Patents by Inventor Yinqian Zhang

Yinqian Zhang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12254087
    Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.
    Type: Grant
    Filed: May 17, 2022
    Date of Patent: March 18, 2025
    Inventors: Huibo Wang, Kang Li, Mengyuan Li, Yinqian Zhang, Yueqiang Cheng
  • Publication number: 20230097604
    Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.
    Type: Application
    Filed: May 17, 2022
    Publication date: March 30, 2023
    Applicant: Baidu USA LLC
    Inventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
  • Publication number: 20230097216
    Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.
    Type: Application
    Filed: May 17, 2022
    Publication date: March 30, 2023
    Applicant: Baidu USA LLC
    Inventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
  • Publication number: 20230098117
    Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.
    Type: Application
    Filed: May 17, 2022
    Publication date: March 30, 2023
    Applicant: Baidu USA LLC
    Inventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
  • Publication number: 20230059273
    Abstract: AMD's Secure Encrypted Virtualization (SEV) is a hardware extension available in AMD's EPYC™ server processors to support confidential cloud computing. Although known attacks against SEV, which exploit its lack of encryption in the virtual machine (VM) control block or the lack of integrity protection of the encrypted memory and nested page tables, have been addressed in subsequent releases of SEV-Encrypted State (SEV-ES) and SEV-Secure Nested Paging (SEV-SNP), a new CipherLeaks attack presents a previously unexplored vulnerability for SEV-ES and SEV-SNP. The attack allows a privileged adversary to infer a guest VM's execution states or recover certain plaintext, e.g., to steal private keys from the constant-time implementation of the Rivest-Shamir-Adleman (RSA) algorithm and the Elliptic Curve Digital Signature Algorithm (ECDSA) in the latest OpenSSL library.
    Type: Application
    Filed: April 7, 2022
    Publication date: February 23, 2023
    Applicant: Baidu USA LLC
    Inventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
  • Patent number: 9009385
    Abstract: At least one virtual machine implemented on a given physical machine in an information processing system is able to detect the presence of one or more other virtual machines that are also co-resident on that same physical machine. More particularly, at least one virtual machine is configured to avoid usage of a selected portion of a memory resource of the physical machine for a period of time, and to monitor the selected portion of the memory resource for activity during the period of time. Detection of a sufficient level of such activity indicates that the physical machine is also being shared by at least one other virtual machine. The memory resource of the physical machine may comprise, for example, a cache memory, and the selected portion of the memory resource may comprise one or more randomly selected sets of the cache memory.
    Type: Grant
    Filed: June 30, 2011
    Date of Patent: April 14, 2015
    Assignee: EMC Corporation
    Inventors: Ari Juels, Alina M. Oprea, Michael Kendrick Reiter, Yinqian Zhang
  • Patent number: 8935675
    Abstract: A method includes receiving a budget cost for monitoring a plurality of tracepoints that occur as a result of operation of a device. The method further includes organizing a plurality of tracepoints into buckets such that each of the buckets corresponds to a range of expected interarrival times, and all tracepoints in a bucket have an expected interarrival time that is within the range for that bucket. The method further includes assigning a trigger to a first plurality of the bucketed tracepoints to yield a plurality of triggered tracepoints, wherein the triggers are proportionally assigned such that a tracepoint having a low expected interarrival time is less likely to be assigned a trigger than an tracepoint having a associated expected interarrival time such that an expected cost of the triggered tracepoints does not exceed the budget cost. Additionally, the method includes monitoring tracepoint occurrence during a first period of operation.
    Type: Grant
    Filed: September 25, 2013
    Date of Patent: January 13, 2015
    Assignee: Google Inc.
    Inventors: Michael Daniel Vrable, Ulfar Erlingsson, Yinqian Zhang
  • Patent number: 8689282
    Abstract: Cloud infrastructure of a cloud service provider comprises a processing platform implementing a security policy enforcement framework. The security policy enforcement framework comprises a policy analyzer that is configured to identify at least one security policy associated with at least one tenant of the cloud service provider, to analyze the security policy against configuration information characterizing the cloud infrastructure of the cloud service provider, and to control execution of one or more applications of said at least one tenant within the cloud infrastructure in accordance with the security policy, based at least in part on one or more results of the analysis of the security policy. The security policy enforcement framework may be implemented in a platform-as-a-service (PaaS) layer of the cloud infrastructure, and may comprise a runtime controller, an operating system controller, a hypervisor controller and a PaaS controller.
    Type: Grant
    Filed: December 23, 2011
    Date of Patent: April 1, 2014
    Assignees: EMC Corporation, University of North Carolina at Chapel Hill
    Inventors: Alina M. Oprea, Yinqian Zhang, Vijay Ganti, John P. Field, Ari Juels, Michael Kendrick Reiter