Patents by Inventor Tugrul Ince
Tugrul Ince has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220113952Abstract: A disclosed example includes generating a binary translation of a native code section in response to a determination that the binary translation of the native code section is not present in a translation cache; storing the binary translation of the native code section in the translation cache; determining that a stop has occurred during the generation of the binary translation; subsequent to the determination that the stop has occurred, generating a binary translation state map of at least a portion of the binary translation; storing, for at least a portion of a duration of the stop, the binary translation state map in memory; and discarding the binary translation state map from the memory upon termination of the stop, the binary translation state map to not exist after the discard of the binary translation state map.Type: ApplicationFiled: December 23, 2021Publication date: April 14, 2022Inventors: Tugrul Ince, Koichi Yamada
-
Patent number: 11210074Abstract: The present disclosure is directed to a system for on-demand binary translation state map generation. Instead of interpreting the native code to be executed, binary translation circuitry (BT circuitry) may execute a binary translation (BT) in place of the native code. When a stop occurs (e.g., due to an interrupt, a modification of the native code, etc.), the BT circuitry may generate a binary translation state map (BT state map) that allows the location of the stop to be mapped back to the native code. Generation of the BT state map may involve determining a location and offset for the stop, performing region formation based on the location, loading instructions from the region (e.g., while accounting for the need to emulate instructions), forming the BT state map based at least on the size of the loaded instructions, and then mapping the stop back to the native code utilizing the offset.Type: GrantFiled: June 27, 2016Date of Patent: December 28, 2021Assignee: Intel CorporationInventors: Tugrul Ince, Koichi Yamada
-
Patent number: 10565379Abstract: In one embodiment, an apparatus includes an execution monitor to monitor an application in execution, identify a code region, generate region information for the code region, and analyze the code region to identify potential malicious behavior, and if the potential malicious behavior is identified, to alert a security agent, and otherwise to enable the code region to execute, where the execution monitor is isolated from the application. Other embodiments are described and claimed.Type: GrantFiled: May 31, 2017Date of Patent: February 18, 2020Assignee: Intel CorporationInventors: Koichi Yamada, Tugrul Ince, Paul A. Campbell, Jiunn-Yeu Chen
-
Patent number: 10395033Abstract: In one embodiment, a binary translator to perform binary translation of code is to: perform a first binary analysis of a first code block to determine whether a second control transfer instruction is included in the first code block, where the first code block includes a return target of a first control transfer instruction; perform a second binary analysis of a second code block to determine whether the second code block includes the first control transfer instruction, where the second code block includes a call target of the second control transfer instruction; and store an address pair associated with the first control transfer instruction in a whitelist if the second control transfer instruction is included in the first code block and the first control transfer instruction is included in the second code block. Other embodiments are described and claimed.Type: GrantFiled: September 30, 2016Date of Patent: August 27, 2019Assignee: Intel CorporationInventors: Tugrul Ince, Koichi Yamada, Ajay Harikumar, Alex Nayshtut
-
Patent number: 10162616Abstract: The present disclosure is directed to a system for binary translation version protection. Activity occurring in a device that may potentially cause native code to be altered may cause the device to prevent binary translations corresponding to the native code from being executed until a determination is made as to whether the binary translation needs to be regenerated. The native code may be stored in a memory page having an access permission that does not permit writes. Attempts to alter the native code would require the access permission of the memory page to be set to writable, which may cause a binary translation (BT) module to be notified of the potential change. The BT module may mark any binary translations corresponding to the native code as stale, and may cause a page permission control module to update memory pages including the binary translations to have an access permission of non-executable.Type: GrantFiled: June 26, 2015Date of Patent: December 25, 2018Assignee: Intel CorporationInventors: Tugrul Ince, Koichi Yamada
-
Publication number: 20180349603Abstract: In one embodiment, an apparatus includes an execution monitor to monitor an application in execution, identify a code region, generate region information for the code region, and analyze the code region to identify potential malicious behavior, and if the potential malicious behavior is identified, to alert a security agent, and otherwise to enable the code region to execute, where the execution monitor is isolated from the application. Other embodiments are described and claimed.Type: ApplicationFiled: May 31, 2017Publication date: December 6, 2018Inventors: Koichi Yamada, Tugrul Ince, Paul A. Campbell, Jiunn-Yeu Chen
-
Publication number: 20180096147Abstract: In one embodiment, a binary translator to perform binary translation of code is to: perform a first binary analysis of a first code block to determine whether a second control transfer instruction is included in the first code block, where the first code block includes a return target of a first control transfer instruction; perform a second binary analysis of a second code block to determine whether the second code block includes the first control transfer instruction, where the second code block includes a call target of the second control transfer instruction; and store an address pair associated with the first control transfer instruction in a whitelist if the second control transfer instruction is included in the first code block and the first control transfer instruction is included in the second code block. Other embodiments are described and claimed.Type: ApplicationFiled: September 30, 2016Publication date: April 5, 2018Inventors: Tugrul Ince, Koichi Yamada, Ajay Harikumar, Alex Nayshtut
-
Publication number: 20170371634Abstract: The present disclosure is directed to a system for on-demand binary translation state map generation. Instead of interpreting the native code to be executed, binary translation circuitry (BT circuitry) may execute a binary translation (BT) in place of the native code. When a stop occurs (e.g., due to an interrupt, a modification of the native code, etc.), the BT circuitry may generate a binary translation state map (BT state map) that allows the location of the stop to be mapped back to the native code. Generation of the BT state map may involve determining a location and offset for the stop, performing region formation based on the location, loading instructions from the region (e.g., while accounting for the need to emulate instructions), forming the BT state map based at least on the size of the loaded instructions, and then mapping the stop back to the native code utilizing the offset.Type: ApplicationFiled: June 27, 2016Publication date: December 28, 2017Applicant: Intel CorporationInventors: TUGRUL INCE, KOICHI YAMADA
-
Publication number: 20170090927Abstract: Embodiments of an invention for control transfer instructions indicating intent to call or return are disclosed. In one embodiment, a processor includes a return target predictor, instruction hardware, and execution hardware. The instruction hardware is to receive a first instruction, a second instruction, and a third instruction, and the execution hardware to execute the first instruction, the second instruction, and the third instruction. Execution of the first instruction is to store a first return address on a stack and to transfer control to a first target address. Execution of the second instruction is to store a second return address in the return target predictor and transfer control to a second target address. Execution of the third instruction is to transfer control to the second target address.Type: ApplicationFiled: September 30, 2015Publication date: March 30, 2017Inventors: Paul Caprioli, KOICHI YAMADA, TUGRUL INCE
-
Publication number: 20160378446Abstract: The present disclosure is directed to a system for binary translation version protection. Activity occurring in a device that may potentially cause native code to be altered may cause the device to prevent binary translations corresponding to the native code from being executed until a determination is made as to whether the binary translation needs to be regenerated. The native code may be stored in a memory page having an access permission that does not permit writes. Attempts to alter the native code would require the access permission of the memory page to be set to writable, which may cause a binary translation (BT) module to be notified of the potential change. The BT module may mark any binary translations corresponding to the native code as stale, and may cause a page permission control module to update memory pages including the binary translations to have an access permission of non-executable.Type: ApplicationFiled: June 26, 2015Publication date: December 29, 2016Applicant: INTEL CORPORATIONInventors: TUGRUL INCE, KOICHI YAMADA
-
Patent number: 9477453Abstract: Technologies for shadow stack management include a computing device that, when executing a translated call routine in a translated binary, pushes a native return address on to a native stack of the computing device, adds a constant offset to a stack pointer of the computing device, executes a native call instruction to a translated call target, and, after executing the native call instruction, subtracts the constant offset from the stack pointer. Executing the native call instruction pushes a translated return address onto a shadow stack of the computing device. The computing device may map two or more virtual memory pages of the shadow stack onto a single physical memory page. The computing device may execute a translated return routine that pops the native return address from the native stack, adds the constant offset to the stack pointer, and executes a native return instruction. Other embodiments are described and claimed.Type: GrantFiled: June 24, 2015Date of Patent: October 25, 2016Assignee: Intel CorporationInventors: Tugrul Ince, Koichi Yamada, Paul Caprioli, Jiwei Lu