-
公开(公告)号:WO2021055007A1
公开(公告)日:2021-03-25
申请号:PCT/US2020/022541
申请日:2020-03-13
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: KIM, Chung Hwan , RHEE, Junghwan , YU, Xiao , TANG, LuAn , CHEN, Haifeng , KIM, Kyungtae
Abstract: A computer-implemented method for efficient and scalable enclave protection for machine learning (ML) programs includes tailoring at least one ML program to generate at least one tailored ML program for execution within at least one enclave, and executing the at least one tailored ML program within the at least one enclave.
-
公开(公告)号:WO2021030133A1
公开(公告)日:2021-02-18
申请号:PCT/US2020/045150
申请日:2020-08-06
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: YU, Xiao , HAN, Xueyuan , LI, Ding , RHEE, Junghwan , CHEN, Haifeng
Abstract: A computer-implemented method for securing software installation through deep graph learning includes extracting (810) a new software installation graph (SIG) corresponding to a new software installation based on installation data associated with the new software installation, using (820) at least two node embedding models to generate a first vector representation by embedding the nodes of the new SIG and inferring any embeddings for out-of-vocabulary (OOV) words corresponding to unseen pathnames, utilizing (830) a deep graph autoencoder to reconstruct nodes of the new SIG from latent vector representations encoded by the graph LSTM, wherein reconstruction losses resulting from a difference of a second vector representation generated by the deep graph autoencoder and the first vector representation represent anomaly scores for each node, and performing (840) anomaly detection by comparing an overall anomaly score of the anomaly scores to a threshold of normal software installation.
-
公开(公告)号:WO2022072772A1
公开(公告)日:2022-04-07
申请号:PCT/US2021/053078
申请日:2021-10-01
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: CHEN, Yuncong , CHEN, Zhengzhang , LUMEZANU, Cristian , NATSUMEDA, Masanao , YU, Xiao , CHENG, Wei , MIZOGUCHI, Takehiko , CHEN, Haifeng
Abstract: A method for system metric prediction and influential events identification by concurrently employing metric logs and event logs is presented. The method includes concurrently modeling (1301) multivariate metric series and individual events in event series by a multi-stream recurrent neural network (RNN) to improve prediction of future metrics, where the multi- stream RNN includes a series of RNNs, one RNN for each metric and one RNN for each event sequence and modeling (1303) causality relations between the multivariate metric series and the individual events in the event series by employing an attention mechanism to identify target events most responsible for fluctuations of one or more target metrics.
-
4.发明申请
公开(公告)号:WO2022035954A1
公开(公告)日:2022-02-17
申请号:PCT/US2021/045530
申请日:2021-08-11
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: YU, Xiao , CHEN, Haifeng , ZUO, Fei
Abstract: A computer- implemented method is provided for computer intrusion detection. The method includes establishing (1010) a mapping from low-level system calls to user functions in computer programs. The user functions run in a user space of an operating system. The method further includes identifying (1020), using a search algorithm inputting the mapping and a system-call trace captured at runtime, any of the user functions that trigger the low-level system calls in the system-call trace. The method further includes performing (1030), by a processor device, intrusion detection responsive to a provenance graph with program contexts. The provenance graph has nodes formed from the user functions that trigger the low-level system calls in the system-call trace. Edges in the provenance graph have edge labels describing high-level system operations for low-level system call to high-level system operation correlation- based intrusion detection.
-
-
-
Search Results
4
records
(took 0.023 seconds)
