Abstract: A method for execution by a dispersed storage and task (DST) execution unit operates to receive a slice retrieval request from a requester that includes a slice name of one or slices to be retrieved; determine an access policy to apply to the slice retrieval request; determine a timestamp; and determine, based on the timestamp, when the one or more slices are available for retrieval. When the one or more slices are available for retrieval, the method operates further to determine when the one or more slices are currently available to the requester; retrieves the one or more slices from memory and sends the one or more slices to the requester, when the one or more slices are currently available to the requester.

Abstract: User-guided machine learning (ML) significantly reduces false alarms generated by an automated analysis tool performing static security analysis. User interactivity involves initial review and annotation of findings (“witnesses”) in a report generated by the analysis tool. Those annotated findings are then used by the system to generate a “hypothesis” about how to further classify the static analysis findings in the report. The hypothesis is implemented as a machine learning classifier. To generate the classifier, a set of features are abstracted from a typical witness, and the system compares feature sets against one another to determine a set of weights for the classifier. The initial hypothesis is then validated against a second set of user-annotated findings, and the classifier is adjusted as necessary based on how close it fits the new data. Once the approach converges on a final classifier, it is used to filter remaining findings in the report.

Abstract: A system, method, and computer program product are provided for a database associating a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities. Each of the device vulnerabilities is associated with at least one remediation technique. Each remediation technique associated with a particular device vulnerability remediates that particular vulnerability. Further, each remediation technique has a remediation type are selected from the type group consisting of patch, policy setting, and configuration option. Still yet, a first one of the device vulnerabilities is associated with at least two alternative remediation techniques.

Abstract: A system and method for securely storing, retrieving and sharing data using PCs and mobile devices and for controlling and tracking the movement of data to and from a variety of computing and storage devices.

Abstract: A method for querying a knowledgebase of malicious hosts numbered from 1 through N. The method includes providing a network of computers, which has a plurality of unknown malicious host machines. In a specific embodiment, the malicious host machines are disposed throughout the network of computers, which includes a worldwide network of computers, e.g., Internet. The method includes querying a knowledge base including a plurality of known malicious hosts, which are numbered from 1 through N, where N is an integer greater than 1. In a preferred embodiment, the knowledge base is coupled to the network of computers. The method includes receiving first information associated with an unknown host from the network; identifying an unknown host and querying the knowledge base to determine if the unknown host is one of the known malicious hosts in the knowledge base. The method also includes outputting second information associated with the unknown host based upon the querying process.

Abstract: A system, method, and computer program product are provided for a database associating a plurality of device vulnerabilities to which computing devices can be subject with a plurality of remediation techniques that collectively remediate the plurality of device vulnerabilities. Each of the device vulnerabilities is associated with at least one remediation technique. Each remediation technique associated with a particular device vulnerability remediates that particular vulnerability. Further, each remediation technique has a remediation type are selected from the type group consisting of patch, policy setting, and configuration option. Still yet, a first one of the device vulnerabilities is associated with at least two alternative remediation techniques.

Abstract: A method comprises obtaining a potentially malicious file, decoding the file to identify one or more code streams, processing each of the identified code streams to determine the presence of respective ones of a set of indicators of compromise, determining whether the file is malicious based on the presence of one or more of the indicators of compromise in the code streams, and modifying access by a given client device to the file responsive to determining that the file is malicious.

Abstract: Provided herein are systems and methods for generating policies for a new application using a virtualized environment. Prior to allowing a new application to operate on a host system, the new application may be installed in a virtual environment. A first program execution restrictor of the virtualized environment may determine a set of policies for the new application. The set of policies may allow the new application to add specific program elements during installation and execution in the virtualized environment. The first program execution restrictor may verify an absence of malicious behavior from the new application while the new application executes in the virtualized environment. The new application may be executed on the host system responsive to the verification. The host system may have a second program execution restrictor that applies the set of policies when the new application is allowed to execute on the host system.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving results from security testing of source code, each result indicating a potential security vulnerability of the source code, displaying graphical representations of the results to a user, and, by a fix recommendation generator: receiving user input indicating a result of the results, receiving a set of code clones, each code clone being provided based on at least a snippet of the source code underlying the result, receiving a set of repairs, each repair being associated with a code clone, and mitigating a previously determined security vulnerability, and providing a set of fix recommendations based on the set of code clones, the set of repairs, and similarity metrics, each similarity metric indicating a similarity between the at least a snippet of the source code and a respective code clone.

Abstract: Events are securely packaged and transmitted from peripherals of terminals and from secure input/out modules (SIOMs) of terminals. The events are collected and mined in real time for security risk patterns and dynamic remedial actions are pushed back down to the terminals, peripherals, and SIOMs.

Abstract: A method of securing data, the method comprising: dividing a secret key into a plurality of secret key shares; storing each of the plurality of secret key shares in a different server of a plurality of servers so that none of the servers has access to the secret key and to the secret key share stored in another of the servers; using a server of the plurality of servers to execute a secure computation protocol to determine a value of a function responsive to all of the plurality of secret key shares without providing any of the plurality of servers with access to the secret key and to the secret key share stored in another of the servers; and using the calculated value of the function to secure the data.

Abstract: A client establishes a network session with a server. The network session is used to establish an encrypted communications session. The client establishes another network session with another server, such as after terminating the first network session. The client resumes the encrypted communications session over the network session with the other server. The other server is configured to receive encrypted communications from the client and forward them to the appropriate server.

Abstract: Determining, by a machine learning model in an isolated operating environment, whether a file is safe for processing by a primary operating environment. The file is provided, when the determining indicates the file is safe for processing, to the primary operating environment for processing by the primary operating environment. When the determining indicates the file is unsafe for processing, the file is prevented from being processed by the primary operating environment. The isolated operating environment can be maintained on an isolated computing system remote from a primary computing system maintaining the primary operating system. The isolating computing system and the primary operating system can communicate over a cloud network.

Abstract: A system, method, and apparatus are provided for applying a technique for resisting or hindering scraping of a website or other repository of electronic data. When a connection from an entity is received at the website, if no signal or information is received that identifies the entity (e.g., a user identifier, a cookie), or the information is insufficient to discriminate the entity from other entities (e.g., an IP address that is or may be shared), one or more techniques are applied, such as: delaying loading of a page or page component, rendering a page (or page component) as an image, rendering only a portion of a page, applying a CAPTCHA, redirecting the entity to a login page, and/or others. Thus, an anti-scraping technique is activated for a connection from what could be a scraper that has purged its browser data of some or all identifying information.

Abstract: A method and apparatus for location sharing, consisting of sending a location report by a location determining device to a plurality of network enabled devices over a peer-to-peer network, the location determining device being associated with a first digital key pair. A first of the plurality of network enabled devices, associated with a second digital key pair, performs a validation computation on the location report and submits a validation computation result and the location report to a remainder of the plurality of network enabled devices for inclusion in a shared ledger. Including the location report creates commercially-valued credits associated with the public key of the second digital key pair recorded in the shared ledger. A transfer of commercially-valued credits from association with the first public key of the first digital key pair to the public key of the second digital key pair is also recorded in the shared ledger.

Abstract: Provided are a relay device capable of appropriate access management, a relay method, and a program. The relay device (10): receives a user ID and password for logging on to a server (a desired server) in a financial information system (41), a client information system (42), or an inventory management system (43), on the basis of a connection request from a work terminal (20) (client terminal); and relays a connection without performing user verification using the received user ID and password, when establishing a session with the desired server. The relay device connects to the server using processing that differs from the processing for relaying this connection, confirms the appropriateness of the received user ID and password combination, and establishes a session with the desired server if the user ID and password combination is confirmed to be correct.

Abstract: A first communication element is received on a communicating device. A defined mapping is identified based on an identification of a recipient device. The first communication element is mapped to a second communication element based on the defined mapping. The mapped communication element is provided to the recipient device.

Abstract: A system and method operate on a first electronic device and a second electronic device. The first device has a control system and a cryptographic communications module. The second device has a key generator, a user interface, and a cryptographic communications module. The second device generates a single-mission cryptographic key that is securely programmed into the first device, and the first device is deployed to a remote location. The user interface receives a command for controlling the first device. The second device encrypts the command according to the cryptographic key, and transmits the encrypted command to the first device. The first device authenticates the command, decrypts it, and passes the decrypted command to the control system. The first device may be actively guided ordnance, and the second device may be a control element for controlling the actively guided ordnance. The key may be automatically obfuscated upon mission completion or termination.

Abstract: Techniques of executing commands in forwarding nodes are discussed. Control messages are recursively included within each other and distributed in a data plane formed by a network of the forwarding nodes. A given control message can include a command which is executed by a respective forwarding node. The given control message further includes a further control message to be sent to a further forwarding node by the respective forwarding node. The control messages are created by a control node which is configured for controlling operation of the network of forwarding nodes.

Abstract: The present disclosure provides a device, method, and system for enabling multiple wireless communication devices to communicate with a trusted network over a secure connection. The device includes a communication interface configured to communicate with the wireless communication devices and local area networks (LANs) and a processor configured to: broadcast a non-trusted service set identifier (SSID); in response to detecting a non-secure connection to a wireless communication device of the wireless communication devices using the non-trusted SSID, establish a connection to a local area network (LAN) of the LANs. In response to establishing a connection to the LAN: the processor establishes a secure connection to the trusted network; discontinues broadcast of the non-trusted SSID; and broadcasts a trusted SSID to the wireless communication devices to enable the wireless communication devices to wirelessly connect to the network device to communicate with the trusted network using the secure connection.