Abstract: Embodiments are direct to monitoring communication between computers may be using network monitoring computers (NMCs). Network packets that are communicated between the computers may be captured and stored in a data store. If the NMCs identify a secure communication session established between two computers, the NMCs may obtain key information that corresponds to the secure communication session that includes a session key that may be provided by a key provider. Correlation information associated with the secure communication session may be captured by the NMCs. The correlation information may include tuple information associated with the secure communication session. And, the key information and the correlation information may be stored in a key escrow. The key information may be indexed in the key escrow using the correlation information.

Abstract: A method for first path acceptance for secure ranging includes determining a Channel Impulse Response (CIR) of a communication channel for a plurality of channel taps. Each channel tap corresponds to a respective one of a plurality of time slots of the CIR, wherein the CIR includes a plurality of estimated CIR values. A statistical characteristic is extracted from the estimated CIR values within a temporal range of the channel taps. The statistical characteristic is compared to a reference value to detect a distance decreasing attack.

Abstract: Facilitating antivirus scan filing locking based on cluster lock mechanism in distributed file systems is provided herein. A system comprises a processor and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations. The operations comprise determining an antivirus scan status of an object, based on an open object request received from a node device of a cluster of node devices, which is determined through the use of Lock Value Blocks. The antivirus scanning of the object is a precondition for opening the object. The antivirus scan status of the object is one of an unscanned status, a queued status, or a scanned status. Further, the operations can comprise, based on the antivirus scan status being the queued status or the scanned status, selectively facilitating the opening of the object at the node device while circumventing the precondition.

Abstract: A system and method for compression and encryption of data includes creating a plurality of hash table keys by applying a bit mask to an encryption key, applying a hashing function to the encryption key, creating a hash table using the hashing function, the hash table including the plurality of hash table keys and index values, the index values each identifying a location of data in the hash table connected to one of the plurality of hash table keys, receiving input data, and encoding the input data to generate encoded data, the encoding including both compression and encryption of the input data using the encryption key and the hash table.

Abstract: According to an exemplary embodiment, there is provided a method of operating a terminal device. The method includes operating the terminal device in a connected state with respect to the communication network. The method further includes receiving a first signal from a first radio access node in the communication network indicating that the connected state is to be suspended, the first signal having information for use in determining a first key for encrypting data to be sent between the terminal device and the first radio access node or another radio access node in the communication network if the connected state is resumed.

Abstract: A data extraction method and apparatus including: obtaining a data extraction instruction sent by a client, wherein the data extraction instruction is an instruction issued by a target checker logging in to the client, and the data extraction instruction carries a target user identifier of the target checker; obtaining extraction authority information for the target user identifier according to a preset correspondence and the target user identifier as target extraction authority information, wherein the preset correspondence comprises: a plurality of correspondences between user identifiers and extraction authority information, and the extraction authority information is information for representing an authority of a corresponding checker to extract vehicle passing data; extracting, from to-be-checked vehicle passing data, first to-be-checked vehicle passing data that matches the target extraction authority information; and sending the first to-be-checked data to the client.

Abstract: Described herein are embodiments that provide out-of-band authentication for vehicular communications using Joint Automotive Radar Communications (“JARC” if singular, “JARCs” if plural). A method includes receiving, by a directional radio of a connected vehicle, a directional communication having a payload that includes the first temporary identifier and sensor data for a purported transmitter of the directional communication. The method includes initiating, by the directional radio and a radar of the connected vehicle, a set of JARCs with the purported transmitter to determine an authenticity status of the first temporary identifier. The method includes executing a vehicular action for the payload of the directional communication responsive to the authenticity status.

Abstract: An example process includes identifying, by one or more processing devices, a location in computer code that is subject to vulnerability, where the location corresponds to a memory access that is repeatable and that operates on a particular type of variable; and performing processes, by one or more processing devices, to heal the vulnerability. The memory access may be part of a system-to-system or a user-to-system interaction that is repeatable.

Abstract: A personal cloud device includes a housing, one or more processors disposed within the housing, a local area network interface to communicatively couple the processors to a local area network, at least one of: (i) internal persistent storage disposed within the housing, or (ii) an interface to removably attach the personal cloud device to a persistent storage device, to store a library of digital media files including photo and/or video content, and a memory disposed within the housing. The memory stores identifiers of users authorized to operate the personal cloud device, and instructions that cause the personal cloud device to detect a trigger condition related to a location of a user device associated with one of the authorized users, and, in response to detecting the trigger condition, automatically retrieve digital media files from the user device for storage in the internal persistent storage or the persistent storage device.

Abstract: A network system is provided that enables a user to record media in connection with a user operating a service application to participate in a transport service. In examples, the network system includes a user computing device on which media is recorded and stored in an unrenderable state. The user can elect to make a media recording submission for a particular service activity (e.g., trip provided or received by user). In response to the media recording submission, the user computing device identifies one or more media files that contain media data which depict the service activity. The identified media files are transmitted to a service computing system where the media files can be rendered.

Abstract: The techniques described herein increase the throughput of a single VPN connection by creating multiple outbound and/or inbound Security Associations (SAs). For instance, two or more different SAs can encrypt outbound data packets to be sent over the VPN connection to a remote device. Moreover, two or more different SAs can decrypt inbound data packets received over the VPN connection from the remote device. Each of the SAs can be bound to a different processing core via the use of a Security Parameter Index (SPI) identifier. Consequently, inbound data packets communicated over a single VPN connection from a remote device to a physical host in a VPN gateway can be distributed amongst multiple processing cores for decryption purposes. Further, outbound data packets to be communicated over the single VPN connection from the physical host to the remote device can be distributed amongst multiple processing cores for encryption purposes.

Abstract: Systems, methods, and products comprise an analytic server, which improves security of a unified system of distributed network infrastructure comprising a plurality of cyber-physical systems. The analytic server may instantiate a sub attack tree for each cyber-physical system within the unified system. The analytic server may determine how the interconnection of the plurality of cyber-physical systems may affect the unified system security. The analytic server may monitor systems and receive electronic notifications of alerts in real-time from devices in the plurality of cyber-physical systems. The analytic server may follow the logic of the attack tree model by traversing the attack tree from bottom up and determine how the alerts from the cyber-physical systems may affect the distributed network infrastructure as a whole. The analytic server may generate reports comprising a list of the prioritized attacks and recommendation actions to mitigate the attacks.

Abstract: A system and method to receive, by a database service from an encryption service of a database provider in a cloud environment, an encryption key passphrase stored in a secure storage separate and distinct from a database persistence and object store of the database service, the encryption key passphrase used as a key to encrypt and decrypt a key storage of the database service that stores one or more keys used by the database service; and to use the encryption key passphrase by a recovery service of the database provider in the cloud environment to recover the database service and its associated key storage.

Abstract: A method for evaluating security of third-party application is disclosed. The method includes: launching, in an automated test environment, a test instance of a first application; detecting at least one data retrieval operation by the first application of retrieving data from a protected data resource; for each of the at least one data retrieval operation, identifying an application state of the first application at a time of detecting the at least one data retrieval operation; determining a data access pattern for the first application of accessing the protected data resource based on the at least one data retrieval operation and application states of the first application associated with the at least one data retrieval operation; and presenting the data access pattern for the first application on a client device associated with a user.

Abstract: A system and a method are disclosed for receiving a set of rules associated with a document type from a supplier entity. Each rule identifies a set of conditions and a set of actions to be taken after a document of a document type is signed if the set of conditions is satisfied. When a supplier entity sends a document of the document type to a signing entity and the signing entity provides an electronic signature, the system determines whether conditions of rules associated with the document type are satisfied. For each rule that is satisfied, the system performs actions identified by the rule.

Abstract: An example embodiment may involve communicating with a server to separately access first and second records of sessions between the server and computing devices of a network, the first record including a first set of fields not present in the second record and the second record includes a second set of fields not present in the first record; identifying a common field present the first and second records; correlating information across the first and second records using the common field; using a set of license misuse criteria to identify, from the correlated information, (i) a set of the sessions that meets the set of criteria and (ii) a network address of a target device involved in the set of sessions; identifying the target device using the network address; and storing an indication identifying the target device as a potential source of misuse of licensed software executable on the server.

Abstract: A method, apparatus and computer program product are provided to determine a semantic privacy index that quantifies the risk associated with re-identification of a trajectory following anonymization of the trajectory. In the context of a method, information regarding a trajectory is received. After the trajectory has been map matched to a portion of a road network, the method associates contextual information comprising one or more map features with the trajectory. The method also provides the information regarding the trajectory and the contextual information comprising the one or more map features to a risk estimation model in order to generate the semantic privacy index.

Abstract: A method for HyperText Transfer Protocol (HTTP) based fingerprint and classification. The method includes training a HTTP-based machine-learning model, using machine-learning training techniques and a historical dataset of labelled Access Point HTTP service response features collected. The method is useful to detect benign or malicious classes, to assess the potential trustworthiness, to detect any type of bad behavior of an HTTP server, and any other threats that modify or implement an AP HTTP server or webpage. The method takes advantage of the captive portal detection packet exchange between a station and an Access Point (AP) to passively classify the AP.

Abstract: Systems and methods include modifying a random number pool using one or more user-identified randomization processes to produce a modified RN pool with a user-specific modification that is unknown to or otherwise separated from a RN provider. Systems and methods also include sending and receiving encrypted messages that are encrypted and decrypted using the modified RN pool.

Abstract: An exemplary method, device, and system for configuring a session for communication between electronic devices. The method includes sending, by a session management entity of a wireless network, a first request message to a policy control entity of the wireless network, the first request message comprising a key identifier, receiving, by the session management entity, a first response message from the policy control entity, wherein the first response message corresponds to a response to the first request message, and the first response message comprises a session policy for a communication session corresponding to the key identifier, and configuring, by the session management entity, the communication session based at least in part on the session policy.