Abstract: A method including configuring a first server to receive, from a second server, an encrypted authentication packet to enable the first server and the second server to conduct an authentication process, the encrypted authentication packet including a crypted code field indicating that a portion of the encrypted authentication packet is encrypted and a crypted payload including an encrypted initial authentication packet; and configuring the first server to transmit, to the second server, a response based at least in part on determining that the portion of the encrypted authentication packet is encrypted and on decrypting the encrypted initial authentication packet. Various other aspects are contemplated.

Abstract: A method comparing, by a user device, an observed characteristic with a determined characteristic, the observed characteristic indicating a current feature included in a current communication associated with a current entity with which the user device is communicating and the determined characteristic indicating an authentic feature included in an authentic communication associated with an authentic entity with which the user device intends to communicate; selectively matching, by the user device based on a result of comparing the observed characteristic with the determined characteristic, current communication information associated with the current communication with authentic communication information associated with the authentic communication; and determining, by the user device based on a result of selectively matching the current communication information with the authentic communication information, that the current entity is the authentic entity or that the current entity is not the authentic entity.

Abstract: In an embodiment, systems and methods for detecting malware are provided. A server trains a static malware model and a dynamic malware model to detect malware in files. The models are distributed to a plurality of user devices for use by antimalware software executing on the user devices. When a user device receives a file, the static malware model is used to determine whether the file contains malware. If the static malware model is unable to make the determination, when the file is later executed, the dynamic malware model is used to determine whether the file contains malware. The file along with the determination made by the dynamic malware model are then provided to the server. The server then retrains the static malware model using the received files and the received determinations. The server then distributes the updated static malware model to each of the devices.

Abstract: A method including configuring a VPN server to receive, from a user device during an established VPN connection between the VPN server and the user device, a data request for the VPN server to retrieve data of interest from a host device; configuring the VPN server to utilize, during the established VPN connection, a first exit IP address to transmit a query to the host device for retrieving the data of interest; configuring the VPN server to determine, based on transmitting the query, that the first exit IP address is blocked by the host device; and configuring the VPN server to transmit, during the established VPN connection and based on determining that the first exit IP address is blocked, the data request to a secondary server to enable retransmission of the query to the host device by utilizing a second exit IP address is disclosed. Various other aspects are contemplated.

Abstract: A method including receiving, at a VPN server from a user device during an established VPN connection between the VPN server and the user device, a data request for the VPN server to retrieve data of interest from a host device; utilizing, by the VPN server during the established VPN connection, a first exit IP address to transmit a query to the host device for retrieving the data of interest; determining, by the VPN server based on transmitting the query, that the first exit IP address is blocked by the host device; and transmitting, by the VPN server during the established VPN connection and based on determining that the first exit IP address is blocked, the data request to a secondary server to enable retransmission of the query to the host device by utilizing a second exit IP address is disclosed. Various other aspects are contemplated.

Abstract: A method including configuring a VPN server to receive, from a user device during an established VPN connection between the VPN server and the user device, a data request for the VPN server to retrieve data of interest; configuring the VPN server to transmit, during the established VPN connection, a query to retrieve the data of interest based on utilizing a first exit IP address; configuring the VPN server to determine, based on transmitting the query, that the first exit IP address is blocked; configuring the VPN server to retrieve, during the established VPN connection and based on determining that the first exit IP address is blocked by the host device, the data of interest based on utilizing a second exit IP address; and configuring the VPN server to transmit, to the user device during the established VPN connection, the data of interest is disclosed. Various other aspects are contemplated.

Abstract: A method including receiving, at a VPN server from a user device, a data request for the VPN server to retrieve data of interest from a host device; transmitting, by the VPN server to the host device during the established VPN connection, a query to retrieve the data of interest based on utilizing a first exit IP address; and determining, by the VPN server based on transmitting the query, that the first exit IP address is blocked by the host device; retrieving, by the VPN server during the established VPN connection and based on determining that the first exit IP address is blocked by the host device, the data of interest based on utilizing a second exit IP address; and transmitting, by the VPN server to the user device during the established VPN connection, the data of interest retrieved based on utilizing the second exit IP address is disclosed.

Abstract: A first meshnet device in a mesh network, the first meshnet device configured to: determine a first range of first subnet IP addresses associated with a first LAN and a second range of second subnet IP addresses associated with a second LAN; determine a conflict that a first subnet IP address assigned to a first LAN device in the first LAN matches a second subnet IP address assigned to a second LAN device in the second LAN; map an association between an alternate IP address and the first subnet IP address; transmit, to a second meshnet device, the association between the alternate IP address and the first subnet IP address; and receive, from the second meshnet device, an initiation network packet to be transmitted to the first LAN device, the initiation network packet indicating the alternate IP address as a destination address is disclosed. Various other aspects are contemplated.

Abstract: The disclosure describes a mesh network including a first device and a second device. The first device transmits, to the second device, a query packet containing a DNS query for querying domain information of an external device, and the second device that transmits the DNS query to a DNS server to receive the domain information. The second device transmits, to the first device, the domain information of the external device. The first device transmits, to the second device, an initiation packet containing a network initiation packet for communicating with the external device, the network initiation packet including the domain information, and the second device transmits, over a network connection, the network initiation packet to the external device based on utilizing the domain information in the network initiation packet. The disclosure describes various other contemplated aspects.

Abstract: A method including receiving, by a first device from a second device via a meshnet connection in the mesh network, connection information associated with a LAN to which the second device is connected; calculating, by the first device based on utilizing the connection information, a range of subnet IP addresses associated with the LAN; determining, by the first device, that a LAN device is connected to the LAN based on determining that a sample subnet IP address associated with the LAN device falls within the range of subnet IP addresses associated with the LAN; and transmitting, by the first device to the second device via the meshnet connection in the mesh network, an initiation meshnet packet including information to be transmitted by the second device to the LAN device via a LAN connection between the second meshnet device and the LAN device is disclosed. Various other aspects are contemplated.

Abstract: A method including utilizing, by a VPN server, a first exit IP address to transmit a first query to a host device for retrieving data of interest requested by the user device; predicting or determining, by the VPN server, potential overloading of the VPN server; establishing, by the VPN server based on predicting or determining a breach, a secure connection with a secondary server to enable communication of encrypted information between the VPN server and the secondary server; and transmitting, by the VPN server to the secondary server over the secure connection, an encrypted message identifying the host device and the data of interest to enable the secondary server to transmit a second query to request the data of interest based at least in part on utilizing a second exit IP address, different from the first exit IP address is disclosed. Various other aspects are contemplated.

Abstract: A method including determining, by a device, an assigned key pair including an assigned public key and an assigned private key; determining, by the device for a folder including encrypted content, a folder access key pair including a folder access public key and a folder access private key; encrypting, by the device, the folder access private key by utilizing the assigned public key; and accessing, by the device, the encrypted content based at least in part on decrypting the folder access private key. Various other aspects are contemplated.

Abstract: A method for receiving, at a VPN server, a first data request for the VPN server to retrieve first data of interest from a first host device; utilizing, by the VPN server, a first exit IP address to transmit a first query for retrieving the first data of interest; determining, by the VPN server based on transmitting the first query, that the first exit IP address is blocked by the first host device; suspending, by the VPN server based on determining that the first exit IP address is blocked by the first host device, utilization of the first exit IP address for retrieving the first data of interest from the first host device; and utilizing, by the VPN server, the first exit IP address to transmit a second query for retrieving second data of interest from a second host device is disclosed. Various other aspects are contemplated.

Abstract: A method including analyzing affected data known to include harmful content, and clean data known to be free of the harmful content; determining, based on analyzing the affected data and the clean data, harmful traits that appear in the affected data with a frequency that satisfies a threshold frequency, and clean traits that appear in the clean data with the frequency that satisfies the threshold frequency; mixing the harmful traits and the clean traits to determine a mixed set; analyzing the affected data based on utilizing the mixed set to determine a harmful pattern that indicates characteristics associated with the harmful traits and the clean traits; and transmitting pattern information indicating the harmful pattern to enable the user device to determine whether given data includes the harmful content is disclosed. Various other aspects are contemplated.

Abstract: A method including receiving, by a manager device from an infrastructure device, an invitation link to enable the manager device to manage network services provided by the infrastructure device; receiving, by the manager device from the infrastructure device based on the manager device activating the invitation link, seed information including unique information associated with manager device to enable the manager device to determine authorization information; determining, by the manager device, the authorization information based on utilizing the unique information; transmitting, by the manager device to the infrastructure device, a manager request related to an action to be performed regarding the network services, the manager request being signed based on utilizing a portion of the authorization information; and performing, by the manager device based on authorization of the manager request by the infrastructure device, the action regarding the network services is disclosed.

Abstract: A method including receiving, by a user device, an encrypted version of a file in association with an encrypted version of metadata that is associated with the file; decrypting, by a user device, an encrypted version of a file symmetric key based at least in part on utilizing a master key to determine the file symmetric key; decrypting, by the user device, the encrypted version of the metadata based at least in part on utilizing the file symmetric key to determine a synchronization key included in the metadata; and decrypting, by the user device, the encrypted version of the file based at least in part on utilizing the synchronization key to determine an unencrypted version of the file is disclosed. Various other aspects are contemplated.

Abstract: A method including receiving, by an infrastructure device from a first user device, encrypted content and an encrypted first private key for storage in association with a first account registered by the first user device with the infrastructure device; receiving, by the infrastructure device from the first user device, identification information identifying a second user device; receiving, by the infrastructure device from the second user device, a restoration request to access the first account based at least in part on a determination that the first user device is unable to access the stored encrypted content; and enabling, by the infrastructure device based at least in part on receiving the identification information and the restoration request, access of the second user device to the encrypted content and the encrypted first private key to enable the second user device to decrypt the encrypted content is disclosed. Various other aspects are contemplated.

Abstract: A method including receiving, by a second user device, access to encrypted content and an encrypted first private key, the encrypted content being determined by utilizing a first private key associated with a first user device and the encrypted first private key being determined by utilizing a second public key associated with the second user device; determining, by the second user device, that the second user device is to restore access of the first user device to the content within a given duration of time set by the first user device; decrypting, by the second user device, the encrypted first private key by utilizing a second private key; decrypting, by the second user device, the encrypted content by utilizing the first private key to determine the content; and transmitting, by the second user device within the given duration of time, the content to the first user device is disclosed.

Abstract: Systems and method for URL filtering are provided herein. In some embodiments, a system includes a processor programmed to receive a URL request to access a resource associated with the URL; perform a first layer of URL filtering by comparing the URL to a blocklist of malicious URLs; determine that the URL does not match a URL on the blocklist; perform a second layer of filtering by applying a machine learning algorithm to analyze the URL to predict whether the URL is malicious; and generate and transmit a URL filter determination that the URL is malicious and update the blocklist to include the URL.

Abstract: A method including pre-authenticating, by an infrastructure device, a user device for obtaining communication services from a server, the pre-authenticating including determining a given duration of time and a communication parameter associated with a pre-authentication request received from the user device; and operating, by the infrastructure device, a port associated with the server in an activated mode for the given duration of time to enable the user device to transmit an authentication request indicating the communication parameter prior to an expiration of the given duration of time. Various other aspects are contemplated.