Abstract: Disclosed herein is technology that detects potentially deceptive URI (Uniform Resource Identifier) of a homograph attack (e.g., an Internationalized Domain Name (IDN) homograph attack). In one or more implementations, the detection may be accomplished, at least in part, by assessing the likelihood that all of the characters in the URI (e.g., domain name) were typed on a keyboard using a single keyboard map. This Abstract is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims.

Abstract: This application provides a key distribution and authentication method, system, and an apparatus. The method includes: a service center server distributes different keys to terminal devices, and then the terminal devices perform mutual authentication with the network authentication server based on respective keys and finally obtain communication keys for communication between the terminal devices and a functional network element. This provides a method for establishing a secure communication channel for the terminal device, having a broad application range.

Abstract: The present disclosure involves systems, software, and computer implemented methods for tracking of a conversation and management of multi-channel, multi-interaction customer conversations across multiple chat bots. One example system includes operations to receive a first signal comprising a first set of conversational input received via interactions with a conversational interface from a client device, the conversational interface associated with a plurality of chat bots and manages interactions between the client device and the plurality of chat bots. The received conversational input is analyzed to determine a context of the received conversational input based on characteristics of the received conversational input. A request is transmitted to an identified first chat bot associated with the determined context and a response is received from the identified first chat bot. The response is transmitted to the client device for presentation.

Abstract: Techniques for managing access to infrastructure components hosted in a cloud computing environment are provided. One technique includes receiving a request from a user to access a single infrastructure component of multiple infrastructure components hosted in the cloud computing environment. At least one of a current operating state of the cloud computing environment and a context of the user is determined in response to the request. A determination is made to grant the user access to the single infrastructure component, based on an analysis of at least one of the current operating state and the context of the user. In response to the determination, a credential is retrieved that is specific to the single infrastructure component and is valid for a temporary amount of time. The credential is provided to the user.

Abstract: An identity provider, within a directory service, provides an automatic technique for configuring the single sign-on settings of a service provider. The directory service contains pre-configured templates for each service provider supported by the directory service which include the details of the service provider's SSO configuration settings web page. A configuration sign-on script is generated to automatically fill in the configuration settings so that the principal can perform single sign-on with the service provider's preferred authentication and authorization protocol.

Abstract: Embodiments of the application provide a device identifier access method and relate to the field of communications technologies, so as to reduce a risk of privacy leakage, and improve device security of a terminal. The method implemented by a terminal, includes: receiving request information for accessing a first device identifier by a target application; determining first access permission used when the target application accesses the first device identifier, where the first access permission includes one of the following: prohibiting access to the first device identifier, allowing access to a real value of the first device identifier, and allowing access to a dummy value of the first device identifier; and when the first access permission is allowing access to the dummy value of the first device identifier, returning the dummy value of the first device identifier to the target application.

Abstract: A method of controlling access to data on a first electronic device, the method comprising steps of establishing a shared encryption key with a first software application instance running on a second electronic device, receiving a ‘begin session’ command sent by the first software application instance and responsive to the ‘begin session’ command, creating a storage location in a data store of the electronic device, obtaining a data encryption key, receiving data, encrypting the data using the data encryption key and storing the encrypted data in the storage location, receiving an ‘end session’ command sent by the first software application instance and responsive to the ‘end session’ command, discarding the shared encryption key, and deleting the encrypted data from the storage location.

Abstract: Methods, apparatus, and processor-readable storage media for risk analysis and access activity categorization across data structures for use in network security mechanisms are provided herein.

Abstract: Systems and methods for providing a secured password and authentication mechanism for programming and updating software and firmware are provided. Some methods can include a control panel device or a server device generating a onetime password or security token, the control panel device or the server device identifying an authorized user and a phone number of a mobile device associated with the authorized user, the control panel device or the server device using the phone number to transmit the onetime password or security token to the mobile device, the control panel device receiving user input including the onetime password or security token and instructions to program or update the software or firmware of the control panel device or to power off or restart the control panel device, and the control panel device executing the instructions when the onetime password or security token is valid.

Abstract: Customers of a computing resource service provider may operate computing resources provided by the computing resource service provider. Operational information from customer operated computing resources may be correlated with operational information from computing resources operated by the computing resource service provider or other entities, and correlated threat information may be generated.

Abstract: A system for performing authentication of users of a distributed register network is provided. In particular, the system may comprise a distributed register network comprising one or more decentralized nodes, each of which may store a separate copy of a distributed data register. The system may further comprise one or more specialized nodes which authenticate users that trigger the generation of blocks in a linked structures of the distributed register network, where the blocks are associated with requests that are submitted by the user. In this way, the system verifies the authenticity of the blocks in the linked structures, thereby providing a more robust distributed register network.

Abstract: Systems for and methods of detecting cyber-attacks by selecting a group of users and monitoring those user's computer systems for behavior that indicates a series of actions reflecting behavior indicative of a cyber-attack.

Abstract: The disclosed computer-implemented method for identifying malware locations based on analyses of backup files may include (i) identifying a presence of a backup file set and (ii) performing a security action that may include (a) detecting, based on a scan of the backup file set, malware in the backup file set, (b) determining, based on a location of the malware in a system file structure of the backup file set, a subgraph of the system file structure of the backup file set that includes the malware, (c) identifying a string prefix for the subgraph of the system file structure of the backup file set, (d) using an index to cross-reference the string prefix to a pointer identifying a subgraph of an original file set, and (e) scanning a file in the subgraph of the original file set for the malware. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: In one embodiment, a method includes receiving a first audio input from a user requesting access to information or a service, sending a request for the information or service to an authentication server, where the request includes first authentication information based on the first audio input and further includes a user identifier associated with the user, receiving a second audio input from a client system of the user, where the second audio input includes a first authentication code to be compared to a second authentication code generated by the authentication server, sending second authentication information based on the second audio input and the user identifier to the authentication server for verification, receiving, from the authentication server, an indication of whether the user is successfully authenticated based on the second authentication information, and providing, to the user, access to the information or service when the user is successfully authenticated.

Abstract: A device may receive, from a client device, a request with a single packet authorization (SPA) packet that includes data identifying a universal client device identifier (UID), a counter, a first one-time password generated based on a first shared key, the UID, and the counter. The device may generate a second shared key associated with the UID, and may compare the SPA packet to a comparison message authentication code (MAC) generated based on the second shared key, the UID, and the counter. The device may determine whether the SPA packet matches the comparison MAC, and may validate the client device when the SPA packet matches the comparison MAC. The device may provide a MAC associated with the SPA packet to the client device to enable the client device to validate the device for a secure communication based on establishing a pre-master key with the client device.

Abstract: Embodiments described include systems and methods for using an HTML-based application integrated with an embedded browser on a client device, for trusted data transfer for instance. An HTML-based application within an embedded browser of a client device can provide access to a network application and its resources. The HTML-based application can establish a secure session for the network application between a server and the HTML-based application. The embedded browser can determine that the HTML-based application is a trusted application via application of one or more policies. With the secure session established and responsive to determining that the HTML-based application is a trusted application, the embedded browser may establish at least one virtual channel between the embedded browser and the HTML-based application. Using the at least one virtual channels, the embedded browser can transfer data between the secure session of the network application and the operating system (OS) of the client device.

Abstract: The present disclosure provides label data leakage channel detection methods and apparatuses. According to one exemplary label data leakage channel detection method, detection labels are generated based on normal labels of a user. The detection labels can be associated with different data usage channels, so as to indirectly detect usage of the detection labels. Possible data leakage channels can be effectively detected based on massive data indexing and searching. One exemplary apparatus of the present disclosure includes a detection label adding module, a channel association module, an interception module, an intercepted information analysis module, a channel searching module, and an output module. The detection methods and apparatuses provided by the present disclosure have the advantages of high detection efficiency and the capability of processing massive and dynamic user label data.

Abstract: The disclosed computer-implemented method for enabling multi-factor authentication for seamless website logins may include (1) generating a numerical sequence utilized for authenticating a user for multi-factor authentication on a website, (2) detecting user login credentials for initiating a multi-factor authentication session on the website, (3) receiving, in response to the user login credentials, a request for multi-factor authentication data associated with the numerical sequence from the website, (4) retrieving, utilizing an application programming interface (API), the multi-factor authentication data from a secure storage associated with the user, and (5) providing, utilizing the API, the multi-factor authentication data to the website to login the user. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: There is provided a method of detecting a threat against a computer system. The method comprises: creating a modular representation of behavior of known applications on the basis of sub-components of a set of known applications; entering the modular representation to an evolutionary analysis system for generating previously unknown combinations of the procedures; storing the generated previously unknown combinations as candidate descendants of known applications to a future threat candidate database; monitoring the behavior of the computer system to detect one or more procedures matching the behavior of a stored candidate descendant in the future threat candidate database; and upon detection of one or more procedures matching the behavior of the stored candidate descendant and if the stored candidate descendant is determined to be malicious or suspicious, identifying the running application as malicious or suspicious.

Abstract: In keystroke recognition technologies, a method and a module for updating a keystroke reference, and a terminal device are provided. The method for updating a keystroke reference includes: receiving a pressing interrupt sent by a keystroke chip; obtaining a plurality of pressing capacitance values from the keystroke chip, where the plurality of pressing capacitance values include a capacitance value of the keystroke chip at a generation moment of the pressing interrupt and a capacitance value of the keystroke chip at a scanning moment next to the generation moment of the pressing interrupt; and setting a release reference of the keystroke chip according to the plurality of pressing capacitance values, to improve interchangeability and anti-interference of the keystroke chip with no extra burden on a main control chip.