Abstract: A terminal apparatus (1) includes a data acquisition unit (113) that acquires data from a business server (2) by transmitting a request to access a one-time URL indicated by URL information received from the business server (2). The business server (2) includes a URL generation unit (212) that generates a one-time URL, an expiration date setting unit (213) that sets an expiration date of the one-time URL, an authentication processing unit (216) that authenticates the terminal apparatus (1), and a state setting unit (215) that sets either an authentication function active state or an authentication function inactive state within the expiration date of the one-time URL. In a case where the authentication processing unit (216) receives the access request, the authentication processing unit (216) starts an authentication process when the authentication function active state is set, and avoids executing the authentication process when the authentication function inactive state is set.

Abstract: A system and methods for identifying personal identifiable information in a data container are disclosed. The system and methods interrogate data at its most fundamental level, thereby allowing complex rule matching to occur. This can be coupled with a data in transit analysis mechanism, or be integrated into a data store search mechanism, to ensure maximum awareness of any potential issues with the security of the qualified data elements.

Abstract: In one embodiment, a network assurance service maintains a first set of telemetry data from the network anonymized using a first key regarding a plurality of network entities in a monitored network. The service receives a key rotation notification indicative of a key changeover from the first key to a second key for anonymization of a second set of telemetry data from the network. The service forms, during a key rotation time period associated with the key changeover, a mapped dataset by converting anonymized tokens in the second set of telemetry data into anonymized tokens in the first set of telemetry data. The service augments, during the key rotation time period, the first set of telemetry data with the mapped dataset. The service assesses, during the time period, performance of the network by applying a machine learning-based model to the first set of telemetry data augmented with the mapped dataset.

Abstract: Methods and systems for providing data manifests as a service (DMAAS) are described herein. a first computing system, may generate a first data manifest comprising a first count parameter and a first hash parameter associated with a first data exchange transaction between the first computing system and a second computing system, store the first data manifest to a blockchain data store and transfer a data payload of the first data exchange transaction. The second computing system may analyze the data payload received via the transport mechanism, generate a second data manifest including a second count parameter and a second hash parameter and store the second data manifest to the blockchain data store. A DMAAS computing system facilitates access to the blockchain data store, identifies transmission errors, and triggers acceptance of data at the second computing system upon a successful data exchange transaction.

Abstract: Simulating user interactions during dynamic analysis of a sample is disclosed. A sample is received for analysis. Prior to execution of the sample, a baseline screenshot of a desktop is generated by accessing frame buffer data stored on a graphics card. The sample is caused to execute, at least in part using one or more hypervisor instructions to move a pointing device to an icon associated with the sample. A current screenshot of the desktop is generated by accessing current frame buffer data stored on the graphics card.

Abstract: Data masking is provided by, for at least one predetermined data item in data to be sent, applying a one-way function to that data item to produce a first value, producing a masked data item by encrypting the first value via a deterministic encryption scheme using a current encryption key for a current epoch, and replacing that data item by the masked data item. A data-provider computer sends the masked data to the data-user computer. On expiry of the current epoch, the data-provider computer generates a new encryption key for the encryption scheme in a new epoch, produces mask-update data, dependent on the current and new encryption keys, and sends the mask-update data to the data-user computer. The mask-update data permits updating, at the data-user computer, of masked data items produced with the current encryption key into masked data items produced with the new encryption key.

Abstract: A set of high level test logic is configured to include a set of insertion points. The high-level test logic can be controlled to insert test conditions into a data center configuration. It can also be configured to execute remediation actions that are to be taken, and validation actions to be performed in order to determine whether the remediation action works against the test conditions. Different instances of the high-level test logic can be configured for different environments and different test conditions.

Abstract: A system for verifying control history of an unmanned aerial vehicle according to one embodiment of the present disclosure includes an authentication unit for collecting personal information from a pilot who controls an unmanned aerial vehicle to authenticate the pilot, a storage unit storing control information regarding the pilot's control of the unmanned aerial vehicle, and an encryption unit for sealing and encrypting data of the personal information and the control information; and is capable of controlling and managing an indiscriminate use of the unmanned aerial vehicle and providing a control time, flight history, etc., to an organization which needs such information.

Abstract: A framework to accurately and quickly verify the ownership of remotely-deployed deep learning models is provided without affecting model accuracy for normal input data. The approach involves generating a watermark, embedding the watermark in a local deep neural network (DNN) model by learning, namely, by training the local DNN model to learn the watermark and a predefined label associated therewith, and later performing a black-box verification against a remote service that is suspected of executing the DNN model without permission. The predefined label is distinct from a true label for a data item in training data for the model that does not include the watermark. Black-box verification includes simply issuing a query that includes a data item with the watermark, and then determining whether the query returns the predefined label.

Abstract: Embodiments of the present invention provide a system for authenticating process operations on a network using context locked progressive session tokens. The system is configured for receiving a first request associated with a first process operation from a user device, authorizing the first request, generating a first session token associated with the first process operation, transmitting the first session token to the user device, wherein the first session token is used to validate a second process operation associated with the application, receiving a second request associated with the second process operation from the user device, authorizing the second request, generating a second session token associated with the second process operation using at least the first session token, and transmitting the second session token to the user device, wherein the second session token is used to validate subsequent process operation associated with the application.

Abstract: Certain aspects of the present disclosure relate to methods and apparatus for wireless communication, and more specifically to advertising discovery information, relaying discovery information, and to the secure relay of discovery information in wireless networks. Various frame structures are provided for such transmitting and relaying of discovery information. According to certain aspects of the present disclosure, security is provided for relaying discovery information. According to certain aspects of the present disclosure, compensation may be provided to a device that relays discovery information (e.g., when the relaying results in a transaction).

Abstract: A disclosed method includes a data distribution computer receiving a data packet comprising a plurality of data values in response to an interaction between a resource provider and a user. The data distribution computer can then determine a data item for each data value of the plurality of data values and associate each data value to a processing computer using the data item for each data value. The data distribution computer can generate a plurality of authorization request messages comprising at least one data value. The data distribution computer can then transmit the plurality of authorization request messages to a plurality of processing computers adapted to process the data values in the respective authorization request messages, wherein the plurality of processing computers process the data values in the respective authorization request messages. The plurality of authorization request messages are subsequently forwarded to the authorization computer.

Abstract: Disclosed is a method and system for detecting malicious entities and malicious behavior in a time evolving network via a graph framework by modeling activity in a network graph representing associations between entities. The system utilizes classification methods to give score predictions indicative of a degree of suspected maliciousness, and presents a unified graph inference method for surfacing previously undetected malicious entities that utilizes both the structure and behavioral features to detect malicious entities.

Abstract: One example method and correspond apparatus extracts a model of a computer application during load time and stores the model of the computer application in a database. This example method and corresponding apparatus also inserts instructions into the computer application to collect data at runtime. This example method and corresponding apparatus then analyzes the data collected at runtime against the stored model of the computer application to detect one or more security events and tracks the one or more security events using a state machine.

Abstract: A system, method, and computer program product for implementing a phishing assessment of a target computer network that includes a phishing assessment platform for generating parameters for the phishing assessment; generating the phishing assessment parameters includes identifying a target domain name for the phishing assessment; identifying a pseudo domain name based on the target domain name; generating a pseudo web page using one or more features and attributes of an entity; and implementing the phishing assessment using the pseudo domain name and pseudo web page.

Abstract: A method for authenticating a user of a terminal equipment connected to a communication network, for access from this terminal equipment to a remote service hosted by a server equipment connected to the network. The method includes the following steps, implemented by the server: authenticating the user from credentials; in the event of successful user authentication, authenticating the client equipment from credentials stored in a first memory of the server in association with the user's credentials, including a command to render a first pattern, the command including parameters describing the first pattern and rendering the first pattern received from the client equipment, so-called reference pattern; deciding on authenticating the client equipment according to the evaluated score, a successful authentication being decided when the match score is greater than a predetermined threshold; and following the authentication decision, updating the credentials of the terminal equipment.

Abstract: In one example, a network entity obtains a network packet including data. The network entity performs a deterministic mathematical computation on the data to produce a string of characters derived from the data and inserts an indication of the string of characters into the network packet. The network entity provides the indication of the string of characters to a distributed ledger based on a secret unique identifier of the network entity. The distributed ledger stores the indication of the string of characters and records an indication of a time at which the indication of the string of characters was stored in the distributed ledger. The network entity obtains, from the distributed ledger, the indication of the time and inserts the indication of the time into the network packet. The network entity provides the network packet towards a destination.

Abstract: An apparatus including a processor and a memory configured to provide an SEE and an REE. The processor is configured to provide a client application configured to execute at a user privilege level and a hypervisor configured to execute at a hypervisor privilege level. The user privilege level is more restrictive than the hypervisor privilege level. The processor is further configured to provide a trusted application configured to execute within the SEE. The trusted application provides secure services to the client application. The processor is configured to send a request for secure services from the client application to the trusted application, send a measurement request to the hypervisor, generate within the hypervisor a measured value based on the client application, return the measured value to the trusted application, and determine whether the client application is authorized to access the secure services. The authorization determination is based on the measured value.

Abstract: In one respect, there is provided a system for classifying malware. The system may include a data processor and a memory. The memory may include program code that provides operations when executed by the processor. The operations may include: providing, to a display, contextual information associated with a file to at least enable a classification of the file, when a malware classifier is unable to classify the file; receiving, in response to the providing of the contextual information, the classification of the file; and updating, based at least on the received classification of the file, the malware classifier to enable the malware classifier to classify the file. Methods and articles of manufacture, including computer program products, are also provided.

Abstract: A method for controlling access to one or more of a plurality of target systems includes receiving profile data that defines one or more features associated with a plurality of individuals with one or more entitlements of those individuals. Each entitlement is indicative of target system access. The method further includes generating a model that relates the one or more features and the one or more entitlements of the plurality of individuals. Profile data that defines one or more features associated with a target individual is received from a first user management system. A listing that includes one or more entitlements associated with the target individual, and confidence values associated with the one or more entitlements is generated based on the profile data and the model. Each confidence value is indicative of whether the target individual should be granted a corresponding entitlement.