Abstract: A technique for storage-efficient cyber incident reasoning by graph matching. The method begins with a graph pattern that comprises a set of elements with constraints and connections among them. A graph of constraint relations (GoC) in the graph pattern is derived. An activity graph representing activity data captured in association with a host machine is then obtained. In response to a query, one or more subgraphs of the activity graph that satisfy the graph pattern are then located and, in particular, by iteratively solving constraints in the graph pattern. In particular, a single element constraint is solved to generate a result, and that result is propagated to connected constraints in the graph of constraint relations. This process continues until all single element constraints have been evaluated, and all propagations have been performed. The subgraphs of the activity graph that result are then returned in response to a database query.

Abstract: A method implements anonymous uncensorable cryptographic chains. The method includes receiving, from a first application, verifiable data for a current record and unverified data for the current record. The unverified data for the current record was received by the first application from a second application. The method further includes verifying the verifiable data for the current record with unverified data from a previous record. The method further includes recording the verifiable data for the current record and the unverified data for the current record to the current record responsive to verifying the verifiable data for the current record. The method further includes presenting the current record to one or more of the first application and to the second application.

Abstract: A computing resource service provider provides a certificate management service that allows customers of the computing resource service provider to create, distribute, manage, and revoke digital certificates issued by public and/or private certificate authorities. In an embodiment, customers may use the certificate management service to generate private certificate authority which can issue signed certificates to network entities within the customer enterprise. In an embodiment, the private certificate authority is hosted by the computing resource service provider, and the certificate management service automates the renewal and management of active certificates. In an embodiment, the certificate management service allows customer applications to create, renew, and revoke certificates issued by both private and public certificate authorities via an application programming interface.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for managing data usage. An example method includes monitoring electronic usage of a governed data set in a computing environment, wherein the governed data set comprises a governed business element, and wherein the governed business element comprises a business element and a metadata attribute configured to govern electronic usage of the business element. The example method further includes identifying, via a data compliance bot, transmission of an electronic usage request from a user device, wherein the electronic usage request comprises a request for a user of the user device to electronically use the business element in the computing environment. The example method further includes identifying the metadata attribute based on the business element. Subsequently, the example method includes determining whether electronic use of the business element is allowed.

Abstract: Embodiments described herein provide for virtual machine (VM) based exploit mitigation techniques that can be used to harden web content frameworks and JavaScript Engines. Some embodiments described herein are also generally applicable to other system frameworks, libraries, and program code that executes on a processor that is vulnerable to an attack using a security exploit. Program code that implements the techniques described herein can prevent the use of security exploit attacks to bypass security properties within the program code.

Abstract: A method including transmitting, by an infrastructure device to a distributor device, an invitation link to enable the distributor device to distribute network services; activating, by the distributor device, the invitation link; transmitting, by the infrastructure device to the distributor device, seed information based on verifying that the invitation link was activated by the distributor device; determining, by the distributor device, a distributor key pair including a distributor public key and a distributor private key based on utilizing the seed information; transmitting, by the distributor device to the infrastructure device, an action request related to an action to be performed regarding the network services, a portion of the action request being signed based on utilizing the distributor private key; and validating, by the infrastructure device, the action request based on utilizing the distributor public key to enable performance of the action regarding the network services is disclosed.

Abstract: The present disclosure relates to a fifth generation (5G) or a pre-5G communication system for supporting higher data transmission rate compared to fourth generation (4G) communication systems such as Long Term Evolution (LTE). The present disclosure relates to generating a security key in a wireless communication system, and a method for operating a transmission end comprises the steps of: generating an encryption key using information related to channel estimation; and transmitting encrypted data to a receiving end using the encryption key.

Abstract: A verification platform may include a data connection to receive a stream of industrial asset cyber-attack detection algorithm data, including a subset of the industrial asset cyber-attack detection algorithm data. The verification platform may store the subset into a data store (the subset of industrial asset cyber-attack detection algorithm data being marked as invalid) and record a hash value associated with a compressed representation of the subset of industrial asset cyber-attack detection algorithm data combined with metadata in a secure, distributed ledger.

Abstract: According to one embodiment, a system receives, at a host channel manager (HCM) of a host system, a request from an application to establish a secure channel with a data processing (DP) accelerator, where the DP accelerator is coupled to the host system over a bus. In response to the request, the system generates a first session key for the secure channel based on a first private key of a first key pair associated with the HCM and a second public key of a second key pair associated with the DP accelerator. In response to a first data associated with the application to be sent to the DP accelerator, the system encrypts the first data using the first session key. The system then transmits the encrypted first data to the DP accelerator via the secure channel over the bus.

Abstract: An example operation may include one or more of receiving, from an executing client, a blockchain transaction comprising an anonymous rating related to an authorizing client, a merkle tree root node value, a proof, and a nullifier, and in response, executing, by a smart contract, a valid historical value assert call on a lookback key storing the merkle tree root node value, verifying, through a valid historical value assert call, that the merkle tree root node value is a current or previous value of the merkle tree root node value, verifying the proof with the merkle tree root node value and the nullifier, adding the anonymous rating to a shared ledger, marking the nullifier as used, and storing the marked nullifier to the shared ledger.

Abstract: An example operation may include one or more of configuring a blockchain network comprising first and second blockchain nodes, providing, by the first blockchain node, a data reference to the second blockchain node, accessing a document, by the second blockchain node, from the first blockchain node, and providing by the second blockchain node, a proof of receipt for the document to a shared blockchain ledger.

Abstract: A system for an artificial intelligence synchronized distributed ledger. The system includes a computing device containing a receiving module, the receiving module designed and configured to receive an input from a remote device, parse the input to identify protected and non-protected data contained within the input, transform the protected data into a digitally signed assertion and convert the non-protected into an encrypted datastore. The computing device containing a processing module, the processing module designed and configured to receive the digitally signed assertion from the receiving module, insert the digitally signed assertion into an immutable sequential data structure, receive the encrypted datastore, retrieve at least an input, generate a record utilizing the at least a retrieved input, and perform a first machine-learning process utilizing the at least a retrieved input.

Abstract: According to examples, an apparatus may include a processor and a non-transitory computer readable medium on which is stored machine readable instructions that may cause the processor to access a hashed credential associated with a user or a device, access hashed versions of a plurality of commonly used credentials, determine whether the hashed credential matches a hashed version of a commonly used credential of the plurality of commonly used credentials, and based on a determination that the hashed credential matches a hashed version of a commonly used credential, perform at least one of a reporting or a blocking operation.

Abstract: Embodiments described herein enable data associated with a large plurality of users to be analyzed without compromising the privacy of the user data. In one embodiment, a user can opt-in to allow analysis of clear text of the user's emails. An analysis process can then be performed in which an analysis service receives clear text of an email of a client device; processes the clear text of the email into one or more tokens having one or more tags; enriches one or more tokens in the processed email using data associated with a user of the client device and the one or more tags; and processes the clear text and one or more enriched tokens to generate a data set of one or more feature vectors.

Abstract: In accordance with various embodiments, a method is performed including determining a plurality of network reputation scores for a respective plurality of network subsets of a fabric network environment and determining a reputation policy for traffic traversing the fabric network environment. The method includes routing traffic traversing the fabric network environment according to the reputation policy and the plurality of network reputation scores.

Abstract: A method of generating cyber chaff can include determining a cell of a grid of cells to which a first feature and a second feature of user data maps, identifying a cell type of the cell, the cell type indicating whether the cell is an active cell, an inactive cell, or a sub-process cell, and providing cyber chaff based on cyber chaff data associated with either (a) one or more cells of the inactive cell type or (b) one or more cells of the sub-process cell type.

Abstract: A computing apparatus includes a processor coupled to a memory. The memory stores a set of permission chains, and each permission chain indicates a prior process accessed a current process and the current process requested access to a next process. The processor receives a permission request including a request for an access permission to allow a first current process to access a first next process and an indication that the first current process was accessed from a first prior process. The processor searches the set of permission chains for a matching permission chain, and when the matching permission chain is not found, the processor receives an input granting or denying the requested permission, and when granted updates the set of permission chains to include the granted permission chain and returns a granted indication.

Abstract: The disclosed technology relates to securely sharing data between a hearing care professional (HCP) and a hearing device user. For example, the disclosed technology relates to securely accessing fitting data for a hearing device. The disclosed technology includes a hearing device that has a memory, where the memory stores a key that can be used for encryption and decryption. The key can be a symmetrical key. In addition to storing a key, the hearing device can store a uniform resource indicator (URI) in its memory.

Abstract: Systems and methods are disclosed herein for secure communication of data between motorized mobile systems (MMS) and external devices, systems, networks, and servers. The data may include one or more of user, health, environment, and system data retrieved from one or more sensors located in, on, and around an MMS. The MMS stores and/or transmits the sensor data using secure protocols when the sensor data relates to personal information, such as personal health data, to protect the privacy of the user.

Abstract: A storage system in one embodiment comprises a plurality of storage devices and a storage controller. The storage controller is configured to generate a plurality of snapshots of a storage volume of the storage system at respective different points in time, to monitor a differential between a given one of the snapshots and the storage volume, and to generate an alert indicative of at least a potential ransomware attack on the storage system based at least in part on the monitored differential satisfying one or more specified conditions. The one or more specified conditions illustratively comprise a specified minimum amount of change in the storage volume relative to the given snapshot of the storage volume. Compressibility of the storage volume is also taken into account in generating the alert in some embodiments. The storage controller illustratively initiates restoration of the storage volume utilizing a selected snapshot responsive to confirmation of an actual attack.