Abstract: A data processing method based on Trojan circuit detection includes controlling a processor, in a testing stage, to perform following steps: obtaining a plurality of characteristic values corresponding to a logic gate circuit; performing a distribution adjustment operation on the characteristic values to generate a plurality of adjusted characteristic values; and performing classification on the adjusted characteristic values to generate a logic identification result.

Abstract: A phase-change memory (PCM) cell is provided to include a first electrode, a second electrode, and a phase-change feature disposed between the first electrode and the second electrode. The phase-change feature is configured to change its data state based on a write operation performed on the PCM cell. The write operation includes a reset stage and a set stage. In the reset stage, a plurality of reset current pulses are applied to the PCM cell, and the reset current pulses have increasing current amplitudes. In the set stage, a plurality of set current pulses are applied to the PCM cell, and the set current pulses exhibit an increasing trend in current amplitude. The current amplitudes of the set current pulses are smaller than those of the reset current pulses.

Abstract: The present invention provides an encryption determining method. The method includes the following steps: receiving a side channel signal; generating a filtered side channel signal by filtering noise within the side channel signal; generating a phasor signal by utilizing a filter to covert the filtered side channel signal; locating the encrypted segment by calculating a periodicity of the phasor signal utilizing a standard deviation window; extracting at least one encrypted characteristic from the encrypted segment; and generating an encryption analytic result by recognizing the at least one encrypted characteristic according to a characteristic recognition model; wherein the encryption analytic result includes a position of the encrypted segment within the side channel signal, and an encryption type corresponding to the side channel signal. The present invention is able to automatically and efficiently locate the encryption segment and analyze the encryption type corresponding to the side channel signal.

Abstract: A file vulnerability detection method includes: translating a binary file into an intermediate file; analyzing the intermediate file to obtain multiple functions to be tested; establishing function characteristic data of each of the functions to be tested; and comparing correlations between the function characteristic data of each of the functions to be tested and at least one pair of characteristic data with vulnerability of at least one vulnerability function and characteristic data without vulnerability of the at least one vulnerability function in a vulnerability database based on a characteristic model to determine whether each of the functions to be tested corresponding to each function characteristic data has a vulnerability, wherein the characteristic model has information representing multiple back-end binary files generated by multiple back-end platforms, wherein the characteristic data with vulnerability has the vulnerability, and the characteristic data without vulnerability does not have the vuln

Abstract: A data processing method based on Trojan circuit detection includes controlling a processor, in a testing stage, to perform following steps: obtaining a plurality of characteristic values corresponding to a logic gate circuit; performing a distribution adjustment operation on the characteristic values to generate a plurality of adjusted characteristic values; and performing classification on the adjusted characteristic values to generate a logic identification result.

Abstract: A file vulnerability detection method includes: translating a binary file into an intermediate file; analyzing the intermediate file to obtain multiple functions to be tested; establishing function characteristic data of each of the functions to be tested; and comparing correlations between the function characteristic data of each of the functions to be tested and at least one pair of characteristic data with vulnerability of at least one vulnerability function and characteristic data without vulnerability of the at least one vulnerability function in a vulnerability database based on a characteristic model to determine whether each of the functions to be tested corresponding to each function characteristic data has a vulnerability, wherein the characteristic model has information representing multiple back-end binary files generated by multiple back-end platforms, wherein the characteristic data with vulnerability has the vulnerability, and the characteristic data without vulnerability does not have the vuln

Abstract: A monitor apparatus, method, and non-transitory computer readable storage medium thereof are provided. The monitor method is adapted for an electronic computing apparatus, wherein the electronic computing apparatus stores a smart contract and a blockchain ledger of a blockchain system. The monitor method periodically executes the following steps: (a) obtaining a piece of behavior information of a first electronic apparatus at a time point, (b) retrieving, via the smart contract, a plurality of pieces of previous behavior information within a time interval from the blockchain ledger, wherein the time interval is defined by the time point, and each piece of previous behavior information corresponds to one of a plurality of second electronic apparatuses and the first electronic apparatus, (c) determining a legality of the piece of behavior information according to the pieces of previous behavior information, and (d) writing the behavior information into the blockchain ledger.

Abstract: A detection method comprising: (A) transmitting a to-be tested file to a first testing machine by the processing device; wherein the first testing machine uses for executing the to-be tested file; (B) monitoring that whether a component usage of the first testing machine is higher than a default threshold during a period of executing the to-be tested file by the processing device; and (C) when the component usage of the first testing machine is higher than the default threshold, the memory forensics module analyzes the memory space of the first testing machine to determine that whether the to-be tested file comprises a malware program and generate an analyzing result.

Abstract: A monitor apparatus, method, and non-transitory computer readable storage medium thereof are provided. The monitor method is adapted for an electronic computing apparatus, wherein the electronic computing apparatus stores a smart contract and a blockchain ledger of a blockchain system. The monitor method periodically executes the following steps: (a) obtaining a piece of behavior information of a first electronic apparatus at a time point, (b) retrieving, via the smart contract, a plurality of pieces of previous behavior information within a time interval from the blockchain ledger, wherein the time interval is defined by the time point, and each piece of previous behavior information corresponds to one of a plurality of second electronic apparatuses and the first electronic apparatus, (c) determining a legality of the piece of behavior information according to the pieces of previous behavior information, and (d) writing the behavior information into the blockchain ledger.

Abstract: A detection method comprising: (A) transmitting a to-be tested file to a first testing machine by the processing device; wherein the first testing machine uses for executing the to-be tested file; (B) monitoring that whether a component usage of the first testing machine is higher than a default threshold during a period of executing the to-be tested file by the processing device; and (C) when the component usage of the first testing machine is higher than the default threshold, the memory forensics module analyzes the memory space of the first testing machine to determine that whether the to-be tested file comprises a malware program and generate an analyzing result.