Abstract: Provided are semiconductor devices that include a first gate structure having a first end cap portion, a second gate structure having a second end cap portion coaxial with the first gate structure, a first dielectric region separating the first end cap portion and the second end cap portion, a first conductive element extending over the first gate structure, a second conductive element extending over the second gate structure, and a gate via electrically connecting the second gate structure and the second conductive element, with the first dielectric region having a first width and being positioned at least partially under the first conductive element and defines a spacing between the gate via and an end of the second end cap portion that exceeds a predetermined distance.

Abstract: A file vulnerability detection method includes: translating a binary file into an intermediate file; analyzing the intermediate file to obtain multiple functions to be tested; establishing function characteristic data of each of the functions to be tested; and comparing correlations between the function characteristic data of each of the functions to be tested and at least one pair of characteristic data with vulnerability of at least one vulnerability function and characteristic data without vulnerability of the at least one vulnerability function in a vulnerability database based on a characteristic model to determine whether each of the functions to be tested corresponding to each function characteristic data has a vulnerability, wherein the characteristic model has information representing multiple back-end binary files generated by multiple back-end platforms, wherein the characteristic data with vulnerability has the vulnerability, and the characteristic data without vulnerability does not have the vuln

Abstract: A fuzz testing apparatus transmits a plurality of packets to the device under test (DUT), and calculates a probability of abnormal state, a normal response time and an abnormal-state-processing time of the DUT for the packets. Then, the fuzz testing apparatus estimates a maximum quantity of packets that can be sent to the DUT according to the probability of abnormal state the normal response time and the abnormal-state-processing time corresponding to the standby time of the DUT. Finally, the fuzz testing apparatus determines a plurality of test packets from a plurality of candidate test packets according to the maximum quantity of packets.

Abstract: A file vulnerability detection method includes: translating a binary file into an intermediate file; analyzing the intermediate file to obtain multiple functions to be tested; establishing function characteristic data of each of the functions to be tested; and comparing correlations between the function characteristic data of each of the functions to be tested and at least one pair of characteristic data with vulnerability of at least one vulnerability function and characteristic data without vulnerability of the at least one vulnerability function in a vulnerability database based on a characteristic model to determine whether each of the functions to be tested corresponding to each function characteristic data has a vulnerability, wherein the characteristic model has information representing multiple back-end binary files generated by multiple back-end platforms, wherein the characteristic data with vulnerability has the vulnerability, and the characteristic data without vulnerability does not have the vuln

Abstract: A fuzz testing apparatus transmits a plurality of packets to the device under test (DUT), and calculates a probability of abnormal state, a normal response time and an abnormal-state-processing time of the DUT for the packets. Then, the fuzz testing apparatus estimates a maximum quantity of packets that can be sent to the DUT according to the probability of abnormal state the normal response time and the abnormal-state-processing time corresponding to the standby time of the DUT. Finally, the fuzz testing apparatus determines a plurality of test packets from a plurality of candidate test packets according to the maximum quantity of packets.

Abstract: A system for training transfer models that includes a memory and a processor coupling to each other. The memory stores instructions. The processor accesses the instructions to retrieve raw datasets from a first-type device and train a feature extraction model, a transfer feature and a preliminary classify model based on the raw datasets. The processor further transfers the feature extraction model, the transfer feature and the preliminary classify model to a host of a manufacturer so that the host directly applies the feature extraction model and the transfer feature, and retrains the preliminary classify model as an adapted classify model based on practical datasets.

Abstract: A system for training transfer models that includes a memory and a processor coupling to each other. The memory stores instructions. The processor accesses the instructions to retrieve raw datasets from a first-type device and train a feature extraction model, a transfer feature and a preliminary classify model based on the raw datasets. The processor further transfers the feature extraction model, the transfer feature and the preliminary classify model to a host of a manufacturer so that the host directly applies the feature extraction model and the transfer feature, and retrains the preliminary classify model as an adapted classify model based on practical datasets.

Abstract: A device for producing test data stores a plurality of simulated test data each of which substantially conforms to the data format accepted by a device under test (DUT). The data format includes different data blocks. The device for producing test data also mutates each of the simulated test data in one of a plurality of mutation forms to generate a plurality of first test data for testing the DUT. Each of the mutation forms refers to mutating one of the data blocks in one of a plurality of mutation ways.

Abstract: A virtual time control apparatus, method, and non-transitory computer readable storage medium thereof are provided. The virtual time control apparatus includes a system timer, a real time clock, and a processing unit, wherein the processing unit is electrically connected to the system timer and the real time clock. The system timer has an original timer period, while the real time clock has an original tick period. The processing unit executes a hypervisor. The hypervisor generates a virtual timer period according to an adjustment ratio and the original timer period. The hypervisor generates a virtual tick period according to the adjustment ratio and the original tick period.

Abstract: A computer device and a method of identifying whether container behavior thereof is abnormal are provided. The computer device detects container behavior of a container in a time interval, and identifies whether the container behavior of the container is abnormal according to a container behavior identification module, thereby determining whether there is an intrusion. In addition, a decoy container can be installed in the computer device to attract attacking or invading from a third party so as to reduce the risk of the container being attacked, and the container behavior identification module can be updated according to the container behavior of the decoy container.

Abstract: A device for producing test data stores a plurality of simulated test data each of which substantially conforms to the data format accepted by a device under test (DUT). The data format includes different data blocks. The device for producing test data also mutates each of the simulated test data in one of a plurality of mutation forms to generate a plurality of first test data for testing the DUT. Each of the mutation forms refers to mutating one of the data blocks in one of a plurality of mutation ways.

Abstract: A monitor apparatus, method, and non-transitory computer readable storage medium thereof are provided. The monitor method is adapted for an electronic computing apparatus, wherein the electronic computing apparatus stores a smart contract and a blockchain ledger of a blockchain system. The monitor method periodically executes the following steps: (a) obtaining a piece of behavior information of a first electronic apparatus at a time point, (b) retrieving, via the smart contract, a plurality of pieces of previous behavior information within a time interval from the blockchain ledger, wherein the time interval is defined by the time point, and each piece of previous behavior information corresponds to one of a plurality of second electronic apparatuses and the first electronic apparatus, (c) determining a legality of the piece of behavior information according to the pieces of previous behavior information, and (d) writing the behavior information into the blockchain ledger.

Abstract: A detection system and method thereof are provided. The detection method comprises the following steps: decompiling a first application package file to generate a plurality of first decompiled files, and the first decompiled files comprising a first decompiled code; comparing the first decompiled code with a second decompiled code of a second application package file to analyze a different code segment between the first decompiled code and the second decompiled code; classifying a changed code type corresponding to the different code segment according to a function call flow of the first decompiled code; loading a correspondence table and selecting at least one detection rule corresponding to the changed code type in the correspondence table; confirming a detection region of the first decompiled code according to the at least one detection rule; and detecting the detection region to generate a security detection result.

Abstract: A detection method comprising: (A) transmitting a to-be tested file to a first testing machine by the processing device; wherein the first testing machine uses for executing the to-be tested file; (B) monitoring that whether a component usage of the first testing machine is higher than a default threshold during a period of executing the to-be tested file by the processing device; and (C) when the component usage of the first testing machine is higher than the default threshold, the memory forensics module analyzes the memory space of the first testing machine to determine that whether the to-be tested file comprises a malware program and generate an analyzing result.

Abstract: A computer device and a method of identifying whether container behavior thereof is abnormal are provided. The computer device detects container behavior of a container in a time interval, and identifies whether the container behavior of the container is abnormal according to a container behavior identification module, thereby determining whether there is an intrusion. In addition, a decoy container can be installed in the computer device to attract attacking or invading from a third party so as to reduce the risk of the container being attacked, and the container behavior identification module can be updated according to the container behavior of the decoy container.

Abstract: A monitor apparatus, method, and non-transitory computer readable storage medium thereof are provided. The monitor method is adapted for an electronic computing apparatus, wherein the electronic computing apparatus stores a smart contract and a blockchain ledger of a blockchain system. The monitor method periodically executes the following steps: (a) obtaining a piece of behavior information of a first electronic apparatus at a time point, (b) retrieving, via the smart contract, a plurality of pieces of previous behavior information within a time interval from the blockchain ledger, wherein the time interval is defined by the time point, and each piece of previous behavior information corresponds to one of a plurality of second electronic apparatuses and the first electronic apparatus, (c) determining a legality of the piece of behavior information according to the pieces of previous behavior information, and (d) writing the behavior information into the blockchain ledger.

Abstract: A detection method comprising: (A) transmitting a to-be tested file to a first testing machine by the processing device; wherein the first testing machine uses for executing the to-be tested file; (B) monitoring that whether a component usage of the first testing machine is higher than a default threshold during a period of executing the to-be tested file by the processing device; and (C) when the component usage of the first testing machine is higher than the default threshold, the memory forensics module analyzes the memory space of the first testing machine to determine that whether the to-be tested file comprises a malware program and generate an analyzing result.

Abstract: A detection system and method thereof are provided. The detection method comprises the following steps: decompiling a first application package file to generate a plurality of first decompiled files, and the first decompiled files comprising a first decompiled code; comparing the first decompiled code with a second decompiled code of a second application package file to analyze a different code segment between the first decompiled code and the second decompiled code; classifying a changed code type corresponding to the different code segment according to a function call flow of the first decompiled code; loading a correspondence table and selecting at least one detection rule corresponding to the changed code type in the correspondence table; confirming a detection region of the first decompiled code according to the at least one detection rule; and detecting the detection region to generate a security detection result.

Abstract: A virtual time control apparatus, method, and non-transitory computer readable storage medium thereof are provided. The virtual time control apparatus includes a system timer, a real time clock, and a processing unit, wherein the processing unit is electrically connected to the system timer and the real time clock. The system timer has an original timer period, while the real time clock has an original tick period. The processing unit executes a hypervisor. The hypervisor generates a virtual timer period according to an adjustment ratio and the original timer period. The hypervisor generates a virtual tick period according to the adjustment ratio and the original tick period.

Abstract: A method for performing anonymous testing on electronic digital data is provided. The method comprises the steps outlined below. At least one electronic digital data is received. A type of the electronic digital data is identified to retrieve a plurality of data fields according to the type of the electronic digital data, in which the data fields further comprises a plurality of data blocks. The data fields and the data blocks are analyzed such that they are categorized as at least one logic operation part and at least one data content part. A data-hiding process is performed on the data content part only to generate output electronic digital data and a subsequent analysis is performed on the output electronic digital data.