Abstract: In an embodiment, one or more ad data sets are received at a first processor. The ad data sets may be partially encoded or encrypted to prevent the processor from viewing certain visitor information. The ad data sets are merged together around common users or order IDs. An attribution credit is applied to each advertising event, creating an attribution data set. The data in the attribution data set is aggregated according to each advertising event, and based on the aggregated results, an advertising recommendation is calculated and sent to the advertising entity.

Abstract: A packet-spreading data transmission system with anonymized endpoints facilitates enhanced fortified private communications between a plurality of arbitrary devices via a plurality of communication channels or networks. The data transmission system receives at a source endpoint device a message of arbitrary length. The message includes a destination address associated with a destination endpoint device. Both source endpoint device and the destination endpoint device are selected from a plurality of arbitrary devices. The received message are fragmented and agilely transmitted, via a plurality of communication channels, from the source endpoint device to the destination endpoint device.

Abstract: Methods and systems are disclosed that provide in-session splitting of network traffic sessions for monitoring of traffic between network clients and network servers. This in-session splitting is based upon monitoring traffic sessions for one or more events and then initiating a proxied session based upon detection of the one or more events. For further embodiments, the creation of the proxied session is implemented based upon detection of a request for a secure link within the session traffic, and the proxied session is then implemented such that original session participants are not aware of the proxied session. The encrypted secure communications between the network client and the network server are split into two connections that decrypted and re-encrypted so that the contents of the secure link can be analyzed to identify network threats and/or other desired network related activities.

Abstract: A Honeypot Adaptive Security (HAS) system is described that determines whether a pre-loaded partner or third-party (PP-TP) application executed on a client device has gained over-privileged access to confidential client or network (CCN) data, or over-privileged use of client account features or information provided by a telecommunications service provider. The HAS system is configured to retrieve client data associated with a PP-TP application executed on the client device, retrieve policy rules associated with the PP-TP application, generate a PP-TP application data model to determine a probability of the PP-TP application gaining over-privileged access to CCN data or over-privileged use of client account features on a client device. Responsive to the determined probability, the HAS system is configured to deploy a solution data package to the client device that resolves the instance of over-privileged access or over-privileged use.

Abstract: Systems and methods are disclosed herein for secure communication of data between motorized mobile systems (MMS) and external devices, systems, networks, and servers. The data may include one or more of user, health, environment, and system data retrieved from one or more sensors located in, on, and around an MMS. The MMS stores and/or transmits the sensor data using secure protocols when the sensor data relates to personal information, such as personal health data, to protect the privacy of the user.

Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process.

Abstract: Methods, systems, and/or devices for controlling media presentation at a shared media presentation system are described herein. To that end, an electronic device defines a distance-related access restriction between a media presentation system and a second electronic device. The device selects one or more access control settings for the media presentation system to be controlled by the second electronic device. The device receives a request, from the second electronic device, to control playback at the media presentation system. In accordance with a determination that the second electronic device meets the distance-related access restriction, the device provides authorization for the second electronic device to access the media presentation system using media control requests that comply with the one or more access control settings selected by the electronic device.

Abstract: An apparatus comprising a processor to execute the rule optimizer to perform a number of operations. One operation comprises obtaining 5 log data including a result of detecting an exploit attack based on a rule. Another operation comprises time-series analyzing the obtained log data to update at least some of previously applied detection rules. There is provided an apparatus for automatically optimizing a rule to improve the detection accuracy for an exploit attack in a rule-based attack detection system, and a method performed on the apparatus.

Abstract: The invention provides a computer-implemented authentication method comprising the step of enabling a user to input an identifier (e.g. a PIN) into an electronic device having a screen and a keypad operable within a keypad zone of the screen; by operating at least one key of the keypad via an image of at least part of a scrambled keypad which is displayed at least partially within the keypad zone. The user's operation of the keypad key via the image generates an encoded version of the user's intended input. In one sense the invention can be perceived as superimposing a non-functional image of a scrambled keyboard over an underlying, functional keypad. The image may be any type of electronic image, and may include a video image. The invention is particularly suited for use with, but not limited to, mobile phones, tablet computer, PCs etc. It can be implemented in any system wherein a user's identity must be verified before access is granted to a controlled resource.

Abstract: A plurality of users connect to an application sending requests over a transport and receiving responses from an application that contain sensitive data. For each user request, the application runs one or more data requests and commands to various data sources or other information systems which return the sensitive data. The application then processes the data and returns is to the user as is or processed based on some business logic. The application includes a run-time environment—where the application logic is executed.

Abstract: The invention provides a computer-implemented authentication method comprising the step of enabling a user to input an identifier (e.g. a PIN) into an electronic device having a screen and a keypad operable within a keypad zone of the screen; by operating at least one key of the keypad via an image of at least part of a scrambled keypad which is displayed at least partially within the keypad zone. The user's operation of the keypad key via the image generates an encoded version of the user's intended input. In one sense the invention can be perceived as superimposing a non-functional image of a scrambled keyboard over an underlying, functional keypad. The image may be any type of electronic image, and may include a video image. The invention is particularly suited for use with, but not limited to, mobile phones, tablet computer, PCs etc. It can be implemented in any system wherein a user's identity must be verified before access is granted to a controlled resource.

Abstract: Disclosed herein are systems and methods that allow for secure access to websites and web-based applications and other resources available through the browser. Also described are systems and methods for invocation of a secure web container which may display data representative of a requesting party's application at a user's machine. The secure web container is invoked upon receipt of an API call from the requesting party. Thus, described in the present specification are systems and methods for constructing and destroying private, secure, browsing environments (a secure disposable web container), insulating the user and requesting parties from the threats associated with being online for the purposes of providing secure, policy-based interaction with a requesting party's online services.

Abstract: An automated system comprising a processor and a database are described. The processor executes communication software reading: at least one image corresponding to an identifier of a blood product from a donor; and at least one database storing at least one communication from a receiver of the blood product. The communication software executed by the processor determines an intermediary from the identifier and contacts the intermediary to obtain contact information of the donor.

Abstract: A method for buffer overflow detection involves obtaining a program code configured to access memory locations in a loop using a buffer index variable, obtaining an assertion template configured to capture a dependency between the buffer index variable and a loop index variable of the loop in the program code, generating an assertion using the assertion template, verifying that the assertion holds using a k-induction; and determining whether a buffer overflow exists using the assertion.

Abstract: A storage system in one embodiment comprises a plurality of storage devices and a storage controller. The storage controller is configured to generate a plurality of snapshots of a storage volume of the storage system at respective different points in time, to monitor a differential between a given one of the snapshots and the storage volume, and to generate an alert indicative of at least a potential ransomware attack on the storage system based at least in part on the monitored differential satisfying one or more specified conditions. The one or more specified conditions illustratively comprise a specified minimum amount of change in the storage volume relative to the given snapshot of the storage volume. Compressibility of the storage volume is also taken into account in generating the alert in some embodiments. The storage controller illustratively initiates restoration of the storage volume utilizing a selected snapshot responsive to confirmation of an actual attack.

Abstract: There are provided measures for protection from malicious and/or harmful content in cloud-based service scenarios. Such measures exemplarily include detecting a transmission attempt of a file between a file service cloud entity and a remote accessing entity, identifying said file, checking for presence of a security threat scan result for said file in a scan result memory based on a result of said identifying, and transmitting, based on a result of said checking, a security threat scan task for said file to a security cloud entity connected to said file service cloud entity.

Abstract: Among other things, this document describes systems, devices, and methods for executing rules in an application layer firewall, including in particular a web application firewall (WAF). An application layer firewall engine employs symbolic execution techniques that result in improved performance and efficiency. In preferred embodiments, an arbitrary firewall rule can be pre-processed to discover and define a set of one or more properties that an input must have in order for the input to have the potential to trigger the rule. By quickly examining an input for these properties, then application layer firewall can conclude that the input cannot trigger and therefore skip full execution of the rule against the input. This can be repeated for many if not all rules in a firewall ruleset. When a high proportion of the inputs have the required properties for rule-skipping, performance can be dramatically improved.

Abstract: An apparatus is provided to enable power supply input to be isolated from power supply output. Power is received from a first power signal at a first of a plurality of charge stores. A second power signal is output from a second of the plurality of charge stores. The second power signal is isolated from the first power supply. The first charge store can be charged from the power input whilst isolated from the power output. The second charge store can be discharged to the power output, while isolated from the power input.

Abstract: Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.

Abstract: A service action category based cloud security system and method implement cloud security by categorizing service actions of cloud service providers into a set of service action categories. The service action categorization is performed agnostic to the applications or functions provided by the cloud service providers and also agnostic to the cloud service providers. With the service actions of cloud service providers thus categorized, cloud security monitoring and threat detection can be performed based on service action categories. Thus, cloud security can be implemented without requiring knowledge of the applications supported by the cloud service providers and without knowing all of the individual service actions supported by the cloud service providers.