Abstract: Provided is a system and method for confidential repository searching. The method executed on a first computing device and includes: receiving an encrypted query term from the second computing device; searching the encrypted data repository by determining one or more matches of the encrypted query term to data in the encrypted data repository; communicating the one or more matches to the second computing device; receiving associative data from the second computing device, the associative data associated with data in the encrypted data repository that is to be retrieved and associated with one of the one or more matches; retrieving the encrypted data in the encrypted data repository associated with the received associative data; and communicating the retrieved encrypted data to the second computing device.

Abstract: Methods, apparatus, systems and articles of manufacture to identify a side-channel attack are disclosed. Example instructions cause one or more processors to generate an event vector based on one or more counts corresponding to tasks performed by a central processing unit; determine distances between the event vector and weight vectors of neurons in a self-organizing map; select a neuron of the neurons that results based on a determined distance; identify neurons that neighbor the selected neuron; and update at least one of a weight vector of the selected neuron or weight vectors of the neighboring neurons based on the determined distance of the selected neuron.

Abstract: Disclosed are systems, methods, and non-transitory computer-readable media for AI based privacy amplification. A data security system allows for data transmitted between devices to be secured using varying levels of data security that are adjusted dynamically based on the determined sensitivity level of the data. The data security system uses AI (e.g., machine learning models) to predict the sensitivity level of data being transmitted between the devices in real-time and applies an appropriate level of data security based on the predicted sensitivity level. Dynamically adjusting the level of data security that is used based on the sensitivity level of the data provides for heightened levels of data security to protect highly sensitive data, and lower levels of data security to conserve computing resources when protecting less sensitive data.

Abstract: Systems and methods for blurring connection information in virtual private networks are provided herein. In some embodiments, a method of blurring VPN connection metadata may comprise: receiving, by a VPN service provider infrastructure, a request from a user device to establish a VPN connection with one or more VPN servers, wherein the VPN service provider infrastructure includes a logic engine configured to perform statistical blurring of VPN connection metadata; establishing a connection between the user device and one or more target sites during a VPN session; receiving, from the one or more VPN servers, VPN connection metadata associated with the user's VPN connections and a user identifier associated with the user; performing statistical blurring of VPN connection metadata by modifying the VPN connection metadata using an unknown random value to create blurred connection metadata; and storing the blurred connection metadata in association with the user identifier received.

Abstract: Provided with a technology of a machine learning using a convolutional neural network depending on practical calculation cost and security level desired by a user.

Abstract: In general, the invention relates to providing computer implemented services using information handling systems. One or more embodiments of the invention includes receiving a request to decompose a composed information handling system, wherein the composed information handling system comprises a hardware resource, obtaining a cleaning requirement for the hardware resource, initiating, based on the cleaning requirement, a cleaning operation on the hardware resource, receive a confirmation that the cleaning operation is complete, and after receiving the confirmation, set a state of the hardware resource to allocatable.

Abstract: Embodiments of the invention are directed to a method. The method may include transmitting, by a first device, an encrypted first biometric template generated from a first biometric sample of a user of the first device to a second device, wherein the second device inputs the encrypted first biometric template and a second biometric template generated from a second biometric sample of the user into a function to generate an encoded output. The first device may receive the encoded output from the second device, and may decode the encoded output to recover the encrypted first biometric template and the second biometric template of the user. Upon determining a match result between first and second biometric templates, the first device may transmit unique data to the second device.

Abstract: Disclosed is a dynamic network risk predicting method based on a graph neural network, which comprises the following steps: collecting network data firstly and constructing a network data sequence graph; extracting the time sequence of the network data sequence graph and obtaining a time sequence feature graph; extracting network attribute features, network structure features and network change features of the dynamic network; obtaining the representation vector of the network sequence graph by learning the representation vector; constructing the anomaly detection model and carrying out the dynamic network risk prediction.

Abstract: This document discloses a system and method for securing data files selected from a series of data files. The system comprises a transformation module, an artificial neural network (ANN), a clustering module and a backpropagation module whereby these modules are configured to identify data files that contain malware or anomalies. When such data files are detected, the system will then initiate a series of measures to identify other data files that may be similarly afflicted by the detected malware. These data files are then secured to prevent the malware from affecting a host machine and/or any storage/peripheral devices linked to the host machine.

Abstract: The various implementations described herein include methods and devices for creating and using trust binaries and blockchains. In one aspect, a method includes accessing a trust store for the computing device, including obtaining a blockchain for the trust store. A first change to the trust store is identified. In response to identifying the first change, a first block is generated and inserted into the blockchain, where the first block includes a first encrypted digest for the first change and a first block digest. A second change to the trust store is identified. In response to identifying the second change, a second block is generated and inserted into the blockchain, where the second block includes a second encrypted digest for the second change, a second block digest, and the first block digest.

Abstract: A method for maintaining user privacy in advertisement networks may include receiving first persona data associated with a first user from at least one publisher system. The first persona data may be generalized to form first generalized persona data. A session key may be generated. The first generalized persona data and the session key may be encrypted with a first public key of an advertisement network system to form a first ciphertext. The first ciphertext and first user identity data may be communicated to a mediator system. The first user identity data may be associated with first user's identity. A first encrypted targeted advertisement may be received based on the first generalized persona data from the advertisement network system via the mediator system. The first encrypted targeted advertisement may be decrypted with the session key to form a first targeted advertisement. A system and computer program product are also disclosed.

Abstract: Disclosed herein are systems and method for adjusting data protection levels based on system metadata. A method may include monitoring a computing device for a cyberattack, wherein a kernel driver of the computing device is configured to allow access to kernel control paths and hash tables in accordance with a first protection level, and detecting that the cyberattack is in progress. While the cyberattack is in progress, the method may include identifying kernel control paths and hashes of software objects that will be affected by the cyberattack, and configuring the kernel driver to disable access to the identified kernel control paths and hashes of the software objects in accordance with a second protection level, wherein the second protection level includes greater access restrictions to the computing device than the first protection level.

Abstract: Some embodiments are directed to a categorization system for categorizing a sensitive data field in a dataset, e.g., a disease classification according to the ICD classification. A client device is to obtain categories for one or more records of the dataset. The client device determines categorization data for the categorization. The categorization data comprises homomorphic encryptions of possible values of the sensitive data field and encodings of the categories associated to the respective possible values, thus keeping the categorization secret. A data provider device stores the dataset and determines homomorphic encryption indicating differences between the value of the sensitive data field for a record and respective possible values. A categorization device determines which of those encryptions indicates a match and provides a category encoding associated with a matching possible value to the client device. The client device associates the encoded category to the record.

Abstract: Implementations of the present disclosure include providing a graph representative of a network, a set of nodes representing respective assets, each edge representing one or more lateral paths between assets, the graph data including configurations affecting at least one impact that has an effect on an asset, determining multiple sets of fixes for configurations, each fix having a cost associated therewith, incorporating fix data of the sets of fixes into the graph, defining a set of fixes including one or more fixes from the multiple sets of fixes by defining an optimization problem that identifies one or more impacts that are to be nullified and executing resolving the optimization problem to define the set of fixes, each fix in the set of fixes being associated with a respective configuration in the graph, and scheduling performance of each fix in the set of fixes based on one or more operational constraints.

Abstract: Embodiments assess security vulnerability of an application. An embodiment runs one or more static and dynamic analysis tools on the application to generate a static vulnerability report and a dynamic vulnerability report. In turn, code of the application is decompiled to identify code of the application that accepts user input. One or more vulnerabilities of the application are determined using the identified code of the application that accepts user input and a vulnerability report is generated that indicates the one or more vulnerabilities of the application determined using the identified code of the application that accepts user input. A final static vulnerability report and a final dynamic vulnerability report are generated based on the static and dynamic vulnerability reports and the generated vulnerability report indicating the one or more vulnerabilities of the application determined using the identified code of the application that accepts user input.

Abstract: Systems and methods for secure distribution of biometric matching processing are provided. Certain configurations include homomorphic encrypting of captured biometric information. In some configurations, the biometric information is classified without decryption between a first identity class and a second identity class. The biometric information may be formed as a feature vector. A homomorphic encrypted feature vector may be formed by homomorphic encrypting of the biometric information.

Abstract: A method of securely encrypting data whereby a computing device can utilize a seed and a pin to generate a mantissa of an irrational number. The computing device can then utilize a portion of the mantissa as a one-time pad to encrypt data. The seed can be transmitted to a recipient via a graphical code to enable secure decryption by a recipient's computing device.

Abstract: Disclosed are methods and systems for secure data communication amongst computer systems. Encrypted data in a first format is accessed over a secure communication channel from a first source for a first subject. Encrypted data in a second format is accessed over a secure communication channel from a second source for the first subject. The encrypted data in the first format from the first source and in the second format from the second source is decrypted. The decrypted data in the first format from the first source and in the second format from the second source is converted to a third format. At least partly in response to the request for information from a first system, at least a portion of the data from the first source and the second source is accessed from a database The accessed data is transmitted in encrypted form to the first system.

Abstract: An electronic processor of a wireless fob is configured to establish a first communication link between the wireless fob and an external device, and receive, over the first communication link, first identification information and credential information of a power tool device from the external device. The electronic processor is further configured to receive, via the wireless transceiver, an identification signal including second identification information from the power tool device. The electronic processor is further configured to identify the power tool device by determining that the first identification information matches with the second identification information. The electronic processor is further configured to transmit the credential information to the power tool device to establish a second communication link between the wireless fob and the power tool device and transmit, over the second communication link, a command to the power tool device to control an operation of the power tool device.

Abstract: This application discloses a password verification method and a password setting method. The password verification method includes: in response to a detected operation of requesting for password verification, collecting at least one first image by using a camera of a mobile terminal; obtaining matching information when a result of matching between the at least one first image collected by the mobile terminal and at least one first preset image satisfies a first preset matching condition, where the matching information includes at least one of the following: location information of the mobile terminal, motion information of the mobile terminal, at least one second image collected by the camera of the mobile terminal, and network connection information of the mobile terminal; and performing matching between the obtained matching information and a second preset matching condition, where the password verification succeeds when the matching is successful.