Patents by Inventor Shabbir Ahmed

Shabbir Ahmed has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200143053
    Abstract: Logic may implement observation layer intrusion detection systems (IDSs) to combine observations by intrusion detectors and/or other intrusion detection systems. Logic may monitor one or more control units at one or more observation layers of an in-vehicle network, each of the one or more control units to perform a vehicle function. Logic may combine observations of the one or more control units at the one or more observation layers. Logic may determine, based on a combination of the observations, that one or more of the observations represent an intrusion. Logic may determine, based at least on the observations, characteristics of an attack, and to pass the characteristics of the attack information to a forensic logging system to log the attack or pass the characteristics of the attack to a recovery system for informed selection of recovery procedures. Logic may dynamically adjust a threshold for detection of suspicious activity.
    Type: Application
    Filed: December 26, 2019
    Publication date: May 7, 2020
    Inventors: Christopher N. Gutierrez, Marcio Juliato, Shabbir Ahmed, Qian Wang, Manoj Sastry, Liuyang L. Yang, Xiruo Liu
  • Publication number: 20200128409
    Abstract: Systems, apparatus, methods, and techniques for reporting an attack or intrusion into an in-vehicle network are provided. The attack can be broadcast to connected vehicles over a vehicle-to-vehicle network. The broadcast can include an indication of a sub-system involved in the attack and can include a request for assistance in recovering from the attack. Connected vehicles can broadcast responses over the vehicle-to-vehicle network. The responses can include indications of data related to the compromised sub-system. The vehicle can receive the responses and can use the responses to recover from the attack, such as, estimate data.
    Type: Application
    Filed: December 19, 2019
    Publication date: April 23, 2020
    Applicant: Intel Corporation
    Inventors: LIUYANG YANG, XIRUO LIU, MANOJ SASTRY, MARCIO JULIATO, SHABBIR AHMED, CHRISTOPHER GUTIERREZ
  • Publication number: 20200128031
    Abstract: Systems, methods, computer-readable storage media, and apparatuses to provide active attack detection in autonomous vehicle networks. An apparatus may comprise a plurality of electronic control units communicably coupled by a network, and logic, at least a portion of which is implemented in hardware, the logic to: receive an indication from a first electronic control unit (ECU) of the plurality of ECUs specifying to transmit a first data frame via the network, determine, based on a message identifier (ID) of the first ECU, whether a transmit window for the first ECU is open, and permit the first ECU to transmit the first data frame via the network based on a determination that the transmit window for the first ECU is open.
    Type: Application
    Filed: December 20, 2019
    Publication date: April 23, 2020
    Applicant: Intel Corporation
    Inventors: MARCIO JULIATO, VUK LESI, SHABBIR AHMED, CHRISTOPHER GUTIERREZ, MANOJ SASTRY, LIUYANG YANG, XIRUO LIU
  • Publication number: 20200127848
    Abstract: Various embodiments are generally directed to providing authentication and confidentiality mechanisms for message communication over an in-vehicle network. For example, authentication data associated with a communicating node may be transmitted over the network by encoding different predefined voltage levels on top of the message bits of the message being communicated. Different voltage levels may represent different encodings, such as a bit-pair or any bit combination of the authentication data. In a further example, messaging confidentiality between at least two communicating nodes may be achieved by pseudo-randomly flipping, or scrambling, the dominant and recessive voltages of the entire message frame at the analog level based on a pseudo-random control bit sequence.
    Type: Application
    Filed: December 19, 2019
    Publication date: April 23, 2020
    Applicant: Intel Corporation
    Inventors: MARCIO JULIATO, SHABBIR AHMED, CHRISTOPHER GUTIERREZ, XIRUO LIU, MANOJ SASTRY, LIUYANG YANG
  • Publication number: 20200125097
    Abstract: Systems, methods, computer program products, and apparatuses for low latency, fully reconfigurable hardware logic for ensemble classification methods, such as random forests. An apparatus may comprise circuitry for an interconnect and circuitry for a random forest implemented in hardware. The random forest comprising a plurality of decision trees connected via the interconnect, each decision tree comprising a plurality of nodes connected via the interconnect. A first decision tree of the plurality of decision trees comprising a first node of the plurality of nodes to: receive a plurality of elements of feature data via the interconnect, select a first element of feature data, of the plurality of elements of feature data, based on a configuration of the first node, and generate an output based on the first element of feature data, an operation, and a reference value, the operation and reference value specified in the configuration of the first node.
    Type: Application
    Filed: December 18, 2019
    Publication date: April 23, 2020
    Applicant: Intel Corporation
    Inventors: MARCIO JULIATO, CHRISTOPHER GUTIERREZ, SHABBIR AHMED, MANOJ SASTRY, LIUYANG YANG, XIRUO LIU
  • Publication number: 20200128030
    Abstract: Systems, apparatuses, and methods to identify an electronic control unit transmitting a message on a communication bus, such as an in-vehicle network bus, are provided. ECUs transmit messages by manipulating voltage on conductive lines of the bus. Observation circuitry can observe voltage transitions associated with the transmission at multiple points on the in-vehicle network bus. A voltage waveform can be generated from the observed voltage transitions. ECUs can be identified and/or fingerprinted based on the generated waveforms.
    Type: Application
    Filed: December 19, 2019
    Publication date: April 23, 2020
    Applicant: Intel Corporation
    Inventors: SHABBIR AHMED, MARCIO JULIATO, CHRISTOPHER GUTIERREZ, MANOJ SASTRY, LIUYANG YANG, XIRUO LIU
  • Publication number: 20200117794
    Abstract: Systems, apparatuses, and techniques for establishing “ground truth” are provided. Particularly, establishing ground truth for electronic control units on a communication network after a context change has occurred are provided. Circuitry and instructions to generate unique feature sets from messages (e.g., transmitted by ECUs after a context change) and to match the unique feature sets to unique feature sets from ECU fingerprints to establish ground truth for the ECUs after the context shift.
    Type: Application
    Filed: December 12, 2019
    Publication date: April 16, 2020
    Applicant: Intel Corporation
    Inventors: SHABBIR AHMED, MARCIO JULIATO, CHRISTOPHER GUTIERREZ, MANOJ SASTRY, LIUYANG YANG, XIRUO LIU
  • Publication number: 20200120114
    Abstract: Techniques and screening messages based on tags in an automotive environment, such as, messages communicated via a communication bus, like the CAN bus. Messages can be tagged with either a binary or probabilistic tag indicating whether the message is fraudulent. ECUs coupled to the CAN bus can receive the messages and the message tags and can determine whether to fully consume the message based on the tag.
    Type: Application
    Filed: December 12, 2019
    Publication date: April 16, 2020
    Applicant: Intel Corporation
    Inventors: MARCIO JULIATO, MANOJ SASTRY, MICHAEL KARA-IVANOV, AVIAD KIPNIS, SHABBIR AHMED, CHRISTOPHER GUTIERREZ, VUK LESI
  • Publication number: 20190260772
    Abstract: Various systems and methods for bus-off attack detection are described herein. An electronic device for bus-off attack detection and prevention includes bus-off prevention circuitry coupled to a protected node on a bus, the bus-off prevention circuitry to: detect a transmitted message from the protected node to the bus; detect a bit mismatch of the transmitted message on the bus; suspend further transmissions from the protected node while the bus is analyzed; determine whether the bit mismatch represents a bus fault or an active attack against the protected node; and signal the protected node indicating whether a fault has occurred.
    Type: Application
    Filed: May 3, 2019
    Publication date: August 22, 2019
    Inventors: Marcio Rogerio Juliato, Shabbir Ahmed, Santosh Ghosh, Christopher Gutierrez, Manoj R. Sastry
  • Publication number: 20190158521
    Abstract: Methods, apparatus, systems and articles of manufacture are disclosed for anomaly detection and recovery. An apparatus to isolate a first controller in an autonomous vehicle includes a first controller to control a reference signal of the autonomous vehicle via a communication bus, a second controller to control the reference signal of the autonomous vehicle when the first controller is compromised, and a message neutralizer to neutralize messages transmitted by the first controller when the first controller is compromised, the neutralized messages to cause the first controller to become isolated from the communication bus.
    Type: Application
    Filed: December 28, 2018
    Publication date: May 23, 2019
    Inventors: Marcio Juliato, Liuyang Lily Yang, Manoj Sastry, Christopher Gutierrez, Shabbir Ahmed, Vuk Lesi
  • Publication number: 20190052654
    Abstract: A data processing system that provides for active prevention of masquerading attacks comprises a microcontroller, a transceiver, and an active attack prevention module (AAPM) in communication with the microcontroller and the transceiver. The microcontroller enables the data processing system to operate as a node in a vehicle control system (VCS). The transceiver enables the node to communicate with a local area network (LAN) of the VCS. The AAPM enables the node to monitor the LAN for messages. In response to detecting a message on the LAN, the AAPM automatically determines whether the message falsely identifies the node as a source, based on a value in an identifier field in the message. In response to determining that the message falsely identifies the node as the source, the AAPM automatically takes at least one remedial action to neutralize the message. Other embodiments are described and claimed.
    Type: Application
    Filed: July 3, 2018
    Publication date: February 14, 2019
    Inventors: Marcio Juliato, Shabbir Ahmed, Santosh Ghosh, Manoj R. Sastry
  • Publication number: 20190042738
    Abstract: Methods and apparatus relating to a physics-based approach for attack detection and/or localization in closed-loop controls for autonomous vehicles are described. In an embodiment, multiple state estimators are used to compute a set of residuals to detect, classify, and/or localize attacks. This allows for determination of an attacker's location and the kind of attack being perpetrated. Other embodiments are also disclosed and claimed.
    Type: Application
    Filed: June 28, 2018
    Publication date: February 7, 2019
    Applicant: Intel Corporation
    Inventors: MARCIO JULIATO, SHABBIR AHMED, MANOJ SASTRY, LIUYANG L. YANG, VUK LESI, LI ZHAO
  • Publication number: 20190039612
    Abstract: In an automated method for providing driving assistance, an electronic control unit (ECU) of a first driving assistance system of a first vehicle receives local object information from at least one sensing component of the first driving assistance system. The first driving assistance system automatically detects external objects outside of the first vehicle, based on the local object information received from the at least one sensing component. The first driving assistance system also receives a reported object list (ROL) from a second vehicle, wherein the ROL describes objects detected by a second driving assistance system in the second vehicle. The first driving assistance system also affects operation of the first vehicle, based on (a) the external objects detected by the first vehicle and (b) the ROL from the second vehicle. Other embodiments are described and claimed.
    Type: Application
    Filed: September 28, 2018
    Publication date: February 7, 2019
    Inventors: Liuyang Lily Yang, Manoj R. Sastry, Xiruo Liu, Moreno Ambrosin, Shabbir Ahmed, Marcio Juliato, Christopher N. Gutierrez
  • Publication number: 20190044912
    Abstract: There is disclosed in one example a computing apparatus, including: a hardware platform; a network interface to communicatively couple to a bus lacking native support for authentication; and an anomaly detection engine to operate on the hardware platform and configured to: receive a first data stream across a first time; symbolize and approximate the first data stream, including computing a first window sum; receive a second data stream across a second time substantially equal in length to the first time, the second data stream including data across the plurality of dimensions from the first data stream; symbolize and approximate the second data stream, including computing a second window sum; compute a difference between the first window sum and the second window sum; determine that difference exceeds a threshold and that the correlation across the plurality of dimensions is broken; and flag a potential anomaly.
    Type: Application
    Filed: March 30, 2018
    Publication date: February 7, 2019
    Applicant: Intel Corporation
    Inventors: Liuyang Lily Yang, Huaxin Li, Li Zhao, Marcio Juliato, Shabbir Ahmed, Manoj R. Sastry
  • Patent number: 10124764
    Abstract: Various systems and methods for intrusion detection are described herein. An electronic device for intrusion detection includes memory circuitry to store a set of signature voltage ratios and a corresponding set of node identifiers, each node identifier corresponding to a unique signature voltage ratio; and security circuitry to: compare voltages received at a first and second measuring point on a bus, the voltages resulting from a message transmitted by a sending node on the bus, the first measuring point providing a first voltage and the second measuring point providing a second voltage; calculate a test voltage ratio from the first voltage and the second voltage; determine whether the test voltage ratio is in the set of signature voltage ratios; and initiate a security response based on whether the test voltage ratio is in the set of signature voltage ratios.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: November 13, 2018
    Assignee: Intel Corporation
    Inventors: Shabbir Ahmed, Marcio Rogerio Juliato, Li Zhao, Manoj R. Sastry
  • Patent number: 9555366
    Abstract: Provided herein are methods and devices to enrich trace quantities of impurities in gaseous mixtures, such as hydrogen fuel. The methods and devices rely on concentration of impurities so as to allow the detection of the impurities using commonly-available detection methods.
    Type: Grant
    Filed: June 20, 2014
    Date of Patent: January 31, 2017
    Assignee: UChicago Argonne, LLC
    Inventors: Shabbir Ahmed, Dionissios D. Papadias, Sheldon D. H. Lee, Romesh Kumar
  • Publication number: 20140360372
    Abstract: Provided herein are methods and devices to enrich trace quantities of impurities in gaseous mixtures, such as hydrogen fuel. The methods and devices rely on concentration of impurities so as to allow the detection of the impurities using commonly-available detection methods.
    Type: Application
    Filed: June 20, 2014
    Publication date: December 11, 2014
    Inventors: Shabbir Ahmed, Dionissios D. Papadias, Sheldon D.H. Lee, Romesh Kumar
  • Patent number: 8814964
    Abstract: The invention provides a method for reforming fuel, the method comprising contacting the fuel to an oxidation catalyst so as to partially oxidize the fuel and generate heat; warming incoming fuel with the heat while simultaneously warming a reforming catalyst with the heat; and reacting the partially oxidized fuel with steam using the reforming catalyst.
    Type: Grant
    Filed: December 19, 2012
    Date of Patent: August 26, 2014
    Assignee: UChicago Argonne, LLC
    Inventors: Shabbir Ahmed, Dionissios D. Papadias, Sheldon H. D Lee, Rajesh K. Ahluwalia
  • Patent number: 8778694
    Abstract: Provided herein are batch methods and devices for enriching trace quantities of impurities in gaseous mixtures, such as hydrogen fuel. The methods and devices rely on concentrating impurities using hydrogen transport membranes wherein the time period for concentrating the sample is calculated on the basis of optimized membrane characteristics, comprising its thickness and permeance, with optimization of temperature, and wherein the enrichment of trace impurities is proportional to the pressure ratio Phi/Plo and the volume ratio V1/V2, with following detection of the impurities using commonly-available detection methods.
    Type: Grant
    Filed: July 13, 2010
    Date of Patent: July 15, 2014
    Assignee: Uchicago Argonne, LLC
    Inventors: Shabbir Ahmed, Sheldon H. D. Lee, Romesh Kumar, Dionissios D. Papadias
  • Patent number: D753304
    Type: Grant
    Filed: January 20, 2015
    Date of Patent: April 5, 2016
    Inventors: Shabbir Ahmed Gul, Randall E. Pardy