A discrete three-dimensional (3-D) processor comprises stacked first and second dice. The first die comprises three-dimensional memory (3D-M) arrays, whereas the second die comprises at least a portion of a logic/processing circuit and an off-die peripheral-circuit component of the 3D-M array(s). The preferred 3-D processor can be used to compute non-arithmetic function/model. In other applications, the preferred 3-D processor may also be a 3-D configurable computing array, a 3-D pattern processor, or a 3-D neuro-processor.

An attack information processing apparatus (10) includes an extraction unit (11) configured to extract first and second attack knowledge pieces indicating conditions of a cyber attack from first and second attack information pieces including descriptions of the cyber attack, a determination unit (12) configured to determine similarity between the first and second attack information pieces, and a complementing unit (13) configured to complement the first attack knowledge piece with the second attack knowledge piece based on the determined similarity.

In an example, a method includes providing a computing device with an instruction to cause the computing device to execute the instruction. The method further includes monitoring a side channel of a microarchitectural component of the computing device to obtain an indication of whether or not a state of the microarchitectural component changes as a result of the computing device executing the instruction. The method further includes determining whether or not the indication corresponds to an expected state of the microarchitectural component for the instruction.

Security can be improved in a business application or system, such as a mission-critical application, by automatically analyzing and detecting anomalies for mission-critical applications. This detection may be based on a dynamic analysis of business process logs and audit trails that includes User and Entity Behavior Analysis (“UEBA”).

A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.

An apparatus to facilitate scalable runtime validation for on-device design rule checks is disclosed. The apparatus includes a memory to store a contention set, one or more multiplexors, and a validator communicably coupled to the memory. In one implementation, the validator is to: receive design rule information for the one or more multiplexers, the design rule information referencing the contention set; analyze, using the design rule information, a user bitstream against the contention set at a programming time of the apparatus, the user bitstream for programming the one or more multiplexors; and provide an error indication responsive to identifying a match between the user bitstream and the contention set.

A method for managing memory within a computing system. The method includes one or more computer processors identifying a range of physical memory addresses that store a first data. The method further includes determining whether a second data is stored within the range of physical memory addresses that stores the first data. The method further includes responding to determining that the second data is stored within the range of physical memory addresses that store the first data, by determining whether a process accessing the second data is identified as associated with a side-channel attack. The method further includes responding to determining that the process accessing the second data is associated with the side-channel attack, by initiating a response associated with the process accessing the second data.

Provided is a process that includes sharing information among two or more parties or systems for modeling and decision-making purposes, while limiting the exposure of details either too sensitive to share, or whose sharing is controlled by laws, regulations, or business needs.

Systems, computer program products, and methods are described herein for software compiler integrity verification. The present invention is configured to retrieve, from a source code repository, a source code; process, using a first build machine, the source code into a first object code; process, using a second build machine, the source code into a second object code; initiate an integrity verification engine on the first object code and the second object code; decompile, using the integrity verification engine, the first object code to create a first decompiled object code and the second object code to create a second decompiled object code; compare the first decompiled object code with the second decompiled object code; determine a match between the first decompiled object code and the second decompiled object code; and transmit an approval notification.

Embodiments of the present disclosure provide systems, methods, and non-transitory computer storage media for identifying malicious enterprise behaviors within a large enterprise. At a high level, embodiments of the present disclosure identify sub-graphs of behaviors within an enterprise based on probabilistic and deterministic methods. For example, starting with the node or edge having the highest risk score, embodiments of the present disclosure iteratively crawl a list of neighbors associated with the nodes or edges to identify subsets of behaviors within an enterprise that indicate potentially malicious activity based on the risk scores of each connected node and edge. In another example, embodiments select a target node and traverse the connected nodes via edges until a root-cause condition is met. Based on the traversal, a sub-graph is identified indicating a malicious execution path of traversed nodes with associated insights indicating the meaning or activity of the node.