Abstract: Systems, methods, and computer-readable media for cybersecurity are disclosed. The systems and methods may involve receiving, by an application capable of JavaScript execution, code for execution; executing, before execution of the received code, an intercepting code, wherein the intercepting code is configured to intercept at least one application programming interface (API) invocation by the received code; intercepting, by the intercepting code, an API invocation by the received code; determining that the intercepted API invocation results in a manipulation of a backing store object; and modifying an execution of the intercepted API invocation, wherein the modified execution results in a nonpredictable environment state.

Abstract: A method for securing a blockchain and incentivizing the storage of blockchain data using a publicly verifiable proof of retrievability (PoR) includes receiving a PoR transaction having a PoR proof, determining whether the PoR proof is a verified PoR proof, and based upon determining that the PoR proof is a verified PoR proof, incorporating, by a block creator node, the PoR transaction into a new block of the blockchain.

Abstract: An integrated circuit includes a data processing part, a data management part. The data processing part processes data. The data management part manages security of the data processing part. The security management part includes a set value holding part, a start control part and a state control part. The set value holding part holds a set value of security strength. The start control part starts the integrated circuit by secure boot which performs signature verification on a boot program in a case where the security strength shown by the set value is over a predetermined level. The state control part resets the data processing part when falsification of the boot program is detected by the signature verification in the secure boot.

Abstract: A system and method of detecting and remediating attacks includes receiving operating system (OS) read/write data from an OS, the OS read/write data describing at least one of reads from and writes to a storage device over a file system interface of the OS; collecting storage device read/write data, the storage device read/write data describing at least one of reads from and writes to the storage device; comparing the OS read/write data to the storage device read/write data; and determining if there is a discrepancy between the OS read/write data and the storage device read/write data. If there is a discrepancy, determining if there is an anomaly detected between OS read/write data and the storage device read/write data. If there is an anomaly, causing a remediation action to be taken to stop a malware attack.

Abstract: A system and method for facilitating online dating activities via identity verification over a communications network includes a client module on a client computing device, the client module configured for reading user contact information, taking a first image of the user's face, and taking a second image of the user's identification card via a camera on the client computing device, encrypting the data and transmitting it to the web server, receiving a verification of the user's identity from the web server and appending a digital signature to any transaction requests made to the web server. The system also includes a web server module executing on the web server configured for transmitting the user data to an identity authority, transmitting a verification of identity to the client computing device, encrypting the user data, and requiring that all transaction requests to the web server include a digital signature.

Abstract: Providing automated security algorithm identification in software distributions is disclosed herein. In one example, a processor device receives a source code fragment representing a difference between a given source code file of a first software distribution and a corresponding source code file of a second software distribution. The processor device determines whether the source code fragment matches any security profile of one or more security profiles that each corresponds to an approved security algorithm. If so, the processor device generates an approval notification to indicate that the source code fragment comprises the approved security algorithm. However, if the processor device determines that the source code fragment does not match any security profile of the one or more security profiles, the processor device generates a warning notification.

Abstract: A system and method for accelerating an automated labeling of a volume of unlabeled digital event data samples includes identifying a corpus characteristic of a digital event data corpus that includes a plurality of distinct unlabeled digital event data samples; selecting an automated bulk labeling algorithm based on the corpus characteristic associated with the digital event data corpus satisfying a bulk labeling criterion of the automated bulk labeling algorithm; evaluating a subset of the plurality of unlabeled digital event data samples, wherein evaluating the subset includes attributing a distinct classification label to each digital event data sample within the subset; and in response to the selection, executing the selected automated bulk labeling algorithm against the digital event data corpus, wherein the executing includes simultaneously assigning a classification label equivalent to the distinct classification label to a superset of the digital event data corpus that relates to the subset.

Abstract: A mechanism is provided for monitoring and controlling data access. Responsive to intercepting a response from a server to a request for information from a client device, a security system agent applies pattern matching using a predefined set of sensitive data pattern rules to identify at least one sensitive data access included in the response. Responsive to identifying at least one sensitive data access matching one or more of the predefined set of sensitive data pattern rules, the security system agent modifies that the request from the client by marking the at least one sensitive data access as sensitive thereby forming a modified request. The security system agent sends the modified request to the security system thereby causing the security system to process the modified request without access the sensitive data associated with the at least one marked sensitive data access.

Abstract: A method may include, during execution of a basic input/output system comprising boot firmware configured to be the first code executed by the processor when the information handling system is booted and/or powered on and execute prior to execution of an operating system of the information handling system, executing a hardware attestation verification application configured to: (i) read a platform certificate comprising information associated with one or more information handling resources of the information handling system recorded during creation of the platform certificate; (ii) perform hardware attestation of the information handling system by comparing information associated with the one or more information handling resources and the information stored within the platform certificate; and (iii) generate a log indicative of the results of the hardware attestation.

Abstract: Attack cases (for example, including attack details, countermeasures, and the like) of each device forming each attack path are derived by comprehensively extracting attack paths assumed for a target system.

Abstract: The invention relates to an embedded system on board an aircraft for detection and response to incidents with log recording, the aircraft comprising a calculator comprising applications using and generating data and being configured to detect events based on these data and predefined information specifying these events. The system comprises, for the calculator, an agent and a collector. The agent is an application component dedicated to an identified application and is configured to apply an incident detection logic to the detected events in order to detect at least one incident and to send to the collector, through detection messages, each detected incident according to a configurable transmission logic. The collector is configured to receive the messages and to apply, to the messages, a configurable recording logic of the messages in one or several log(s).

Abstract: Technologies are shown for secure token refresh where a client receives a first access token from an authentication service, generates an asymmetric key pair, stores the first access token in association with a private key, and sends a public key to the authentication service. The service stores the public key in association with the first access token. The client sends a refresh token request to the service with the first access token. The service responds with a verification request with proof data. The client signs the proof data with the private key and sends the signed proof data to the service. The service verifies the signed proof data using the public key associated with the first access token, creates a second access token that is stored in association with the public key, and sends the second access token to the client, which stores it in association with the private key.

Abstract: Apparatuses, methods, and systems are disclosed for security mode integrity verification. One method includes transmitting a request message to one or more network devices. The method includes, in response to transmitting the request message, authenticating with the one or more network devices. The method includes, in response to successfully authenticating with the one or more network devices, receiving a security mode command message. The method includes verifying the integrity of the security mode command message. The method includes, in response to the verification of the integrity of the security mode command message indicating that a security key is invalid, performing a cell reselection procedure.

Abstract: Systems on a chip (SoCs) include security logic configured to increase resistance to fault injection attacks (FIAs). The security logic includes a monitoring circuit and a cascaded series of substitution-boxes (S-Boxes) having a circuit delay that is designed to match (or most closely match) the computing device critical path length. The monitoring circuit monitors the number of iterations required for the cascaded series of S-Boxes to return to an initial value and generates an error signal if the monitored loop length is different from the expected loop length. In some examples, the error signal is received by a mitigation processor that executes one or more processes aimed at mitigating the attack.

Abstract: In a particular embodiment, recording data associated with an unmanned aerial vehicle (UAV) is disclosed that includes a blockchain manager receiving a transaction message associated with a UAV. The particular embodiment also includes the blockchain manager using the information within the transaction message to create a block of data. In this particular embodiment, the blockchain manager stores the created block of data in a blockchain data structure associated with the UAV.

Abstract: A computerized system and method for obtaining a post-quantum security scheme, generating a one-time use signing key split into shares, each share of the one-time use signing key is stored in one computerized device of the multiple computerized devices, generating shares of a verification key using a function receiving a share of the signing key, generating a data structure, where each node of the data structure is associated with a share of the verification key, signing a message using the shares of the one-time use signing key, revealing the share of the verification key, and reconstructing at least a portion of the data structure to validate that the revealed share of the verification key is associated with the correct node of the data structure.

Abstract: A system and method are provided for treating excessive or problematic computer use. In at least one embodiment, a method is employed to treat excessive or problematic computer use by acquiring information about the unwanted user activity, monitoring user activity for the unwanted behavior, controlling the behavior when it occurs, enabling the user to record self-observations and evaluating the results. This method may employ a computer based system to treat excessive or problematic computer use which includes configuring a user activity monitor with constraints, programmatically enforcing those constraints, reporting the activities monitored and restricted, and enabling a user to input self-observations. Potential constraints include a complete bar on the user activity, as well as, progressively decreasing the amount of time the user may engage in the activity, i.e. titrating the user activity.

Abstract: A system compares two network security specifications expected to implement the same network security policy for a network and identifies possible discrepancies between them. The system generates a representation of relations between subnetworks of the network for each network security specification. The representation efficiently stores permitted connections between subnetworks. The system compares the representations corresponding to the two network security specifications to identify discrepancies across the two network security specifications. If discrepancies are identified across the two network security specifications the system generating a report identifying the discrepancies.

Abstract: A control device is protected from a threat which may occur with the advance of networking or incorporation of intelligence. A security monitoring device that can be externally attached to the control device having a program execution portion that executes a program produced in accordance with a control target includes a communication port for connection with the control device. When it is detected from a content of communication that a security event is generated in access from outside to the control device, a notification is provided to a notification destination corresponding to the generated security event. The security event includes an event that does not conform to a predetermined rule.

Abstract: A key management system for providing encryption of a disk in a client device is provided. The system comprises a trusted platform module (TPM) having a first fragment of a key, a remote storage having a second fragment of the key, and a processing unit to partially boot instructions relating to the booting of the client device, send a request for validation of the instructions to the TPM, receive the first fragment of a key from the TPM if the validation is successful, send a request for the second fragment of the key along with credentials to access the remote storage. The remote storage verifies the credentials and a network through which the request is received and transmits the second fragment if the verification is successful. The processing unit then combines the first fragment and second fragment of the key to generate an encryption key which is used to complete the booting.