Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a hardware accelerator of a network device. A pre-matching process is performed by the first stage to identify a candidate packet that matches a string or over-flow pattern associated with access control (e.g., IPS or ADC) rules. A candidate rule is identified based on a correlation of results of the pre-matching process. The candidate packet is tokened to produce matching tokens and corresponding locations. A full-match process is performed on the candidate packet by a second stage of the hardware accelerator to determine whether it satisfies the candidate rule by performing one or more of (i) context-aware pattern matching, (ii) context-aware string matching and (iii) regular expression matching based on contextual information, the matching tokens and the corresponding locations.

Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a hardware accelerator of a network device. A pre-matching process is performed by the first stage to identify a candidate packet that matches a string or over-flow pattern associated with access control (e.g., IPS or ADC) rules. A candidate rule is identified based on a correlation of results of the pre-matching process. The candidate packet is tokened to produce matching tokens and corresponding locations. A full-match process is performed on the candidate packet by a second stage of the hardware accelerator to determine whether it satisfies the candidate rule by performing one or more of (i) context-aware pattern matching, (ii) context-aware string matching and (iii) regular expression matching based on contextual information, the matching tokens and the corresponding locations.

A data diode chip provides a flexible device for collecting data from a data source and transmitting the data to a data destination using one-way data transmission. On-chip processing elements allow the data diode to identify automatically the type of connectivity provided to the data diode and configure the data diode to handle the identified type of connectivity.

A data diode chip provides a flexible device for collecting data from a data source and transmitting the data to a data destination using one-way data transmission. On-chip processing elements allow the data diode to identify automatically the type of connectivity provided to the data diode and configure the data diode to handle the identified type of connectivity.

An aspect of behavior of an embedded system may be determined by (a) determining a baseline behavior of the embedded system from a sequence of patterns in real-time digital measurements extracted from the embedded system; (b) extracting, while the embedded system is operating, real-time digital measurements from the embedded system; (c) extracting features from the real-time digital measurements extracted from the embedded system while the embedded system was operating; and (d) determining the aspect of the behavior of the embedded system by analyzing the extracted features with respect to features of the baseline behavior determined.

An aspect of behavior of an embedded system may be determined by (a) determining a baseline behavior of the embedded system from a sequence of patterns in real-time digital measurements extracted from the embedded system; (b) extracting, while the embedded system is operating, real-time digital measurements from the embedded system; (c) extracting features from the real-time digital measurements extracted from the embedded system while the embedded system was operating; and (d) determining the aspect of the behavior of the embedded system by analyzing the extracted features with respect to features of the baseline behavior determined.

An anti-copy electronic device contains: a wireless signal controller having a sensor, and the wireless signal controller and the sensor are accommodated in a casing. The sensor has humidity detection, pressure detection, lights detection, color temperature detection, ultraviolet (UV) detection, and special gases detection in an interior space of the casing. After the casing is removed, the sensor detects a change of humidity, pressure, lights, color temperature, ultraviolet (UV), and special gases in the interior space and sends an indication signal to the wireless signal controller so that the wireless signal controller destroys a password setting program of the wireless signal controller, thus avoiding copy of the password setting program.

An anti-copy electronic device contains: a wireless signal controller having a sensor, and the wireless signal controller and the sensor are accommodated in a casing. The sensor has humidity detection, pressure detection, lights detection, color temperature detection, ultraviolet (UV) detection, and special gases detection in an interior space of the casing. After the casing is removed, the sensor detects a change of humidity, pressure, lights, color temperature, ultraviolet (UV), and special gases in the interior space and sends an indication signal to the wireless signal controller so that the wireless signal controller destroys a password setting program of the wireless signal controller, thus avoiding copy of the password setting program.

A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.