Abstract: A method for searchable encryption with a public key includes receiving an operation request from a user device associated with a user requesting that encryption of data associated with the user. The data includes a corpus of documents stored on a remote storage device. The method also includes receiving a public key associated with the user. The public key includes an asymmetric cryptographic public key. The method also includes generating a random data key. The data key includes a symmetric cryptographic key. The method also includes encrypting, using the data key, a search index for the corpus of documents based on keywords within the corpus of documents. The method also includes encrypting, using the public key, the data key and sending the encrypted data key to a user device associated with the user.

Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically generate memory-efficient clustered data structures, automatically analyze those clustered data structures, and provide results of the automated analysis in an optimized way to an analyst. The automated analysis of the clustered data structures (also referred to herein as data clusters) may include an automated application of various criteria or rules so as to generate a compact, human-readable analysis of the data clusters. The human-readable analyses (also referred to herein as “summaries” or “conclusions”) of the data clusters may be organized into an interactive user interface so as to enable an analyst to quickly navigate among information associated with various data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation. Embodiments of the present disclosure also relate to automated scoring of the clustered data structures.

Abstract: A webshell detection method and apparatus are provided. The apparatus obtains first web traffic of a protected host; generates a web page visit record of the protected host based on the first web traffic, where the web page visit record is used to save at least one uniform resource locator (URL), an IP address visiting each URL, and a total quantity of visits to each URL; determines a suspicious URL from the at least one URL based on the web page visit record, where a total quantity of visits to the suspicious URL is less than a first threshold, and a ratio of a quantity of different IP addresses visiting the suspicious URL to the total quantity of visits to the suspicious URL is less than a second threshold; and determines whether a web page identified by the suspicious URL contains a webshell signature.

Abstract: Generating a rights blockchain storing rights of a user, including: receiving an enrollment request and a public key from the user; verifying that the user has a private key corresponding to the public key; generating a user identifier using the public key; and generating and delivering the rights blockchain having a genesis block including the user identifier to the user.

Abstract: A computing device includes one or more processors, a memory and an encryption accelerator. The memory includes instructions that when executed on the processors cause a first networking session to be established between a pair of communication peers. Encryption of messages of the first session is enabled by a parameter of a security protocol of the session. The encryption accelerator obtains a key determined in the first session, and uses the key to encrypt messages of a second networking session established between the peers.

Abstract: Technologies for securing a virtualization network function (VNF) image includes a security server to generate a wrapping cryptographic key to wrap a private key of the VNF image and replace the private key with the wrapped private key to secure the private key. During operation, the VNF image may be authenticated by a network function virtualization (NFV) server as needed. Additionally, the signature of the VNF image may be updated each time the VNF image is shutdown to ensure the continued authenticity of the VNF image.

Abstract: Examples include a method of predictive rate limiting for performing services requested by a client in a cloud computing system. The method includes receiving a request from a client for one of a plurality of services to be performed, the client belonging to an organization; and determining a current threshold for the organization by applying a real time data model and a historical data model, the real time data model generating a first threshold at least in part by determining a number of requests received from the organization over a first preceding period of time; the historical data model generating a second threshold, the historical data model being generated by applying a machine learning model to historical data stored during processing of previous requests for the plurality of services from the organization over a second preceding period of time, the current threshold being the average of the first threshold and the second threshold.

Abstract: A security negotiation method includes receiving, by a terminal, security negotiation information from a centralized unit control plane (CU-CP)/a centralized unit user plane (CU-UP), where the security negotiation information includes an integrity protection indication identifier of the CU-UP, and determining, by the terminal based on the integrity protection indication identifier, whether to enable user-plane integrity protection of the terminal.

Abstract: The disclosure generally relates to systems and methods for detecting personally identifiable information (PII). The present systems and methods solve the problem of detecting the PII and the PII column names in the customer database with enhanced accuracy, by developing a PII classification model trained with an enhanced and effective training dataset. An enhanced sub-metadata from the metadata having the plurality of the column names is obtained by using highest match distance values, the string comparator values, and the is PII indicator values. The enhanced sub-metadata comprising the column names that can be easily differentiated as PII columns or non-PII columns. Hence the training dataset and the testing dataset obtained from the enhanced sub-metadata improves the accuracy of the PII classification model. Preventive measures can be taken to protect such detected PII present under the PII columns by employing various data privacy and protection techniques.

Abstract: Exemplary methods, apparatuses, and systems include a central controller receiving a request to generate a new encryption key for a security group to replace a current encryption key for the security group. The security group includes a plurality of hosts that each encrypt and decrypt communications using the current encryption key. In response to receiving the request, the central controller determines that a threshold period following generation of the current encryption key has not expired. In response to determining that the threshold period has not expired, the central controller delays execution of the request until the expiration of the threshold period. In response to the expiration of the threshold period, the central controller executes the request by generating the new encryption key, storing a time of creation of the new encryption key, and transmitting the new encryption key to the plurality of hosts.

Abstract: An endpoint in a network periodically generates a heartbeat encoding health state information and transmits this heartbeat to other network entities. Recipients of the heartbeat may use the health state information to independently make decisions about communications with the source endpoint, for example, by isolating the endpoint to prevent further communications with other devices sharing the network with the endpoint. Isolation may be coordinated by a firewall or gateway for the network, or independently by other endpoints that receive a notification of the compromised health state.

Abstract: According to an embodiment, a system includes an electronic device, a server, and an output device. The electronic device may perform user authentication together with the server. The server may specify first content based on the user authentication and may transmit first metadata of the first content to the electronic device. The electronic device may visually output a first object representing the first content based on the first metadata, and transmit, when at least one object is selected of the output objects by the user, identification information of content represented by the selected object to the server. The server may output content corresponding to the identification information through the output device. Moreover, various embodiment found through the present disclosure are possible.

Abstract: Systems and methods are disclosed for creating simulated phishing attack messages that have characteristics which make them appear genuine, while also having characteristics that a user should recognize as being false. Simulated phishing emails may appear to be more realistic to a recipient user if the user observes that the email has also been sent to an individual known to the recipient within the same company. However, it may not be desirable to send the simulated phishing email to such additional recipients. The systems and methods include communicating a simulated phishing email from a server of a simulated phishing attack system to a recipient user of an entity. The simulated phishing email appears to the recipient user as though it is also addressed to one or more non-recipient users of the entity, even though the email is not sent to the non-recipient users.

Abstract: A method at an Intelligent Transportation System (ITS) Transmitting Entity, the method including: generating an ITS message; augmenting the ITS message with an Integrity Report generated by an integrity detection function at the ITS Transmitting Entity to create an augmented ITS message; signing the augmented ITS message with an Authorization Certificate or Ticket, the Authorization Certificate or Ticket including an assurance indication from an Audit Certificate Authority for the integrity detection function; and sending the signed, augmented ITS message to an ITS Receiving Entity.

Abstract: Implantable devices, such as artificial organs, increasingly incorporate hardware, software, firmware, and/or wireless communication capabilities. For example, such implantable devices can utilize wireless technology to allow for efficient configuration, maintenance, and operational analysis. As these implantable devices become more connected, electronic security will become more important. This disclosure relates to implantable devices that may utilize a secure boot process and secure communication, both between artificial devices in the human body and between these devices and the external world. This disclosure provides secure communication approaches for maintaining the digital privacy and integrity of artificial devices, for protecting the individual from malicious hacking of data, and for controlling of such implantable devices.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for security verification of communications to tenants of an on-demand database service. These mechanisms and methods for security verification of communications to tenants of an on-demand database service can enable embodiments to allow tenants to selectively implement security measures with respect to inbound communications, etc. The ability of embodiments to provide such feature may allow tenants to efficiently and effectively implement security measures for in-bound emails.

Abstract: The disclosed embodiments relate to systems and methods for securely associating an application installation with an account of a service. The computer implemented method may include an inviting device with authenticated access to an account provided by a service having data stored therein. An invite code may be generated in response to a request to enable another device to have access to the service account without identifying the other device. The inviting device may provide the invite code to an invited device. The disclosed embodiments enable an inviting device to provide secure and convenient authenticated account access to multiple devices.

Abstract: In some aspects, a gateway server can unlock or unfreeze access to data about a user by third parties without requiring the user to navigate completely away from a third-party website through which the user is executing an electronic transaction. The gateway server can receive a request to unlock or unfreeze data through the third-party website hosted by a third-party web server. The gateway server can output a user interface that is displayable simultaneously with the third-party website. Through the user interface, the gateway server can receive sign-in data such as log-in credentials of the user and consent to share data about the user with the third-party web server. The gateway server can output a command to unlock or unfreeze data about the user and to share the data with the third-party web server. Based on the shared data, the transaction can be completed at the third-party web server.

Abstract: A computer-implemented method for protecting a mobile device against unauthorized access may be provided. The method comprises encrypting the user data stored in a volatile memory of the mobile device if the mobile device is switched to a locked status, and decrypting the user data stored in the volatile memory if the mobile device is switched from the locked status into an unlocked status.

Abstract: A method for securely broadcasting information to a group of undisclosed recipients. The information in an information system is encoded by applying a hash function to a group of messages to form the information stream, wherein portions of the information in the information stream are intended for respective ones of the group of undisclosed recipients. The information is encoded such that that only an intended recipient can decode a portion of the information intended for the intended recipient. The information stream is broadcasted to the group of undisclosed recipients.