Abstract: Embodiments of the application provide information processing systems, methods and devices based on Internet of Things. An information processing system comprises a server device, a first device and a second device. The first device and second device are both an Internet of Things device. The first device is configured to: in response to detecting that a first acquisition instruction is triggered, acquire biometric feature information, and send the acquired biometric feature information to the server device. The server device is configured to identify a user corresponding to the biometric feature information. The second device is configured to: in response to detecting that a second acquisition instruction is triggered, acquire body movement information associated with the user, and send the acquired body movement information to the server device. The server device is further configured to perform an operation for the user according to the body movement information.

Abstract: In one example implementation, a log analysis system can comprise an activity engine to monitor user activity of a computer system, a baseline engine to generate an expected baseline of a log, and an abnormality engine to compare the log to the expected baseline to identify an abnormality, compare the abnormality to a user activity volume based on a correlation between the user activity volume and the log activity, and classify the log.

Abstract: A system that uses a client's behavioral biometrics—mouse dynamics, keystrokes, and mouse click patterns—to create a Machine Learning (ML) based customized security model for each client/user to secure website log-ins. The ML model can differentiate the user of interest from an impersonator—human or non-human (robot). The model collects relevant behavioral biometric data from the client when a new account is created by the client/user on a website or when the client initially logs-in to the website. The collected biometric data are used to train an ensemble of ML-based classifiers—a Multilayer Perceptron (MLP) classifier, a Support Vector Machine (SVM) classifier, and an Adaptive Boosting (AdaBoost) classifier—in the model. The trained versions of these classifiers are polled to give an optimal prediction in real-time (while the user is logging in). As a result, real-time fraud detection can be accomplished without impacting the log-in performance of the website.

Abstract: An authentication feature is provided to improve the safety and reliability of services provided by an electronic device. The electronic device includes a processor that outputs multiple challenges in a sequence, receives responses corresponding to the multiple challenges from a user and outputs a result based on whether the responses satisfy conditions of the multiple challenges.

Abstract: A configuration management service provides data identifying its subscribers to a secure sharing service that executes in an account that has a higher security level than a service account used to provide the configuration management service. The secure sharing service securely determines whether each subscriber has authorized producer services to share resource configuration data with the configuration management service. If a subscriber has authorized such sharing, information identifying the subscriber can be stored in a location accessible to the producer services. If a subscriber has not authorized such sharing, the secure sharing service will not make the subscriber's information available to the producer services. The producer services can use the subscriber data to provide resource configuration data to the configuration management service only for those subscribers that subscribe to both the configuration management service and to the producer services.

Abstract: Systems and methods for verifying an identity of a user include a method that includes receiving, by a computing system, a biometric electronic signature token (BEST), the BEST comprising a first biometric sample captured from a signing party and a record, receiving, by the computing system, a second biometric sample captured from the user, generating, by the computing system, a biometric reference template based on biometric data extracted from the second biometric sample, comparing, by the computing system, the biometric reference template to the first biometric sample, and responsive to the biometric reference template matching the first biometric sample, determining, by the computing system, that the user matches the signing party.

Abstract: Methods, systems, and media for dynamically separating Internet of Things (IoT) devices in a network are provided. In accordance with some embodiments of the disclosed subject matter, a method for dynamically separating IoT devices in a network is provided, the method comprising: detecting a first IoT device in the network; monitoring network communication of the first IoT device; determining device information of the first IoT device based on the monitored network communication; and causing the first IoT device to communicate on a first subnet of a plurality of subnets in the network based on the device information.

Abstract: In accordance with various embodiments, a method is performed including determining a plurality of network reputation scores for a respective plurality of network subsets of a fabric network environment and determining a reputation policy for traffic traversing the fabric network environment. The method includes routing traffic traversing the fabric network environment according to the reputation policy and the plurality of network reputation scores.

Abstract: A meeting system includes an identification information acquirer that acquires a card ID, based on a user's operation of touching a reader with an ID card 5 for identifying the user, an authentication process operator that determines whether or not to grant an authentication of the user, based on the card ID acquired by the identification information acquirer, and a command process operator that issues a command for commanding an operation corresponding to a desired operation of the user, where the command is associated with the card ID corresponding to the user, if the authentication of the user is granted by the authentication process operator.

Abstract: A method of generating cyber chaff can include determining a cell of a grid of cells to which a first feature and a second feature of user data maps, identifying a cell type of the cell, the cell type indicating whether the cell is an active cell, an inactive cell, or a sub-process cell, and providing cyber chaff based on cyber chaff data associated with either (a) one or more cells of the inactive cell type or (b) one or more cells of the sub-process cell type.

Abstract: A computing apparatus includes a processor coupled to a memory. The memory stores a set of permission chains, and each permission chain indicates a prior process accessed a current process and the current process requested access to a next process. The processor receives a permission request including a request for an access permission to allow a first current process to access a first next process and an indication that the first current process was accessed from a first prior process. The processor searches the set of permission chains for a matching permission chain, and when the matching permission chain is not found, the processor receives an input granting or denying the requested permission, and when granted updates the set of permission chains to include the granted permission chain and returns a granted indication.

Abstract: Systems and methods are disclosed that provide a secure wireless connection between two electronic devices. Techniques disclosed comprise: generating, on a server, a temporary code; registering, on a first device, the temporary code; sending, from the server to a second device, the temporary code; determining, on the first device, a first temporary credential based on the temporary code; determining, on the second device, a second temporary credential based on the temporary code; establishing, using the first and the second temporary credentials, a temporary connection between the first and the second devices; determining, on the second device, a secure credential; sending, from the second device to the first device, the secure credential via the temporary connection; and establishing, using the secure credential, a secure connection between the first and the second electronic devices.

Abstract: Methods and systems for detecting malicious processes. Methods described herein gather data regarding process locations and calculate one or more inequality indicators related to the process paths based on economic principles. Instances of inequality with respect to process paths may indicate a path is uncommon and therefore the associated binary is used for malicious purposes.

Abstract: Instruction classification and software intrusion detection is performed. Program instruction execution of a processor of a microcontroller unit (MCU) is monitored via side-channel signal analysis, the monitoring including capturing a signal trace of a physical property of the MCU that leaks information correlated with the program instruction execution of the MCU, the signal trace indicating a value of the physical property over time. From the signal trace, time domain features, frequency domain features, and Mel Frequency Cepstral Coefficients (MFCC) features are extracted. A model is utilized for instruction detection to identify an execution signature based on the time domain features, frequency domain features, and MFCC features. The execution signature is compared to one or more reference instruction signatures. A remedial action is performed responsive to the execution signature failing to match to the one or more reference instruction signatures.

Abstract: In an implementation of identifying related computing devices for automatic user account login, a login request to a user account that includes a unique identification (ID) of a user computing device and an internet protocol (IP) address of the user computing device are received. One or more user computing devices that have logged in to the user account using a same IP address as the user computing device are identified based on a user ID of the user account and the unique ID of the user computing device. Whether one or more unique IDs corresponding to the one or more user computing devices that have logged in to the user account are correlated with the unique ID of the user computing device is determined. If yes, data corresponding to login information used by the one or more user computing devices to log in to the user account to the user computing device for automatic account login are sent.

Abstract: In one aspect, a computer system for vehicle configuration verification, and/or detecting unauthorized vehicle modification may be provided. In some exemplary embodiments, the computer system may include a processor and a non-transitory, tangible, computer-readable storage medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations including: (1) receiving a vehicle image, including a vehicle identifier and at least one software module; (2) calculating a configuration hash value of the at least one software module; generating a first data block including the configuration hash value, a first index value, the vehicle identifier, and a digital signature; (3) storing the first data block in a memory; and/or (4) transmitting the first data block to any number of network participants using a distributed network to facilitate vehicle software configuration verification.

Abstract: A method for operating a first vehicle-side terminal is provided, wherein the first vehicle-side terminal determines at least one symmetric group key that is assigned to the group of terminals, encrypts the at least one symmetric group key with a public asymmetric individual key that is assigned to a second vehicle-side terminal or with a symmetric pair key that is assigned to the second vehicle-side terminal, transmits the encrypted symmetric group key in the direction of the second vehicle-side terminal, receives an encrypted message from the second vehicle-side terminal, and decrypts the encrypted message depending on the symmetric group key.

Abstract: In an embodiment, a computing resource service provider provides a certificate management service that allows customers of the computing resource service provider to create, distribute, manage, and revoke digital certificates issued by private certificate authorities. In an embodiment, a private certificate authority hosted by the computing resource service provider is able to issue signed certificates to network entities within the customer enterprise. In an embodiment, the certificate management service provides a network-accessible application programming interface to the private certificate authority that allows applications to create and deploy private certificates programmatically. In an embodiment, the system provides the flexibility to create private certificates for applications that require custom certificate lifetimes or resource names.

Abstract: Disclosed herein are systems and methods that may generate so-called “honey credentials” that are transmitted to a “phishing” website, and are then stored into a honey credential database. The honey credentials appear to be valid credentials, but whenever a bad actor attempts to access an enterprise using the honey credentials, security appliances the enterprise may update the records of the honey credential database to include one or more unique identifiers for each bad actor device that attempts to access the enterprise network using the honey credentials. A server may automatically query the honey credential database to identify other accounts that have been accessed by devices that used the honey credentials to access the enterprise. The server may then flag the accounts and restrict their functionality.

Abstract: Systems and methods are described for using equivalent secret values across different elliptic curves. For example, a transferring party may wish to exchange a first asset on a first blockchain with a recipient for a second asset on a second blockchain. After exchanging sets of public keys with a recipient, a transferring party may generate a zero-knowledge proof and public keys associated with a selected bitstring. The recipient may then verify the proof, which shows that private keys associated with the public keys associated with the bitstring are both derived from the bitstring without revealing the bitstring itself. Once validity of the private keys has been established, the transferring party may publish a second signature to claim the second asset. The published second signature may then be used to publish a first signature (generated using the selected bitstring) on the first blockchain to claim the first asset.