Mitigating Exploits, Rootkits and Advanced Persistent Threats
|
|
- Polly Mills
- 6 years ago
- Views:
Transcription
1 Mitigating Exploits, Rootkits and Advanced Persistent Threats David Durham, Senior Principal Engineer Intel Corporation Hot Chips Tutorial 1 Hot Chips 2014 Tutorial
2 Agenda Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 2 Hot Chips 2014 Tutorial
3 Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 3 Hot Chips 2014 Tutorial
4 Increasingly Sophisticated Attacks Operation Aurora: Google announced an attack targeting it and what is believed to be more than 30 other companies. CNET January 12, 2010 Stuxnet: a novel way to use computers to sabotage an enemy's lifeline infrastructure suggests a powerful new kind of weapon is moving within reach of weak states, militant groups and criminals Reuters Nov 30, 2010 The Heartbleed Vulnerability: What It Is and How It Affects You: Heartbleed is not a virus, but rather a mistake written into OpenSSL April 2014 Banking Malware (SpyEye) Monitors Victims by Hijacking Webcams and Microphones May 2012, PCWorld Meet Flame, The Massive Spy Malware designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. May 2012, Wired 4 Hot Chips 2014 Tutorial
5 Malware Signatures More & More Malware samples continue sharp rise Polymorphic viruses Methods of packing, redistributing existing malware Looking for known malware misses 0-days and targeted attacks 5 Hot Chips 2014 Tutorial
6 0-Day: Vulnerability, Armed, Exploited Sample: APSA13-02 Exploit Analysis Stack Pivot Shared Address Space Stack Pivot RET write RET Code RET write Sand write box write Stack Heap Emerging Stack Pivoting Exploits Bypass Common Security- APSA13-02 exploit: 6 Hot Chips 2014 Tutorial
7 Generalized Attack Vectors Circumvent Disable Shared Address Space Shared Address Space FuncA FuncB Malware Damage Resource Input Validation Bypass Internal Functions Return Oriented Programming Valid kernel components Attack External Depend encies Corrupt driver / malicious code Shared Address Space Data Pages write write write Comp write A Inject/Modify write write Comp write B write Buffer Overflow Eavesdrop Shared Address Space Write Secret Secret Key Read Malware 7 Hot Chips 2014 Tutorial
8 Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 8 Hot Chips 2014 Tutorial
9 Monitor Report Paradigm Shift Signature Behavior Malicious App App Anti- Virus Attack OS Kernel IA Processor Monitor behavior Detect onset of the attack Prevent suspicious access Behavior-based detection to stop zero-day attacks 9 Hot Chips 2014 Tutorial
10 Putting the Defenses Together Trusted Launch Measurement Software Isolation Device Isolation Crypto Acceleration Introspection Acceleration Supervisory Execution Prevention Forward Looking Buffer Overflow Protections Minimal TCB Intel AES- NI Intel TXT Intel OS Guard Intel VT Virtualization Exceptions Intel VT-d Intel MPX VM Functions Intel SGX Intel Trusted Execution Technology (Intel TXT) Intel Virtualization Technology (Intel VT) for Directed I/O (Intel VT-d) Intel Virtualization Technology (Intel VT) Intel Memory Protection Extensions (Intel MPX) Intel Software Guard Extensions (Intel SGX) 10 Hot Chips 2014 Tutorial
11 Evolution of Memory Protections Privilege levels based on protection rings Multiple virtual machine isolation Granular isolation within an address space Page Level Protections OS VM VM VM VM Ring-3 OS OS OS OS Ring-0 IA IA VMM IA Memory View EPT IA IA IA IA Reduce the attack surface while minimizing overhead 11 Hot Chips 2014 Tutorial
12 Overlaying Granular Protections Memory Manager Memory Manager Page Tables Special Drivers Driver Needing PT Access Other Driver Library Routines (e.g., bcopy) Other Driver Accommodates existing OS methodology and legacy code 12 Hot Chips 2014 Tutorial
13 Accelerating Granular Isolation Intel Virtualization Technology (Intel VT) enables protections beyond the OS Overlays additional protections and monitoring policies by enabling memory views Provides continuous detection of illicit behaviors Process Kernel module Further Subdivide OS and Applications DLL App Code JIT Kernel module Kernel module Kernel Accelerated using VM Functions and Virtualization Exceptions Measured Launch Additional Monitoring: Privileged software monitors OS activity Monitor 13 Hot Chips 2014 Tutorial
14 Extended Page Tables for Isolation within VM VM Function (VMFUNC) to switch EPTs under guest Virtualization Exceptions (VE) directly notify guest of EPT access violations VMFUNC Memory View 1 Memory View 2 VM 0 VMFUNC EPT Walker TLBs CPU 0 Use VMFUNC to cross EPT domains Hypervisor Intel VT-x with EPT Physical Pages #VE Extended Page Tables (EPT) Extended Page Table Pointer List indexed by VMFUNC Report EPT Violations Via VE 14 Intel Hot Chips 2014 Tutorial Virtualization Technology for IA-32, Intel 64 and Intel Architecture (Intel VT-x)
15 Granular Isolation (Before) Execution View1 Additional Overhead View2 R-X EPT fault R-- R-- VMX Root Monitor R-X EPT fault R-X R-- R-- (read-only) R-X (read-execute) 15 Hot Chips 2014 Tutorial
16 Granular Isolation with VM Functions Execution EPT 1 EPT 2 R-X R-- VMFUNC 0 R-- R-X R-X R-- (read-only) R-X (read-execute) VMFUNC 0 R-- Enforce Control Flow Integrity with Intel VT 16 Hot Chips 2014 Tutorial
17 Monitoring with Virtualization Exceptions Execution EPT 1 Guest code EPT 2 Page using VMFUNC0 VMFUNC (0) R-X R-- R-- Guest #VE Handler R-X R-X R-- (read-only) R-X (readexecute) R-- EPT Exceptions directed to the guest 17 Hot Chips 2014 Tutorial
18 VM Function for Switching Relative Performance Comparison Varies Varies Context Switching Privilege Level State Save Virtual Machine Switching Monitor Overhead VMFUNC Switching New Paging Hierarchy 18 Hot Chips 2014 Tutorial
19 Layering Virtualization and Introspection Inner Guest 1 VIDT VIDT Memory X View Memory X View W View Memory Inner VMM vepts Server VMM VMX-root with Nested VT septs Intel CPU w/ VT-x2 Handler #VE Inner Guest N Inner VMM N Root VMM supports VT nesting (with EPT shadowing) Root VMM and guest opt-in to enable features VMFUNC switches authorized EPTs without engaging VMM(s) EPT violations reported via #VE to guest directly No VM Exits for guest policies No additional overhead for VMMs Root VMM decides which pages #VE and which will VM Exit Disambiguates copy-on-write and other VMM notification needs EPT Violation ->#VE controls Enables efficient introspection across multiple VMs 19 Hot Chips 2014 Tutorial
20 Revisiting Attack Vectors FuncA Circumvent Shared Address Space FuncB Malware Disable Shared Address Space Damage Resource Input Validation Bypass Internal Functions Return Oriented Programming Inject/Modify Shared Address Space Valid kernel components Attack External Depend encies Corrupt driver / malicious code Eavesdrop Shared Address Space write write Hidden Page write Comp write A write write Comp write B write Buffer Overflow Write Secret Secret Key Read Malware Overlay memory views to monitor software behavior 20 Hot Chips 2014 Tutorial
21 Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 21 Hot Chips 2014 Tutorial
22 Overlaying Protections: Things to Consider Registers Memory Mappings Async Events May also address external devices depending on usage 22 Hot Chips 2014 Tutorial
23 Monitoring Processor Registers VMM can be configured to intercept changes to: Model Specific Registers Control Registers Debug Registers Descriptor Tables (IDTR ) Mode dependent VMCS determines what registers to monitor GPRs including the stack pointer can be checked at boundaries and on events Guest Memory Memory mov View View CR VMX-root Memory View VMCS Selects what exits Intel VT CPU Registers VM Exit Monitor processor state to prevent attacks 23 Hot Chips 2014 Tutorial
24 Page Table Edit Control CR3 Target List Write Protect!W!W!W Prevent attacks that remap virtual memory 24 Hot Chips 2014 Tutorial
25 Interrupts & Asynchronous Events Protect Interrupt Descriptor Table & Register Trust Interrupt Service Routines or own ISR stub Stub code protects state Stack General Purpose Registers IDTR Exiting Base Limit IDTR IDT Read Only ISRs ISRs ISRs Read Only Protect or intercept asynchronous paths 25 Hot Chips 2014 Tutorial
26 Devices Device space configuration Programmed IO in/out Relocation of device registers in memory/bar change Trigger VM Exit Memory Mapped IO Device registers Covered by EPT policy DMA Buffers in memory Covered by EPT policy Address Space D e v i c e s D R A M Memory View Intel VT-d protects against compromised devices 26 Intel Virtualization Technology (Intel VT) for Directed I/O (Intel VT-d) Hot Chips 2014 Tutorial
27 Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 27 Hot Chips 2014 Tutorial
28 McAfee Deep Defender Overview McAfee DeepSAFE technology in the McAfee Deep Defender product can safely monitor writes to critical memory assets The Deep Defender component within the operating system understands the O/S layout and rootkit techniques The DeepSAFE component uses CPU primitives to monitor CPU and memory so that pages containing sensitive code and data are access-controlled 28 Hot Chips 2014 Tutorial
29 Providing Better Protections Input Audio Storage Video 29 Hot Chips 2014 Tutorial
30 Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 30 Hot Chips 2014 Tutorial
31 Democratizing Security Software relies on a Trusted Execution Environment (TEE) in case other defenses fail Isolated hardware and restricted modes limit use A future where there are enough TEEs for all? TEE VIPs Only Scaling Trusted Execution Environments for the many 31 Hot Chips 2014 Tutorial
32 Trust How Many? Trusted Computing Base (TCB): Set of all hardware, firmware & software part of a trusted environment Minimizing the TCB: Remove Software Stacks Remove Drivers Remove Devices Remove Firmware... Trust us 32 Hot Chips 2014 Tutorial
33 Trust The Processor 33 Hot Chips 2014 Tutorial
34 Scaling Trust with a Minimal TCB Threat surface reduction Define precise trust boundaries Proxy App Proxy App Proxy App Remove extraneous components from the trust boundary Reduce TCB to the processor OS VMM Processor Scalable security within mainstream environment Intel Software Guard Extensions Programming Reference: 34 Hot Chips 2014 Tutorial
35 Utilize Existing Instruction Set Security Primitives E.g. Intel Advanced Encryption Standard New Instructions: AESKEYGENASSIST AESIMC ShiftRows() InvShiftRows() SubBytes() InvSubBytes() MixColumns() AddRoundKey() AddRoundKey() AESENC AESENCLAST InvShiftRows() ShiftRows() InvSubBytes() SubBytes() InvMixColumns() AddRoundKey() AddRoundKey() AESDEC AESDECLAST And many more Enclave App A Enclave App B OS VMM 35 Hot Chips 2014 Tutorial
36 Problem Better Protection Solid Foundations Usages Minimizing TCB Summary 36 Hot Chips 2014 Tutorial
37 Summary Increasingly sophisticated attacks require better defenses Moving from signatures to behavioral models Next generation processors deliver new capabilities for advanced software monitoring and protection Ability to layer protections over legacy software Minimizing the Trusted Computing Base is the next step 37 Hot Chips 2014 Tutorial
38 Biography David Durham is a Senior Principal Engineer and Director in Intel Labs. His research team developed anti-malware and cryptographic security features currently found in hundreds of millions of Intel processors. David also developed policy-based network management technologies, created security solutions shipping in Intel vpro platforms and worked with McAfee to deliver virtualization-based anti-malware products. Collaborating with industry leaders, his team developed IEEE security protocols and advanced network access control capabilities now embedded in tens of millions of Intel platforms. He is a prolific author on computer communications, having written a book, multiple publications and several Internet protocol standards deployed in millions of connected devices. David received two Intel Achievement Awards, was granted over 100 US and international patents and earned his B.S. and M.S. degrees in Computer Engineering from Rensselaer Polytechnic Institute. 38 Hot Chips 2014 Tutorial
39 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. A "Mission Critical Application" is any application in which failure of the Intel Product could result, directly or indirectly, in personal injury or death. SHOULD YOU PURCHASE OR USE INTEL'S PRODUCTS FOR ANY SUCH MISSION CRITICAL APPLICATION, YOU SHALL INDEMNIFY AND HOLD INTEL AND ITS SUBSIDIARIES, SUBCONTRACTORS AND AFFILIATES, AND THE DIRECTORS, OFFICERS, AND EMPLOYEES OF EACH, HARMLESS AGAINST ALL CLAIMS COSTS, DAMAGES, AND EXPENSES AND REASONABLE ATTORNEYS' FEES ARISING OUT OF, DIRECTLY OR INDIRECTLY, ANY CLAIM OF PRODUCT LIABILITY, PERSONAL INJURY, OR DEATH ARISING IN ANY WAY OUT OF SUCH MISSION CRITICAL APPLICATION, WHETHER OR NOT INTEL OR ITS SUBCONTRACTOR WAS NEGLIGENT IN THE DESIGN, MANUFACTURE, OR WARNING OF THE INTEL PRODUCT OR ANY OF ITS PARTS. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked "reserved" or "undefined". Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information. The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling , or go to: Intel Virtualization Technology (Intel VT) requires a computer system with an enabled Intel processor, BIOS, and virtual machine monitor (VMM). Functionality, performance or other benefits will vary depending on hardware and software configurations. Software applications may not be compatible with all operating systems. Consult your PC manufacturer. For more information, visit Intel, Look Inside and the Intel logo are trademarks of Intel Corporation in the United States and other countries. *Other names and brands may be claimed as the property of others. Copyright Intel Corporation. All rights reserved. 39 Hot Chips 2014 Tutorial
Intel Cache Acceleration Software for Windows* Workstation
Intel Cache Acceleration Software for Windows* Workstation Release 3.1 Release Notes July 8, 2016 Revision 1.3 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS
More informationHow to Create a.cibd File from Mentor Xpedition for HLDRC
How to Create a.cibd File from Mentor Xpedition for HLDRC White Paper May 2015 Document Number: 052889-1.0 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS
More informationHow to Create a.cibd/.cce File from Mentor Xpedition for HLDRC
How to Create a.cibd/.cce File from Mentor Xpedition for HLDRC White Paper August 2017 Document Number: 052889-1.2 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationOpenCL* and Microsoft DirectX* Video Acceleration Surface Sharing
OpenCL* and Microsoft DirectX* Video Acceleration Surface Sharing Intel SDK for OpenCL* Applications Sample Documentation Copyright 2010 2012 Intel Corporation All Rights Reserved Document Number: 327281-001US
More informationDrive Recovery Panel
Drive Recovery Panel Don Verner Senior Application Engineer David Blunden Channel Application Engineering Mgr. Intel Corporation 1 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationIntel Atom Processor E3800 Product Family Development Kit Based on Intel Intelligent System Extended (ISX) Form Factor Reference Design
Intel Atom Processor E3800 Product Family Development Kit Based on Intel Intelligent System Extended (ISX) Form Factor Reference Design Quick Start Guide March 2014 Document Number: 330217-002 Legal Lines
More informationTheory and Practice of the Low-Power SATA Spec DevSleep
Theory and Practice of the Low-Power SATA Spec DevSleep Steven Wells Principal Engineer NVM Solutions Group, Intel August 2013 1 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationIntel RealSense Depth Module D400 Series Software Calibration Tool
Intel RealSense Depth Module D400 Series Software Calibration Tool Release Notes January 29, 2018 Version 2.5.2.0 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationIntel Cache Acceleration Software - Workstation
Intel Cache Acceleration Software - Workstation Version 2.7.0 Order Number: x-009 Contents INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY
More informationIntel RealSense D400 Series Calibration Tools and API Release Notes
Intel RealSense D400 Series Calibration Tools and API Release Notes July 9, 2018 Version 2.6.4.0 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED,
More information4th Generation Intel Core vpro Processors with Intel VMCS Shadowing
white paper 4th Generation Intel Core vpro Processors with Intel VMCS Shadowing Enhancing the Performance of Citrix XenClient and McAfee Deep Defender* Contents Executive Summary... 1 Hardware-Assisted
More informationIntel Virtualization Technology Roadmap and VT-d Support in Xen
Intel Virtualization Technology Roadmap and VT-d Support in Xen Jun Nakajima Intel Open Source Technology Center Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS.
More informationIntel Atom Processor E6xx Series Embedded Application Power Guideline Addendum January 2012
Intel Atom Processor E6xx Series Embedded Application Power Guideline Addendum January 2012 Document Number: 324956-003 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationThe Intel SSD Pro 2500 Series Guide for Microsoft edrive* Activation
The Intel SSD Pro 2500 Series Guide for Microsoft edrive* Activation Solutions Blueprint January 2015 Order Number: 330880-002US INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS.
More informationEvolving Small Cells. Udayan Mukherjee Senior Principal Engineer and Director (Wireless Infrastructure)
Evolving Small Cells Udayan Mukherjee Senior Principal Engineer and Director (Wireless Infrastructure) Intelligent Heterogeneous Network Optimum User Experience Fibre-optic Connected Macro Base stations
More informationIntel Atom Processor D2000 Series and N2000 Series Embedded Application Power Guideline Addendum January 2012
Intel Atom Processor D2000 Series and N2000 Series Embedded Application Power Guideline Addendum January 2012 Document Number: 326673-001 Background INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationIntel Manageability Commander User Guide
Intel Manageability Commander User Guide Document Release Date: October 27, 2016 Legal Information INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED,
More informationIntel USB 3.0 extensible Host Controller Driver
Intel USB 3.0 extensible Host Controller Driver Release Notes (5.0.4.43) Unified driver September 2018 Revision 1.2 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationIntel Cache Acceleration Software (Intel CAS) for Linux* v2.9 (GA)
Intel Cache Acceleration Software (Intel CAS) for Linux* v2.9 (GA) Release Notes June 2015 Revision 010 Document Number: 328497-010 Notice: This document contains information on products in the design
More information2013 Intel Corporation
2013 Intel Corporation Intel Open Source Graphics Programmer s Reference Manual (PRM) for the 2013 Intel Core Processor Family, including Intel HD Graphics, Intel Iris Graphics and Intel Iris Pro Graphics
More informationIntel Open Source HD Graphics Programmers' Reference Manual (PRM)
Intel Open Source HD Graphics Programmers' Reference Manual (PRM) Volume 13: Memory-mapped Input/Output (MMIO) For the 2014-2015 Intel Atom Processors, Celeron Processors and Pentium Processors based on
More informationBitonic Sorting. Intel SDK for OpenCL* Applications Sample Documentation. Copyright Intel Corporation. All Rights Reserved
Intel SDK for OpenCL* Applications Sample Documentation Copyright 2010 2012 Intel Corporation All Rights Reserved Document Number: 325262-002US Revision: 1.3 World Wide Web: http://www.intel.com Document
More informationTrue Scale Fabric Switches Series
True Scale Fabric Switches 12000 Series Order Number: H53559001US Legal Lines and Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED,
More informationIntel Open Source HD Graphics, Intel Iris Graphics, and Intel Iris Pro Graphics
Intel Open Source HD Graphics, Intel Iris Graphics, and Intel Iris Pro Graphics Programmer's Reference Manual For the 2015-2016 Intel Core Processors, Celeron Processors, and Pentium Processors based on
More informationIntel Core TM Processor i C Embedded Application Power Guideline Addendum
Intel Core TM Processor i3-2115 C Embedded Application Power Guideline Addendum August 2012 Document Number: 327874-001US INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO
More informationIntel Integrated Native Developer Experience 2015 (OS X* host)
Intel Integrated Native Developer Experience 2015 (OS X* host) Release Notes and Installation Guide 24 September 2014 Intended Audience Software developers interested in a cross-platform productivity suite
More informationIntel Graphics Virtualization Technology. Kevin Tian Graphics Virtualization Architect
Intel Graphics Virtualization Technology Kevin Tian Graphics Virtualization Architect Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR
More informationReference Boot Loader from Intel
Document Number: 328739-001 Introduction INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationIntel Manycore Platform Software Stack (Intel MPSS)
Intel Manycore Platform Software Stack (Intel MPSS) README (Windows*) Copyright 2012 2014 Intel Corporation All Rights Reserved Document Number: 328510-001US Revision: 3.4 World Wide Web: http://www.intel.com
More informationCustomizing an Android* OS with Intel Build Tool Suite for Android* v1.1 Process Guide
Customizing an Android* OS with Intel Build Tool Suite for Android* v1.1 Process Guide May 2015, Revision 1.5 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS
More informationIntel Dynamic Platform and Thermal Framework (Intel DPTF), Client Version 8.X
Intel Dynamic Platform and Thermal Framework (Intel DPTF), Client Version 8.X 8.1.10300.137 PV Release Release Notes March 2015 1 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS.
More informationProduct Change Notification
Product Change Notification Change Notification #: 114547-01 Change Title: Intel Dual Band Wireless-AC 3165 SKUs: 3165.NGWG.I; 3165.NGWGA.I; 3165.NGWG.S; 3165.NGWG; 3165.NGWGA.S; 3165.NGWGA, PCN 114547-01,
More informationIntel SDK for OpenCL* - Sample for OpenCL* and Intel Media SDK Interoperability
Intel SDK for OpenCL* - Sample for OpenCL* and Intel Media SDK Interoperability User s Guide Copyright 2010 2012 Intel Corporation All Rights Reserved Document Number: 327283-001US Revision: 1.0 World
More informationProduct Change Notification
Product Change Notification Change Notification #: 114137-00 Change Title: Intel Dual Band Wireless-AC 8260, Intel Dual Band Wireless-N 8260, SKUs: 8260.NGWMG.NVS, 8260.NGWMG.S, 8260.NGWMG, 8260.NGWMG.NV
More informationKrzysztof Laskowski, Intel Pavan K Lanka, Intel
Krzysztof Laskowski, Intel Pavan K Lanka, Intel Legal Notices and Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR
More informationINTEL PERCEPTUAL COMPUTING SDK. How To Use the Privacy Notification Tool
INTEL PERCEPTUAL COMPUTING SDK How To Use the Privacy Notification Tool LEGAL DISCLAIMER THIS DOCUMENT CONTAINS INFORMATION ON PRODUCTS IN THE DESIGN PHASE OF DEVELOPMENT. INFORMATION IN THIS DOCUMENT
More informationLED Manager for Intel NUC
LED Manager for Intel NUC User Guide Version 1.0.0 March 14, 2018 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO
More informationData Plane Development Kit
Data Plane Development Kit Quality of Service (QoS) Cristian Dumitrescu SW Architect - Intel Apr 21, 2015 1 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS.
More informationMICHAL MROZEK ZBIGNIEW ZDANOWICZ
MICHAL MROZEK ZBIGNIEW ZDANOWICZ Legal Notices and Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY
More informationProduct Change Notification
Product Change Notification Change Notification #: 114332-00 Change Title: Intel Dual Band Wireless-AC 7260, Intel Dual Band Wireless-N 7260, Intel Wireless-N 7260, SKUs: 7260.NGIANG, 7260.NGIG, 7260.NGINBG,
More informationIntel s Architecture for NFV
Intel s Architecture for NFV Evolution from specialized technology to mainstream programming Net Futures 2015 Network applications Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationSample for OpenCL* and DirectX* Video Acceleration Surface Sharing
Sample for OpenCL* and DirectX* Video Acceleration Surface Sharing User s Guide Intel SDK for OpenCL* Applications Sample Documentation Copyright 2010 2013 Intel Corporation All Rights Reserved Document
More informationIntel Embedded Media and Graphics Driver v1.12 for Intel Atom Processor N2000 and D2000 Series
Intel Embedded Media and Graphics Driver v1.12 for Intel Processor N2000 and D2000 Series Specification Update July 2012 Notice: The Intel Embedded Media and Graphics Drivers may contain design defects
More informationProduct Change Notification
Product Change Notification 113412-00 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationIntel Core TM i7-4702ec Processor for Communications Infrastructure
Intel Core TM i7-4702ec Processor for Communications Infrastructure Application Power Guidelines Addendum May 2014 Document Number: 330009-001US Introduction INFORMATION IN THIS DOCUMENT IS PROVIDED IN
More informationUsing the Intel VTune Amplifier 2013 on Embedded Platforms
Using the Intel VTune Amplifier 2013 on Embedded Platforms Introduction This guide explains the usage of the Intel VTune Amplifier for performance and power analysis on embedded devices. Overview VTune
More informationProduct Change Notification
Product Change Notification Change Notification #: 114216-00 Change Title: Intel SSD 730 Series (240GB, 480GB, 2.5in SATA 6Gb/s, 20nm, MLC) 7mm, Generic Single Pack, Intel SSD 730 Series (240GB, 480GB,
More informationLustre Beyond HPC. Presented to the Lustre* User Group Beijing October 2013
Lustre Beyond HPC Presented to the Lustre* User Group Beijing October 2013 Brent Gorda General Manager High Performance Data Division, Intel Corpora:on Agenda From Whamcloud to Intel Today s Storage Challenges
More informationNested Virtualization Update From Intel. Xiantao Zhang, Eddie Dong Intel Corporation
Nested Virtualization Update From Intel Xiantao Zhang, Eddie Dong Intel Corporation Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED,
More informationIntel Open Source HD Graphics. Programmer's Reference Manual
Intel Open Source HD Graphics Programmer's Reference Manual For the 2016 Intel Atom Processors, Celeron Processors, and Pentium Processors based on the "Apollo Lake" Platform (Broxton Graphics) Volume
More informationDesktop 4th Generation Intel Core, Intel Pentium, and Intel Celeron Processor Families and Intel Xeon Processor E3-1268L v3
Desktop 4th Generation Intel Core, Intel Pentium, and Intel Celeron Processor Families and Intel Xeon Processor E3-1268L v3 Addendum May 2014 Document Number: 329174-004US Introduction INFORMATION IN THIS
More informationI/O virtualization. Jiang, Yunhong Yang, Xiaowei Software and Service Group 2009 虚拟化技术全国高校师资研讨班
I/O virtualization Jiang, Yunhong Yang, Xiaowei 1 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationIntel Galileo Firmware Updater Tool
User Guide August 2017 Revision 002 Document Number: 332076-002 Notice: This document contains information on products in the design phase of development. The information here is subject to change without
More informationProduct Change Notification
Product Change Notification Change Notification #: 115169-01 Change Title: Intel Dual Band Wireless-AC 8265 SKUs: 8265.D2WMLG; 8265.D2WMLG.NV; 8265.D2WMLG.NVH; 8265.D2WMLGH; 8265.D2WMLG.NVS; 8265.D2WMLG.S;
More informationIntroduction to Intel Boot Loader Development Kit (Intel BLDK) Intel SSG/SSD/UEFI
Introduction to Intel Boot Loader Development Kit (Intel BLDK) Intel SSG/SSD/UEFI Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED,
More informationProduct Change Notification
Product Change Notification 112177-01 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationProduct Change Notification
Product Change Notification Change Notification #: 114258-00 Change Title: Intel SSD DC S3710 Series (200GB, 400GB, 800GB, 1.2TB, 2.5in SATA 6Gb/s, 20nm, MLC) 7mm, Generic 50 Pack Intel SSD DC S3710 Series
More informationProduct Change Notification
Product Change Notification Change Notification #: 115990-00 Change Title: Select SKUs for Intel Optane SSD 900P Series PCN 115990-00, Label, Label Updates Date of Publication: December 12, 2017 Key Characteristics
More informationProduct Change Notification
Product Change Notification Change Notification #: 115338-00 Change Title: Intel Dual Band Wireless-AC 7265 and Intel Dual Band Wireless-N 7265 SKUs: 7265.NGWANG.W; 7265.NGWG.NVBR; 7265.NGWG.NVW; 7265.NGWG.W;
More informationIntel 64 and IA-32 Architectures Software Developer s Manual
Intel 64 and IA-32 Architectures Software Developer s Manual Volume 1: Basic Architecture NOTE: The Intel 64 and IA-32 Architectures Software Developer's Manual consists of seven volumes: Basic Architecture,
More informationIntel Desktop Board DZ68DB
Intel Desktop Board DZ68DB Specification Update April 2011 Part Number: G31558-001 The Intel Desktop Board DZ68DB may contain design defects or errors known as errata, which may cause the product to deviate
More informationMaking Nested Virtualization Real by Using Hardware Virtualization Features
Making Nested Virtualization Real by Using Hardware Virtualization Features May 28, 2013 Jun Nakajima Intel Corporation 1 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL
More informationProduct Change Notification
Product Change Notification Change Notification #: 115007-00 Change Title: Select Intel SSD 530 Series, Intel SSD 535 Series, Intel SSD E 5410s Series, Intel SSD E 5420s Series, Intel SSD PRO 2500 Series,
More informationProduct Change Notification
Product Notification Notification #: 114712-01 Title: Intel SSD 750 Series, Intel SSD DC P3500 Series, Intel SSD DC P3600 Series, Intel SSD DC P3608 Series, Intel SSD DC P3700 Series, PCN 114712-01, Product
More informationData Center Efficiency Workshop Commentary-Intel
Data Center Efficiency Workshop Commentary-Intel Henry M.L. Wong Sr. Staff Technologist Technology Integration Engineering Intel Corporation Legal Notices This presentation is for informational purposes
More informationProduct Change Notification
Product Change Notification Change Notification #: 115962-00 Change Title: For Select Intel SSD DC S3520 Series SKUs, PCN 115962-00, Label, Label Updates Date of Publication: November 29, 2017 Key Characteristics
More informationProduct Change Notification
Product Change Notification Change Notification #: 114840-00 Change Title: Intel Omni-Path Host Fabric Interface Adapter 100 Series 1 Port PCIe x16 Standard 100HFA016FS, Intel Omni-Path Host Fabric Interface
More informationProduct Change Notification
Product Change Notification Change Notification #: 115772-00 Change Title: memory, NUC7i3BNHX1, memory, NUC7i5BNHX1, memory, NUC7i7BNHX1, Intel NUC Kit, NUC7i3BNH, Intel NUC Kit, NUC7i3BNK, Intel NUC Kit,
More informationProduct Change Notification
Product Change Notification 112087-00 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationProduct Change Notification
Product Change Notification Change Notification #: 116199-00 Change Title: Intel NUC Kit, NUC7i3BNK, Intel NUC Kit, NUC7i3BNH, Intel NUC Kit, NUC7i5BNK, Intel NUC Kit, NUC7i5BNH, Intel NUC Kit, NUC7i7BNH,
More informationProduct Change Notification
Product Change Notification Change Notification #: 114473-00 Change Title: Intel LLVT7028A103, LLVT7028A102, MHVT7037B001, FMVT7014E302, and LQVT7040B003 Processors PCN 114473-00, Manufacturing Site, Product
More informationProduct Change Notification
Product Change Notification Change Notification #: 115107-00 Change Title: Intel Ethernet Converged Network Adapter X520 - DA1, E10G41BTDAPG1P5,, MM#927066, Intel Ethernet Converged Network Adapter X520
More informationProduct Change Notification
Product Change Notification Change Notification #: 116437-02 Change Title: For select Intel SSD 545s Series, Intel SSD E5100s Series, Intel SSD Pro 5450s Series and Intel SSD DC S3110 Series, PCN 116437-02,
More informationIntel Ethernet Controller I350 Frequently Asked Questions (FAQs)
Intel Ethernet Controller I350 Frequently Asked Questions (FAQs) Networking Division (ND) June 2014 Revision 2.2 Legal By using this document, in addition to any agreements you have with Intel, you accept
More informationProduct Change Notification
Product Change Notification Change Notification #: 115842-01 Change Title: Intel Compute Card CD1C64GK, Intel Compute Card CD1P64GK, PCN 115842-01, Product Design, Label, Product Material BIOS and Firmware
More informationData Center Energy Efficiency Using Intel Intelligent Power Node Manager and Intel Data Center Manager
Data Center Energy Efficiency Using Intel Intelligent Power Node Manager and Intel Data Center Manager Deploying Intel Intelligent Power Node Manager and Intel Data Center Manager with a proper power policy
More informationProduct Change Notification
Product Change Notification Change Notification #: 116562-00 Change Title: For select Intel SSD 545s Series, Intel SSD Pro 5450s Series, Intel SSD E5100s Series, and Intel SSD DC S3110 Series, PCN 116562-00,
More informationIntel vpro Technology Virtual Seminar 2010
Intel Software Network Connecting Developers. Building Community. Intel vpro Technology Virtual Seminar 2010 Getting to know Intel Active Management Technology 6.0 Fast and Free Software Assessment Tools
More informationProduct Change Notification
Product Change Notification Change Notification #: 116437-00 Change Title: For select Intel SSD 545s Series, Intel SSD E5100s Series, and Intel SSD DC S3110 Series, PCN 116437-00, Product Design, Label,
More informationOMNI-PATH FABRIC TOPOLOGIES AND ROUTING
13th ANNUAL WORKSHOP 2017 OMNI-PATH FABRIC TOPOLOGIES AND ROUTING Renae Weber, Software Architect Intel Corporation March 30, 2017 LEGAL DISCLAIMERS INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationProduct Change Notification
Product Change Notification Change Notification #: 115190-03 Change Title: Intel Omni-Path Director Class Switch 100 Series 24 Slot Base 1MM 100SWD24B1N Date of Publication: March 1, 2017 Intel Omni-Path
More informationProduct Change Notification
Product Change Notification Change Notification #: 115446-01 Change Title: Intel Dual Band Wireless-AC 7260 SKUs: SG83348, 7260.HMWG.R, 7260.HMWG.NVR, 7260.HMWWB.R, 7260.HMWG.S1R, Intel Dual Band Wireless-AC
More informationExtended Page Tables (EPT) A VMM must protect host physical memory Multiple guest operating systems share the same host physical memory VMM typically implements protections through page-table shadowing
More informationProduct Change Notification
Product Change Notification 111962-00 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationIntel 7510/7512 Scalable Memory Buffer
Intel 7510/7512 Scalable Memory Buffer June 2013 Document Number: 325123-002 Notice: This document contains information on products in the design phase of development. The information here is subject to
More informationProduct Change Notification
Product Change Notification Change Notification #: 116381-00 Change Title: Intel NUC Kit NUC7i3DNKE Intel NUC Kit NUC7i3DNHE Intel NUC Board NUC7i3DNBE Intel NUC 7 Business, a mini PC with Intel Core i3
More informationProduct Change Notification
Product Change Notification Change Notification #: 114927-00 Change Title: Intel True Scale Fabric products, PCN 114927-00, Product Discontinuance, End Of Life Date of Publication: September 30, 2016 Key
More informationProduct Change Notification
Product Change Notification 113028-02 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationSolid-State Drive System Optimizations In Data Center Applications
Solid-State Drive System Optimizations In Data Center Applications Tahmid Rahman Senior Technical Marketing Engineer Non Volatile Memory Solutions Group Intel Corporation Flash Memory Summit 2011 Santa
More informationIntel Virtualization Technology for Directed I/O
Intel Virtualization Technology for Directed I/O Architecture Specification May 27 Revision:. Order Number: D5397-2 Legal Lines and Disclaimers Copyright 27, Intel Corporation. All Rights Reserved. Intel
More informationOperating System Security
Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.
More informationProduct Change Notification
Product Change Notification Change Notification #: 116560-01 Change Title: Intel Dual Band Wireless-AC 7265, Intel Dual Band Wireless-N 7265, and Intel Wireless-N 7265: 7265.NGWG; 7265.NGWG.IW; 7265.NGWG.NVW;
More informationIntel vpro Technology Virtual Seminar 2010
Intel Software Network Connecting Developers. Building Community. Intel vpro Technology Virtual Seminar 2010 Getting to know Intel Active Management Technology 6.0 Remote Encryption Management Andy Schiestl
More informationIntel Virtualization Technology for Directed I/O Architecture Specification
Intel Virtualization Technology for Directed I/O Architecture Specification February 2006 Order Number: D51397-001 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationKVM for IA64. Anthony Xu
KVM for IA64 Anthony Xu Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY
More informationProduct Change Notification
Product Change Notification Change Notification #: 115736-00 Change Title: Intel Omni-Path Edge Switch 100 Series 24 Port Managed Forward 2 PSU 100SWE24QF2, Port Managed Forward 1 PSU 100SWE48QF1, Port
More informationIntel vpro Technology Virtual Seminar 2010
Intel Software Network Connecting Developers. Building Community. Intel vpro Technology Virtual Seminar 2010 Getting to know Intel Active Management Technology 6.0 Intel Active Management Technology (AMT)
More informationProduct Change Notification
Product Change Notification Change Notification #: 116386-01 Change Title: Intel Dual Band Wireless-AC 8265 SKUs: 8265.D2WMLG; 8265.D2WMLG.NV; 8265.D2WMLG.S; 8265.D2WMLG.NVS; 8265.D2WMLGH; 8265.D2WMLG.NVH,
More informationProduct Change Notification
Page 1 of 8 Product Change Notification Change Notification #: 115395-01 Change Title: Intel Omni-Path Edge Switch 100 Series 24 Port Managed Forward 2 PSU 100SWE24QF2, Intel Omni-Path Edge Switch 100
More informationIntel Analysis of Speculative Execution Side Channels
Intel Analysis of Speculative Execution Side Channels White Paper Revision 1.0 January 2018 Document Number: 336983-001 Intel technologies features and benefits depend on system configuration and may require
More information