Abstract: In various examples, techniques for detecting occluded objects within an environment are described. For instance, systems and methods may receive training data representing images and ground truth data indicating whether the images are associated with occluded objects or whether the images are not associated with occluded objects. The systems and methods may then train a neural network to detect occluded objects using the training data and the ground truth data. After training, the systems and methods may use the neural network to detect occluded objects within an environment. For instance, while a vehicle is navigating, the vehicle may process sensor data using the neural network. The neural network may then output data indicating whether an object is located within the environment and occluded from view of the vehicle. In some examples, the neural network may further output additional information associated with the occluded object.

Abstract: A packed error correction code (ECC) technique opportunistically embeds ECC check-bits with compressed data. When compressed, the data is encoded in fewer bits and is therefore fragmented when stored or transmitted compared with the uncompressed data. The ECC check-bits may be packed with compressed data at “source” points. The check-bits are transmitted along with the compressed data and, at any “intermediate” point between the source and a “destination” the check-bits may be used to detect and correct errors in the compressed data. In contrast with conventional systems, packed ECC enables end-to-end coverage for sufficiently-compressed data within the processor and also externally. While storage circuitry typically is protected by structure-specific ECC, protection is also beneficial for data as it is transmitted between processing and/or storage units.

Abstract: A packed error correction code (ECC) technique opportunistically embeds ECC check-bits with compressed data. When compressed, the data is encoded in fewer bits and is therefore fragmented when stored or transmitted compared with the uncompressed data. The ECC check-bits may be packed with compressed data at “source” points. The check-bits are transmitted along with the compressed data and, at any “intermediate” point between the source and a “destination” the check-bits may be used to detect and correct errors in the compressed data. In contrast with conventional systems, packed ECC enables end-to-end coverage for sufficiently-compressed data within the processor and also externally. While storage circuitry typically is protected by structure-specific ECC, protection is also beneficial for data as it is transmitted between processing and/or storage units.

Abstract: A shingled magnetic recording hard disk drive that uses writeable cache tracks in the inter-band gaps between the annular data bands minimizes the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing to the cache tracks. Based on the relative FTE effect for all the tracks in a range of tracks of the cache track being written, a count increment (CI) table or a cumulative count increment (CCI) table is maintained. For every writing to a cache track, a count for each track in an adjacent boundary region, or a cumulative count for each adjacent boundary region, is increased. When the count value for a track, or the cumulative count for a boundary region, reaches a predetermined threshold the data is read from that band and rewritten to the same band.

Abstract: A shingled magnetic recording hard disk drive that uses writeable cache tracks in the inter-band gaps between the annular data bands minimizes the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing to the cache tracks. Based on the relative FTE effect for all the tracks in a range of tracks of the cache track being written, a count increment (CI) table or a cumulative count increment (CCI) table is maintained. For every writing to a cache track, a count for each track in an adjacent boundary region, or a cumulative count for each adjacent boundary region, is increased. When the count value for a track, or the cumulative count for a boundary region, reaches a predetermined threshold the data is read from that band and rewritten to the same band.

Abstract: A shingled magnetic recording (SMR) hard disk drive (HDD) essentially eliminates the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing in the boundary regions of adjacent annular data bands. The extent of the FTE effect is determined for each track within a range of tracks of the track being written. Based on the relative FTE effect for all the tracks in the range, a count increment (CI) table or a cumulative count increment (CCI) table is maintained for all the tracks in the range. For every writing to a track in a boundary region, a count for each track in an adjacent boundary region, or a cumulative count for the adjacent boundary region, is increased. When the count reaches a predetermined threshold the data is read from that band and rewritten to the same band.

Abstract: A shingled magnetic recording (SMR) hard disk drive (HDD) essentially eliminates the effect of far track erasure (FTE) in the boundary regions of annular data bands caused by writing in the boundary regions of adjacent annular data bands. The extent of the FTE effect is determined for each track within a range of tracks of the track being written. Based on the relative FTE effect for all the tracks in the range, a count increment (CI) table or a cumulative count increment (CCI) table is maintained for all the tracks in the range. For every writing to a track in a boundary region, a count for each track in an adjacent boundary region, or a cumulative count for the adjacent boundary region, is increased. When the count reaches a predetermined threshold the data is read from that band and rewritten to the same band.

Abstract: Secure timestamps created by a data storage device are described. Metadata timestamp is created for each recorded unit of data (such as a sector) The HDD performs the time-stamping in a secure manner. The timestamp is made secure by performing a secure operation (i.e. one that can only be performed by the HDD) using the data and timestamp. The secure operation uses a secure key that is built-in to the storage device and is not readable outside of the device. In some embodiments the secure operation is encryption using the secure key. In other embodiments the secure operation is a hash code function (such as a Hash-based Message Authentication Code (HMAC) function) that uses the secure key to generate a hash code using at least the recorded data and the timestamp as input. The hash code is then included in the metadata that is recorded for the data unit.

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract: A method and apparatus for automatically determining whether a security vulnerability alert is relevant to a device (e.g., personal computer, server, personal digital assistant [PDA], etc.), and automatically retrieving the associated software patches for relevant alerts, are disclosed. The illustrative embodiment intelligently determines whether the software application specified by a security vulnerability alert is resident on the device, whether the version of the software application on the device matches that of the security vulnerability alert, and whether the device's hardware platform and operating system match those of the security vulnerability alert.

Abstract: A method and apparatus for automatically determining whether a security vulnerability alert is relevant to a device (e.g., personal computer, server, personal digital assistant [PDA], etc.), and automatically retrieving the associated software patches for relevant alerts, are disclosed. The illustrative embodiment intelligently determines whether the software application specified by a security vulnerability alert is resident on the device, whether the version of the software application on the device matches that of the security vulnerability alert, and whether the device's hardware platform and operating system match those of the security vulnerability alert.

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract: A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Abstract: A method for Real-time Transport Protocol (RTP) packet authentication on a packet data network. In particular, the invention relates to a method for preventing toll fraud, privacy compromise, voice quality degradation, or denial of service (DoS) on Voice over IP networks. The Real-time Transport Protocol (RTP) is susceptible to several security attacks, including thirdparty snooping of private conversations, injection of forged content, and introduction or modification of packets to degrade voice quality. The Secure Real-time Transport Protocol (SRTP) provides confidentiality, message authentication, and replay protection for RTP traffic. However, SRTP incurs an additional overhead to verify the HMAC-SHA1 message authentication code for each packet. SRTP+ significantly decrease the verification overhead compared to SRTP and thereby increases the number of faked packets required to mount a successful denial of service attack. SRTP+ provides packet authentication but not integrity.