06F21/602 , G06F21/6227 , H04L67/56
摘要: A proxy apparatus for analyzing database queries in a secure network using a valid-query library that is constructed during an initial period following the deployment of an application. The proxy apparatus receives, in an operational mode, an operational database query from the secure network, generates an identifier for the received operational database query based at least upon a query code of the received operational database query; identifies a source and a destination of the received operation database query and compares the generated identifier, the identified source, and the identified destination to the valid-query library. When the comparing fails to match any entries in the valid-query library, the proxy apparatus terminates the operational database query; and when the comparing step matches an entry in the valid-query library, the proxy apparatus relays the received operational database query based on the destination identification.
-
5.发明授权公开(公告)号:US12107866B2
公开(公告)日:2024-10-01
申请号:US18211537
申请日:2023-06-19
申请人: Styra, Inc.
CPC分类号: H04L63/108 , G06F8/65 , G06F9/542 , G06F9/547 , H04L63/10 , H04L63/20 , H04L67/10 , G06F21/54 , G06F21/6281
摘要: Some embodiments provide a method for authorizing application programming interface (API) calls on a host computer in a local cluster of computers. The method is performed in some embodiments by an API-authorizing agent executing on the host computer in the local computer cluster. From a remote cluster of computers, the method receives (1) a set of API-authorizing policies to evaluate in order to determine whether API calls to an application executing on the host computer are authorized, and (2) a set of parameters needed for evaluating the policies. With the remote cluster of computers, the method registers for notifications regarding updates to the set of parameters. The method then receives notifications, from the remote cluster, regarding an update to the set of parameters, and modifies the set of parameters based on the update. In some embodiments, the notification includes the update, while in other embodiments the method directs the remote cluster to provide the update after receiving the notification regarding the update. In addition to the notifications, the method periodically polls the remote cluster to retrieve the set of parameters needed for the received set of policies, in order to supplement data received through the notifications.
-
公开(公告)号:US12105850B2
公开(公告)日:2024-10-01
申请号:US17454166
申请日:2021-11-09
申请人: Dell Products L.P.
CPC分类号: G06F21/64 , G06F21/33 , G06F21/54 , G06F21/572 , G06F21/602 , G06F21/73 , G06F21/107
摘要: A method of implementing a self-provisioning computer system is shown. The method includes storing a secure base activation image on a computer system. This includes storing executable code to implement enhanced network discovery configured to first attempt to determine if a private TCP port is open and if the private TCP port is not open to default to use of a public URL on a well-known TCP port at the computer system. This further includes storing executable code to implement an auto-connection service configured to automatically connect to a remote activation service to perform identification and attestation of the computer system. This further includes storing executable code to implement a secure vault for cryptographic secrets.
-
公开(公告)号:US12105796B2
公开(公告)日:2024-10-01
申请号:US16596971
申请日:2019-10-09
发明人: Timothy Weng Lup Yip
CPC分类号: G06F21/552 , G06F16/258 , G06F21/54 , G06F21/602 , G06F21/1078
摘要: Systems and methods for tracking, collecting, processing, enriching, analyzing and reporting on data in the context of cyber security investigations are disclosed. According to one embodiment, in an information processing apparatus comprising at least one computer processor, a method for conducing cyber investigations may include: (1) receiving initiation of an investigative workflow comprising contextual information including at least one of a case, a data asset, a subject, and a threat; (2) collecting digital evidence from the data asset; (3) processing the digital evidence into structured data; (4) staging and enriching the structured data; (5) analyzing the enriched structured data; and (6) generating at least one report based on the analysis.
-
8.发明授权公开(公告)号:US12105794B2
公开(公告)日:2024-10-01
申请号:US18125420
申请日:2023-03-23
发明人: Brandon Sloane , John Howard Kling
CPC分类号: G06F21/54 , G06F21/31 , G06F21/604
摘要: A system is provided for electronic data obfuscation and protection using independent destructible data objects. The system may split a set of data into a data portion and a key portion, where the data portion may be stored in a database separately from the key portion. The data portion may further comprise a set of executable code for a time or iteration based destructible data object, where the data object may incrementally decrease a countdown value based on the passage of time and/or iterations. If the countdown value reaches a threshold value without being refreshed, the data object may automatically execute one or more processes to protect the set of data. In this way, the system provides a secure way to prevent unauthorized access to sensitive data.
-
公开(公告)号:US12086237B2
公开(公告)日:2024-09-10
申请号:US17557643
申请日:2021-12-21
IPC分类号: G06F21/51 , G06F21/31 , G06F21/52 , G06F21/53 , G06F21/54 , G06F21/57 , G06F21/64 , G06F21/79
摘要: Securely redirecting a system service routine via a provider service table. A service call provider is loaded within an operating system executing in a lower trust security zone. The service call provider comprises metadata indicating a system service routine to be redirected to the service call provider. Based on the metadata, a provider service table is built within a higher trust security zone. The service table redirects the system service routine to the service call provider. Memory page(s) associated with the provider service table are hardware protected, and a read-only view is exposed to the operating system. The provider service table is associated with a user-mode process. A service call for a particular system service routine is received by the operation system from the user-mode process and, based on the provider service table being associated with the user-mode process, the service call is directed to the service call provider.
-
公开(公告)号:US20240289475A1
公开(公告)日:2024-08-29
申请号:US18175766
申请日:2023-02-28
申请人: CrowdStrike, Inc.
发明人: Marco Vedovati , Martin Kelly
CPC分类号: G06F21/6209 , G06F21/54 , G06F21/552
摘要: A method of generating a file hash using fingerprinting data includes acquiring, using one or more programs executing in a kernel space of an operating system, fingerprinting data associated with a target application process in a user space of the operating system responsive to detecting an execution of the target application process, sharing, by a processing device using the one or more programs, the fingerprinting data with a user space monitoring application executing in the user space of the operating system, generating a hash value of a target application file associated with the target application process, and determining, using the user space monitoring application, a validity of the hash value based on the fingerprinting data.
-
-
-
-
-
-
-
-
-
搜索结果
2108 条记录 (耗时 0.037 秒)
