Abstract: Systems and methods are provided for smart-landmark-based positioning. Such methods may include detecting, using a sensor mounted on a vehicle, a landmark object, obtaining landmark information of the detected landmark object, the landmark information including identification of the landmark object and an encrypted location of the landmark object, transmitting, from the vehicle over a wireless network, a query including at least part of the obtained landmark information, receiving, by the vehicle over the wireless network, a query response including additional information of the landmark.

Abstract: Provided herein are identification of a distributed denial of service attack and automatic implementation of preventive measures to halt the distributed denial of service attack. At substantially the same time as the attack, valid users/customers (e.g., devices) are provided quality of service and continued access to a website experiencing the distributed denial of service attack. Further, service to temporary or unknown users (e.g., devices) with public access to the website is suspended during the duration of the distributed denial of service attack.

Abstract: A method of registering a person as an authorized user of a portable device includes acquiring biometric data or a combination of pieces of biometric data of a person, encrypting the acquired biometric data or the combination of pieces of biometric data of the person, generating a code from the encrypted biometric data or the combination of pieces of biometric data of the person, inserting the code in an extension field of a public key certificate stored in the portable device, generating a private key and a public key that corresponds to the private key, based on the public key certificate, wherein the private key contains the code, transmitting the public key to a remote entity that is in communication with the portable device, thereby enabling the remote entity to register the person as an authorized user of the portable device, and modifying the public key to generate a modified public key configured to be used in case that the remote entity is disconnected from a service providing server.

Abstract: A method of registering a person as an authorized user of a portable device includes acquiring biometric data or a combination of pieces of biometric data of a person, encrypting the acquired biometric data or the combination of pieces of biometric data, generating a code from the encrypted biometric data or the combination of pieces of biometric data, inserting the code in an extension field of a public key certificate stored in the portable device, generating a private key and a public key that corresponds to the private key, based on the public key certificate, wherein the private key contains the code, and transmitting the public key to a remote entity, thereby enabling the remote entity to register the person as an authorized user of the portable device. The extension field of the public key certificate further contains a code associated with identification information of the person.

Abstract: Various embodiments are generally directed to detecting fraudulent activity on a user account based at least in part on a dynamic fraudulent user blacklist. The fraudulent activity may be identified based on a similarity of forensic profiling across multiple user accounts, for example, fraudulent activity occurring by the same fraudster or perpetrator may have a similar or identical fraudulent pattern across the multiple user accounts. By identifying the fraudulent user patterns associated the same fraudster and dynamically updating a blacklist to include these fraudulent user patterns, the same types of attacks may be prevented on the other existing user accounts.

Abstract: Provided is a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device. The server may pass credentials corresponding to the web-service received from the mobile device and verified to permit user access to the web-service to the relying device. The relying device presents credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.

Abstract: A system for identifying missing organizational security detection system rules, the system includes at least one processing circuitry configured to provide a known cyber-attack techniques repository including information of known cyber-attack techniques and required SIEM (or any other organizational security detection system such as EDR, firewall, etc.) rules required for protecting against each of the known cyber-attack techniques, the known rules being in a generic SIEM rules format; obtain existing SIEM rules of a SIEM of an organization, the existing SIEM rules being in a vendor-specific language, other than the generic SIEM rules format; translate the existing SIEM rules to the generic SIEM rules format, using a translation system, giving rise to translated SIEM rules; compare the translated SIEM rules to the required SIEM rules to identify missing rules, being the required SIEM rules not included in the translated SIEM rules.

Abstract: In an embodiment, a computer implemented method comprises receiving, at a first computing device associated with a managing entity, a request to perform an operation of a managed service; publishing to a first block of a distributed ledger system, by the first computing device associated with the managing entity, identification information of the managing entity; identifying, by a second computing device associated with the managed service, the identification information published to the first block of the distributed ledger system; publishing to a second block of the distributed ledger system, by the second computing device associated with the managed service, acknowledgement information comprising an indication that the identification information of the managing entity published to the first block was received and verified; publishing to a third block of the distributed ledger system, by the second computing device associated with the managed service, management request information comprising an operation r

Abstract: This disclosure describes techniques for facilitating a primary account holder (PAH) of a client account to control access privileges of service features that are accessible by secondary account holders (SAH), via the client account. More specifically, an Access Privilege Control (APC) system is described that enables the PAH to generate access privilege rules that control the use of service features by a SAH, that are accessible via the client device(s) associated with the client account. The APC system may associate a set of updated access privilege rules with virtual profile data for clients associated with the client account. The virtual profile data may be transmitted to client devices, or subset thereof, associated with the client account. Further, the APC system may monitor an operation of client devices associated with the client account and provide one or more recommendations to update access privilege rules based on monitored service feature usage.

Abstract: Methods, systems, and computing platforms for data communication are disclosed. Exemplary implementations may: electronically process with a machine learning controller; electronically process the data payloads in the network with deep machine learning; and real-time adjusting of a plurality of network infosec controls associated with the originating node attribute based on the infosec control attribute.

Abstract: A passive authentication method includes, in response to receiving a requested action from a first user, obtaining a set of sensor data and categorizing first sensor data of the set of sensor data into a first modality of a set of modalities. The method includes, for the first modality of the set of modalities, determining a distance value by applying a first modality model to the first sensor data and comparing the distance value to a first verified value of the first user for the first modality. The method includes, based on the comparison, determining a first authentication decision of the distance value. The method includes, in response to the first authentication decision indicating the first sensor data corresponds to the first user, performing the requested action.

Abstract: The present disclosure relates to techniques for enforcing control policies on one more software as a service (SaaS) platforms from a centralized security control platform. An integration component is configured to integrate SaaS accounts with the security enforcement platform. The security enforcement platform executes functions that facilitate the creation of control policies on SaaS accounts. Exemplary control polices can be created to manage or control file sharing activities, user authentication, plugin usage, and/or other functions and features that may impact the security of the files or content included on the SaaS accounts. Activity events generated by the integrated SaaS accounts can be monitored by the security control platform. The activity events monitored by the security enforcement platform can be utilized to enforce the control policies and facilitate verification of file sharing activities.

Abstract: In some examples, a system receives input information relating to a security level for an information technology (IT) stack comprising a plurality of layers including a hardware layer and a software layer, where the input information is technology and product agnostic. The system discovers components of the plurality of layers of the IT stack, accesses a knowledge base that maps the security level and the discovered components to configuration instructions relating to security controls, and configures the IT stack with the security controls using the configuration instructions.

Abstract: A computer system for verifying vehicle software configuration may be provided. The computer system may include a processor and a non-transitory, tangible, computer-readable storage medium having instructions stored thereon that, in response to execution by the processor, cause the processor to: (1) transmit, to a vehicle computing system, an authentication request including a hash algorithm specification; (2) receive, from the vehicle computing system, a current configuration hash value and a vehicle identifier; (3) retrieve a trusted data block from a memory based upon the vehicle identifier, the trusted data block including a stored configuration hash value and a smart contract code segment; (4) execute the smart contract code segment, the smart contract code segment including a failsafe code segment; and/or (5) transmit the authentication response to the vehicle computing system, and cause the vehicle computing system to execute the failsafe code segment.

Abstract: A computing system is provided implementing a text miner configured to mine unstructured data from unstructured text sources and extract features of a target computer system, and a data flow diagram editor configured to process the extracted features to identify system elements of the target computer system and interrelationships between the identified system elements, and to identify system-related candidate properties of the system elements, and to populate a system element template for each identified system element with the system-related candidate properties for that element. The data flow diagram editor is configured to generate a data flow diagram for the target computer system comprising each identified system element having the candidate properties adopted according to the system property adoption user input, and is configured to display the generated data flow diagram in the graphical user interface.

Abstract: Provided is a way of evaluating rules/conditions that span different domain entities against a set of disparate events from multiple sources that have occurred within a specific window or interval of time from the current time back to a specific time in the past. Events are stored in dedicated storage to enable an extended window of time to be used for multiple event evaluation. Only relevant event/rule pairs are evaluated. The system will record when an event relevant to a rule happens. When a second event that is relevant to the rule happens, the system checks the records to see if a previous relevant event had happened in the past that would cause the rule to trigger an alert. A mechanism is also provided for evaluating static state in combination with changed properties.

Abstract: Provided is a network control device 2000 for controlling a network where a plurality of terminals and countermeasure devices are connected, the network control device 2000 including: a clustering unit 2001 that divides terminals including an incident-detected terminal and the related terminal group into a plurality of zones, on the basis of terminal information including information with which an incident-detected terminal is able to be identified, information with which a related terminal group suspected of being related to an incident is able to be identified among the plurality of terminals, and an inter-terminal communication history; and a communication control setting unit 2002 that sets communication control relating to the terminals and the countermeasure devices for each of the plurality of zones.

Abstract: A device configured to identify a first set of clusters based on the group information and to determine a first cluster quantity that identifies a number of clusters within the first set of clusters. The device is further configured to obtain user interaction data for user devices, to input the user interaction data into a machine learning model, to receive a second set of clusters from the machine learning model based on the user interaction data, and to determine a second cluster quantity that identifies a number of clusters within the second set of clusters. The device is further configured to determine the second cluster quantity is greater than the first cluster quantity, to identify a cluster that is not present in the first set of clusters, and to modify settings on a user device from within the cluster.

Abstract: A wideband chaotic waveform that is rateless in that it may be modulated at virtually any rate and has a minimum of features introduced into the waveform. Further, the waveform provided may be operated below a signal to noise ratio wall to further enhance the LPD and LPE aspects, thereof. Additionally, the present disclosure may provide a mix of coherent and non-coherent processing techniques applied to signal samples to efficiently achieve coarse synchronization with a waveform that is faster, more efficient and more accurate than using time domain signal correlators alone.

Abstract: A method for implementing a migration action for a vulnerability includes receiving an indication that a target resource includes a vulnerability where the target resource is being hosted in a cloud environment and associated with a user of the cloud environment. The method also includes receiving a plurality of rules configured to mitigate vulnerabilities for cloud environment resources. The method further includes determining whether the plurality of rules include one or more rules corresponding to the vulnerability of the target resource. When the plurality of rules comprises the one or more rules corresponding to the vulnerability of the target resource, the method includes applying a reversible mitigation action associated with a respective rule of the one or more rules corresponding to the vulnerability of the target resource.