Abstract: A semiconductor device includes a substrate, a dielectric layer disposed over the substrate, and an interconnect structure extending through the dielectric layer. The dielectric layer includes a low-k dielectric material which includes silicon carbonitride having a carbon content ranging from about 30 atomic % to about 45 atomic %. The semiconductor device further includes a thermal dissipation feature extending through the dielectric layer and disposed to be spaced apart from the interconnect structure.

Abstract: An encryption and signature device for AI model protection is provided. The encryption and signature device for AI model protection includes a key derivation unit, a model encryption unit, a model password encryption unit, an image generation unit and a signature unit. The key derivation unit is configured to derive a model key according to a model password and a derivation function. The model encryption unit is configured to encrypt an AI model according to the model key to generate an encrypted AI model. The model password encryption unit is configured to encrypt the model password to generate an encrypted model password. The image generation unit is configured to generate an image file according to the encrypted model password and the encrypted AI model. The signature unit is configured to sign the image file according to a private key to obtain a signed image file.

Abstract: An attack path detection method, attack path detection system and non-transitory computer-readable medium are provided in this disclosure. The attack path detection method includes the following operations: establishing a connecting relationship among a plurality of hosts according to a host log set to generate a host association graph; labeling at least one host with an abnormal condition on the host association graph; calculating a risk value corresponding to each of the plurality of hosts; in a host without the abnormal condition, determining whether the risk value corresponding to the host without the abnormal condition is greater than a first threshold, and utilizing a host with the risk value greater than the first threshold as a high-risk host; and searching at least one host attach path from the high-risk host and the at least one host with the abnormal condition according to the connecting relationship of the host association graph.

Abstract: A machine learning system and method are provided. The machine learning system includes a plurality of client apparatuses, and the client apparatuses include a first client apparatus and one or more second client apparatuses. The first client apparatus transmits a model update request to the one or more second client apparatuses, and the model update request corresponds to a malware type. The first client apparatus receives a second local model corresponding to each of the one or more second client apparatuses from each of the one or more second client apparatuses. The first client apparatus generates a plurality of node sequences based on a first local model and each of the second local models. The first client apparatus merges the first local model and each of the second local models based on the node sequences to generate a local model set.

Abstract: An information security device and method thereof are provided. The information security device includes a transceiver, a register and a processor. The transceiver configured to receive scenario information of a company; The register configured to store multiple instructions and multiple databases; and the processor coupled to the transceiver and the register, and configured to execute the multiple instructions to: read first vulnerability related information and first event information from the multiple databases; generate at least one first intelligent graph according to the first vulnerability related information and the first event information, and generate a second intelligent graph according to the scenario information; and compare the at least one first intelligent graph with the second intelligent graph to identify at least one similarity between the at least one first intelligent graph and the second intelligent graph for determining whether the company has information security threat.

Abstract: A suspicious packet detection device and a suspicious packet detection method thereof are provided. The suspicious packet detection device captures an HTTP packet transmitted from an internal network to an external network, and based on an HTTP header of the HTTP packet, determines that the HTTP packet belongs to one of a browser category and an application category and identifies the HTTP packet as one of a normal packet and a suspicious packet. When the HTTP packet is identified as the normal packet, the suspicious packet detection device further verifies whether the HTTP packet is the suspicious packet or not by comparing the HTTP header with relevance information or by using a URL classification model.

Abstract: An attack path detection method, attack path detection system and non-transitory computer-readable medium are provided in this disclosure. The attack path detection method includes the following operations: establishing a connecting relationship among a plurality of hosts according to a host log set to generate a host association graph; labeling at least one host with an abnormal condition on the host association graph; calculating a risk value corresponding to each of the plurality of hosts; in a host without the abnormal condition, determining whether the risk value corresponding to the host without the abnormal condition is greater than a first threshold, and utilizing a host with the risk value greater than the first threshold as a high-risk host; and searching at least one host attach path from the high-risk host and the at least one host with the abnormal condition according to the connecting relationship of the host association graph.

Abstract: An abnormal flow detection device and an abnormal flow detection method thereof are provided. The abnormal flow detection device analyses a plurality of packets captured during a time interval to obtain a plurality of flow features of each packet and selects at least one key flow feature from the flow features based on a dimensionality reduction algorithm. The abnormal flow detection device trains a bidirectional generative adversarial network (BiGAN) by taking the at least one key flow feature of each packet as an input of the BiGAN to build a flow recognition model for detecting abnormal flows.

Abstract: An abnormal flow detection device and an abnormal flow detection method thereof are provided. The abnormal flow detection device analyses a plurality of packets captured during a time interval to obtain a plurality of flow features of each packet and selects at least one key flow feature from the flow features based on a dimensionality reduction algorithm. The abnormal flow detection device trains a bidirectional generative adversarial network (BiGAN) by taking the at least one key flow feature of each packet as an input of the BiGAN to build a flow recognition model for detecting abnormal flows.

Abstract: A suspicious packet detection device and a suspicious packet detection method thereof are provided. The suspicious packet detection device captures an HTTP packet transmitted from an internal network to an external network, and based on an HTTP header of the HTTP packet, determines that the HTTP packet belongs to one of a browser category and an application category and identifies the HTTP packet as one of a normal packet and a suspicious packet. When the HTTP packet is identified as the normal packet, the suspicious packet detection device further verifies whether the HTTP packet is the suspicious packet or not by comparing the HTTP header with relevance information or by using a URL classification model.