Abstract: Provided is a method including: associating a virtual display of an object with first media content including a first type media content; associating the virtual display of the object with second media content that includes second type media content; generating a data model that includes the virtual display associated with the first media content and the second media content; and storing the data model in a storage device coupled to the computer system. As such, the method unifies all components (e.g., media content, tags, permissions, descriptions) of the data model—text description and attributes, image, video, and audio—to create a unique, multi-dimensional, transferable digital representation of an idea, memory, or history tied to the object.

Abstract: Machine learning methods and systems for developing security governance recommendations are disclosed.

Abstract: Various embodiments are directed to systems and methods for encryption key management within a group-based communication platform.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate information exchange using publish-subscribe with blockchain. An example apparatus includes a security manager to integrate a security service with an instruction execution flow in a distributed device environment. The security manager is to include a processor. The processor is to be configured to implement at least an executable hierarchical state machine to provide credential management and access management in conjunction with instruction execution according to an execution plan. The executable hierarchical state machine is to generate a security context for the execution plan to implement a guard condition governing a transition from a first state to a second state in accordance with the execution plan.

Abstract: Techniques for providing privacy features in communication systems are provided. For example, a message may be provided from user equipment to an element or function in a communication network that comprises one or more privacy indicators, where privacy features for processing the message are determined based on the privacy indicators. The message may comprise an attach request comprising a subscription identifier for a subscriber associated with the user equipment, with the privacy indicators comprising a flag indicating whether the subscription identifier in the attach request is privacy-protected. As another example, the element of function in the communication network may determine privacy features supported by the communication network and generate and send a message to user equipment comprising one or more privacy indicators selected based on the determined privacy features.

Abstract: A digital object architecture infrastructure includes a handle system that stores handle data and a proxy server that caches handle data for rapid access. A client connects to the proxy server to request access to the handle data. When the handle data does not have access restrictions and is currently cached, the proxy server returns the handle data to the client without accessing the handle system. When the handle data does not have access restrictions and is not cached, the proxy server obtains the handle data from the handle system, caches a copy of the handle data for future access, and provides the handle data to the client. The proxy server may cache encrypted handle data that is subject to access restrictions, cannot be decrypted by proxy server, and can be provided to a client determined to be allowed access. The client can then decrypt the encrypted handle data.

Abstract: The present teaching generally relates to providing optimized access control rules. A request may be received from a client device. A determination may be made, based on the request, that an update is needed for access control rule information for the client device. Rule data may be generated. The rule data may include a plurality of data buckets each including one or more access control rules, each data bucket of the plurality being associated with a range of destination port numbers, and where each of the one or more access control rules comprise a set of tuples having a common source network and source port number, and one or more destination port numbers associated with the common source network and source port number. The rule data may be sent to the client device.

Abstract: Techniques for providing Internet of Things (IoT) security are disclosed. An applicable system includes profiling IoT devices to limit the number of network signatures applicable to the IoT devices and performing pattern matching using a pattern that is appropriate for the profile of a given IoT device.

Abstract: Media, method, and system for providing encryption key management for international data residency. Organizations using a group-based communication system can designate a particular geopolitical area where that organization's data can be stored and another geopolitical area (which may be the same or different) where encryption keys used to encrypt and decrypt that data should be stored. Users of that organization can post message or access messages previously posted on the group-based communication system from any geopolitical area, causing the system to automatically store and retrieve messages and encryption keys from the appropriate regions to allow the users to transparently access the group-based communication system while maintaining security and data residency requirements.

Abstract: The technology disclosed relates to authenticating users using a plurality of non-deterministic registration biometric inputs. During registration, a plurality of non-deterministic biometric inputs are given as input to a trained machine learning model to generate sets of feature vectors. The non-deterministic biometric inputs can include a plurality of face images and a plurality of voice samples of a user. A characteristic identity vector for the user can be determined by averaging feature vectors. During authentication, a plurality of non-deterministic biometric inputs are given as input to a trained machine learning model to generate a set of authentication feature vectors. The sets of feature vectors are projected onto a surface of a hyper-sphere. The system can authenticate the user when a cosine distance between the authentication feature vector and a characteristic identity vector for the user is less than a pre-determined threshold.

Abstract: In an embodiment, a statistical approach for augmenting signature detection in a Web application firewall includes receiving a new request including a parameter in a uniform resource identifier (URI), tokenizing the new request, and determining a compound probability that tokens in a value that is associated with the parameter of the URI and that is included in the new request are associated with an attack. The compound probability is determined based at least in part on component probabilities of tokens of historical values associated with the parameter of the URI.

Abstract: A method for providing a trusted service to a trusted execution environment running on a remote host machine includes receiving a message from the trusted execution environment and incrementing a counter of the trusted service. A response message is sent to the trusted execution environment using a value of the incremented counter.

Abstract: In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training.

Abstract: A method for processing data of an analytical instrument for analyzing biological samples is presented. The method comprises receiving instrument data from the analytical instrument at a data processing module communicatively connected with the analytical instrument, generating metadata from the received instrument data at the data processing module, applying a first encryption to the instrument data at the data processing module, applying a second encryption to the generated metadata at the data processing module, and transmitting the encrypted metadata and encrypted instrument data to a remote server. The remote server and the data processing module are communicatively connected. The method also comprises removing the second encryption from the metadata at the remote server and forwarding the instrument data encrypted by the first encryption from the remote server to a management system of the analytical instrument.

Abstract: One or more computing devices, systems, and/or methods for assessing riskiness of a domain are provided. For example, a content request is received from a content provider service that hosts a website associated with a domain. The content request is evaluated to identify request features. Feature scores are assigned to the request features using labeled feature data. The feature scores are aggregated to generate a content request risk score corresponding to a riskiness of the content request corresponding to fraud, such as domain spoofing. The content request risk score along with other content request risk scores of content requests associated with the content provider service are aggregated to create a content provider risk score corresponding to a riskiness of the content provider service, such as a risk of the domain being fraudulent. The content provider risk score is used to either block or process the content request.

Abstract: A method for performing cyber-security analysis includes storing a semantic graph with nodes representing monitored computer-based entities, and edges representing monitored relationships. Each edge has an associated tally. A set of threat scores associated with multiple computer-based entities is stored in the memory. The semantic graph is updated in response to receiving event data. The updating includes decomposing the event data into a set of entities and a set of associated relationships, updating the tally of one of the edges based on the set of relationships, modifying an alert attribute of a monitored computer-based entity when the event data includes an applicable alert, and modifying a threat score of at least one computer-based entity based on the event data when the event data includes an applicable alert, to define a set of modified threat scores. The updated semantic graph is monitored for cyber-security risks within the multiple computer-based entities.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which improves the cybersecurity of a unified system comprising a plurality of sub-systems. The analytic server may instantiate a sub attack tree for each network sub-system within the unified system of distributed network infrastructure. The analytic server may access the sub attack trees of the network sub-systems based on the corresponding identifiers. The analytic server may build a high-level attack tree of the unified system by aggregating the sub attack tree of each sub-system. The analytic server may determine how the interconnection of the plurality of network sub-systems may affect the unified system security. The analytic server may update one or more nodes of the attack tree to reflect the changes produced from the interconnection. The analytic server may build the attack tree based on a set of aggregation rules.

Abstract: Methods and systems are described for implementing automated controls assessment through an application programming interface (“API”) driven software development kit. For example, the system may receive a response from an API-based agent to an automated controls assessment audit. The system may process the response, using a library of reusable features for controls assessment audits for a plurality of computer domains, to generate a result of the automated controls assessment audit. The system may then generate an outcome of the first automated controls assessment audit.

Abstract: A system and method for accelerated anomaly detection and replacement of an anomaly-experiencing machine learning-based ensemble includes identifying a machine learning-based digital threat scoring ensemble having an anomalous drift behavior in digital threat score inferences computed by the machine learning-based digital threat scoring ensemble for a target period; executing a tiered anomaly evaluation for the machine learning-based digital threat scoring ensemble that includes identifying at least one errant machine learning-based model of the machine learning-based digital threat scoring ensemble contributing to the anomalous drift behavior, and identifying at least one errant feature variable of the at least one machine learning-based model contributing to the anomalous drift behavior; generating a successor machine learning-based digital threat scoring ensemble to the machine learning-based digital threat scoring ensemble based on the tiered anomaly evaluation; and replacing the machine learning-based di

Abstract: Techniques for sample traffic based self-learning malware detection are disclosed. In some embodiments, a system/process/computer program product for sample traffic based self-learning malware detection includes receiving a plurality of samples for malware detection analysis using a sandbox; executing each of the plurality of samples in the sandbox and monitoring network traffic during execution of each of the plurality of samples in the sandbox; detecting that one or more of the plurality of samples is malware based on automated analysis of the monitored network traffic using a command and control (C2) machine learning (ML) model if there is not a prior match with an intrusion prevention system (IPS) signature; and performing an action in response to detecting that the one or more of the plurality of samples is malware based on the automated analysis of the monitored network traffic using the C2 ML model. In some embodiments, the IPS signatures and C2 ML model are automatically generated and trained.