Abstract: Systems and methods for malware detection are provided herein. In some embodiments, a system having one or more processors is configured to: perform, on a plurality of user devices, at least one of a static analysis or a behavioral analysis of a file downloaded to a user device; receive a plurality of features extracted from the downloaded file; train at least one machine learning model, on a central server in communication with the plurality of user device, based on the plurality of features; distribute the at least one trained machine learning model to the plurality of user devices; and update at least one of a machine learning model used for the static analysis or behavioral analysis with the distributed at least one trained machine learning model.

Abstract: A method including configuring, by an infrastructure device, a first user device to select an encryption key, from among a plurality of encryption keys available to the first user device, for encrypting a metadata key that is utilized to encrypt metadata associated with a file; receiving, by the infrastructure device from the first user device, an encrypted metadata key; transmitting, by the infrastructure device to a second user device, the encrypted metadata key; and configuring, by the infrastructure device, the second user device to select a decryption key, from among a plurality of decryption keys available to the second user device, for decrypting the encrypted metadata key, the decryption key being associated with the encryption key is disclosed. Various other aspects are contemplated.

Abstract: A method including monitoring, by a first device communicating meshnet data via a meshnet connection with a second device in a mesh network, occurrence of a triggering event indicating that the first device and the second device are to communicate the meshnet data via a relay connection; determining, by the first device, occurrence of the triggering event based at least in part on a rate of communication of the meshnet data via the meshnet connection; and transmitting, by the first device to the second device based at least in part on determining the occurrence of the triggering event, a message indicating that the first device and the second device are to communicate the meshnet data via a relay connection is disclosed. Various other aspects are contemplated.

Abstract: A method and apparatus for generating a dynamic security certificate. The method creates an entropic element from user input, receives metadata from user input and generates a dynamic security certificate using the entropic element and the metadata. The dynamic security certificate is then trusted through user input.

Abstract: A method including receiving, by a second user device, an authentication message indicating that the second user device is to authenticate a first user device with a service provider that provides a service to the first user device; determining, by the second user device, one or more authentication factors associated with authenticating the first user device with the service provider; encrypting, by the second user device, the one or more authentication factors based at least in part on utilizing an encryption key associated with a trusted device included in the first user device; and transmitting, by the second user device, one or more encrypted authentication factors to enable authentication of the first user device with the service provider is disclosed. Various other aspects are contemplated.

Abstract: A method including configuring, by an infrastructure device, a first device to determine a symmetric sharing encryption key based at least in part on a content access private key of a content access key pair associated with encrypted content and an assigned public key associated with a second device; configuring, by the infrastructure device, the first device to encrypt the content access private key of the content access key pair associated with the encrypted content utilizing the sharing encryption key; and configuring, by the infrastructure device, the first device to transmit the encrypted content access private key to enable the second device to access the encrypted content is disclosed. Various other aspects are contemplated.

Abstract: A method including decrypting, by a user device based at least in part on utilizing a first trusted key generated by a trusted device, an assigned private key associated with the user device; decrypting, by the user device based at least in part on utilizing a second trusted key generated by the trusted device, a double-encrypted symmetric key to determine a single-encrypted symmetric key; decrypting, by the user device based at least in part on utilizing the assigned private key, the single-encrypted symmetric key to determine a symmetric key; and decrypting, by the user device based at least in part on utilizing the symmetric key, an encrypted folder stored on the user device to provide access to data included in the encrypted folder. Various other aspects and techniques are contemplated.

Abstract: A method including configuring a security device to store, in a database, a trusted fingerprint determined based at least in part on encrypting trusted connection information included in a trusted transmission packet received from a trusted source application; configuring the security device to determine a current fingerprint based at least in part on encrypting current connection information included in a current transmission packet received from a current source application; configuring the security device to compare the current fingerprint with the trusted fingerprint; and configuring the security device to process the current transmission packet based at least in part on a result of comparing the current fingerprint with the trusted fingerprint. Various other aspects are contemplated.

Abstract: A method including determining, by a device, an assigned key pair including an assigned public key and an assigned private key; determining, by the device for a folder including encrypted content, a folder access key pair including a folder access public key and a folder access private key; encrypting, by the device, the folder access private key by utilizing the assigned public key; and accessing, by the device, the encrypted content based at least in part on decrypting the folder access private key. Various other aspects are contemplated.

Abstract: A method including receiving, by a receiving device from a transmitting device, a sharing link to be utilized by the receiving device to obtain access to encrypted content that is stored in a storage device, the sharing link including static portion information to enable the receiving device to reach the storage device and dynamic portion information including an identifier that uniquely identifies the receiving device; transmitting, by the receiving device to the storage device based at least in part on utilizing the static portion information, a request to access the encrypted content; and receiving, by the receiving device from the storage device, access to the encrypted content based at least in part on transmitting the request is disclosed. Various other aspects are contemplated.

Abstract: A method including receiving, by a security device from a network device, an initial security instruction set including a plurality of initial security instructions associated with operation of the security device; receiving, by the security device from the network device, an event signal associated with the security device carrying out a network-facing operation; transmitting, by the security device to the network device based on receiving the event signal, a security instruction associated with the security device carrying out the network-facing operation, the security instruction being from among the plurality of initial security instructions; receiving, by the security device from the network device based on transmitting the security instruction, communication information to enable the security device to carry out the network-facing operation; and carrying out, by the security device, the network-facing operation based on utilizing the communication information is disclosed.

Abstract: A method including transmitting, by a network device to a security device, an initial security instruction set including a plurality of initial security instructions; transmitting, by the network device to the security device based on transmitting the initial security instruction set, an event signal associated with the security device carrying out a network-facing operation; transmitting, by the security device to the network device based on receiving the event signal, a security instruction associated with the security device carrying out the network-facing operation, the security instruction being from among the plurality of initial security instructions; translating, by the network device, the security instruction into a host instruction to be executed by the network device; and receiving, by the security device from the network device based on transmitting the security instruction, communication information to enable the security device to carry out the network-facing operation is disclosed.

Abstract: A method including configuring, by an infrastructure device, a user device to encrypt authentication information associated with authenticating the user device with a service provider, the authentication information including first factor authentication information for determining a first factor and second factor authentication information for determining a second factor; configuring, by the infrastructure device, the user device to detect an attempt to access a service to be provided by the service provider; configuring, by the infrastructure device, the user device to determine, based on detecting the attempt, the first factor based on decrypting the first factor authentication information and the second factor based on decrypting the second factor authentication information; and configuring, by the infrastructure device, the user device to enable authentication of the user device with the service provider based on utilizing the first factor and the second factor. Various other aspects are contemplated.

Abstract: A method in a virtual private network (VPN) environment, the method including receiving, at a user device, domain information associated with a VPN service provider; transmitting, by the user device, a first connection request to the VPN service provider based at least in part on utilizing the domain information; determining, by the user device, that the VPN service provider cannot be reached via utilization of the domain information; determining, by the user device based at least in part on determining that the VPN service provider cannot be reached, substitute domain information to be utilized for transmitting a second connection request; and transmitting, by the user device, the second connection request to the VPN service provider based at least in part on utilizing the substitute domain information is disclosed. Various other aspects are contemplated.

Abstract: A method including determining, by an infrastructure device, a mixed set of harmful traits and clean traits, the harmful traits being associated with affected data known to include harmful content and the clean traits being associated with clean data known to be free of the harmful content; determining, by the infrastructure device, harmful patterns indicating characteristics of the harmful traits based on comparing the affected data with the mixed set, wherein a harmful pattern indicates a particular combination of one or more of the harmful traits; transmitting, by the infrastructure device to a user device, the harmful patterns; determining, by the user device, a determined pattern based at least in part on traits included in given data; and determining, by the user device, whether the given data includes the malicious content based on comparing the determined pattern with the harmful patterns is disclosed. Various other aspects are contemplated.

Abstract: A method including configuring, by an infrastructure device, a transmitting device to determine an encryption key that is determined based at least in part on seed information associated with the transmitting device and a receiving device, and to encrypt one or more content messages to be transmitted during a first time interval by utilizing the encryption key; and configuring, by the infrastructure device, the receiving device to determine a decryption key that is determined based at least in part on the seed information associated with the transmitting device and the receiving device, and to decrypt one or more encrypted content messages received during the first time interval by utilizing the decryption key. Various other aspects are contemplated.

Abstract: A method including determining, by a device, an assigned key pair including an assigned public key and an assigned private key; determining, by the device for a folder including encrypted content, a folder access key pair including a folder access public key and a folder access private key; encrypting, by the device, the folder access private key by utilizing the assigned public key; and accessing, by the device, the encrypted content based at least in part on decrypting the folder access private key. Various other aspects are contemplated.

Abstract: A method including receiving, by a device, a sharing link to be utilized by the device to obtain access to encrypted content, the sharing link including a static portion and a dynamic portion; transmitting, by the device, a request to access the encrypted content, the request being routed based at least in part on the static portion and the request identifying the encrypted content in the dynamic portion; receiving, by the device, access to the encrypted content based at least in part on transmitting the request. Various other aspects are contemplated.

Abstract: A method determining, by an infrastructure device in communication with a user device, authentic feature information that indicates a characteristic associated with an authentic feature included in an authentic communication associated with an authentic entity, with which the user device intends to communicate over a network; and transmitting, by the infrastructure device to the user device, authentic entity information that includes the authentic feature information and an association between the characteristic associated with the authentic feature and authentic communication information associated with the authentic communication. Various other aspects are contemplated.

Abstract: A method including determining aggregate amounts of VPN data communicated by VPN servers with a host device during sample durations of time within a reference period; determining difference amounts indicating differences in the aggregate amounts of VPN data communicated by VPN servers with the host device during successive sample durations of time; determining average aggregate amounts of VPN data communicated by VPN servers with the host device based at least in part on averaging the difference amounts; determining a largest average aggregate amount, from among the average aggregate amounts, as an average threshold level; and selectively adjusting an amount of VPN data communicated by VPN servers with the host device based at least in part on a result of comparing the average threshold level with an observed average aggregate amount of VPN data communicated by VPN servers with the host device. Various other aspects are contemplated.