Abstract: A method for registering and authenticating a user based on a visual access code. The method includes presenting, to the user, images; receiving a selection of a first image; receiving a selection of at least a first set of hotspots from a plurality of hotspots included in the first image; and generating a visual access code based at least in part on the selection of the first image and the first set of hotspots.

Abstract: The network reachability module maps and dynamically tracks network reachability of network addresses and/or devices. The network reachability module can map and dynamically track network reachability of a response-orchestrator engine, via communicating and cooperating with the response-orchestrator engine. The network reachability module has a tracking module to 1) monitor network traffic and 2) keep a list of known devices and/or known subnets on the network, which is dynamically tracked and updated as previously unknown devices and subnets on the network are detected. A trigger module generates a spoofed transmission and/or response communication, supported by a network protocol used by the network. The spoofed transmission and/or response communication can be used to map network reachability of i) network devices, ii) network addresses, and iii) any combination of both, which either 1) can receive or 2) cannot receive protocol communications from a host for the network reachability module in the network.

Abstract: Systems and methods for compute resource configuration, verification, and remediation are provided herein. An example method includes verifying compliance of an operating system and compute assets provisioned configured within a middleware of a computing device using a pre-defined configuration profile, the compliance being determined by comparison of run-time hardware and software attributes of the compute assets to the pre-defined configuration profile comprising hardware and software requirements for the client of a blockchain implementation.

Abstract: Analyzing and mitigating website privacy issues by automatically classifying cookies.

Abstract: A method for accessing cloud resources via a local application development environment on a computing device. The method includes invoking an access management client at the computing device; obtaining an account identifier associated with a user account and communicating the account identifier to an identity platform; receiving an authentication message from the identity platform in response to the identity platform validating the account identifier, the authentication message comprising a role identifier; communicating the authentication message to the cloud platform; receiving security credentials associated with the role identifier from the cloud platform in response to the cloud platform validating the authentication message and the associated role identifier; setting a variable in the local development environment based on the received security credentials for use by the local development environment to request access to one or more resources maintained by the cloud platform.

Abstract: Techniques and apparatuses are described to enable a strategically coordinated fictitious ecosystem of disinformation for cyber threat intelligence collection in a computing network. The ecosystem comprises fictitious profiles and supporting fictitious infrastructure information to portray in-depth, apparent authenticity of the ecosystem. Malicious communications from an adversary directed at the ecosystem are monitored, and threat intelligence about the adversary is collected to prevent future attacks.

Abstract: Systems and methods described herein provide a private network management service for enterprise networks with wireless access. The systems and methods receive, within a provider network and from a user of a private network, parameters for multiple subscription profiles; associate the multiple subscription profiles with an identifier for the private network to create private network subscription profiles; store the private network subscription profiles; and provide at least a portion of the private network subscription profiles from a core network of the provider network to an authentication proxy in the private network. The authentication proxy performs authentication for end devices locally based on the private network subscription profiles.

Abstract: The disclosure relates to user-centric access to blockchain-based services accessed through a telecom network. User devices may each include a Digital Passport Application (“DPA”), which may be stored at an eSIM of the user device. The DPA may be directed to and anchor to an Edge Digital Gate (“EDG”) entitled to provide access to blockchain-based services. The DPA may store a digital persona that digitally represents an entity such as a user or machine so that the DPA may access and interact with blockchain-based services on behalf of the entity. For instance, the digital persona may bind a physical identity of the entity with a digital identity through a private key of the entity. The private key may be used to digitally signed the access token. The digital persona may further link the digital identity with one or more (typically multiple) virtual identities each associated with a blockchain-based service.

Abstract: A method includes generating a private key associated with a distributed ledger. The private key is stored on a secure memory. A storage device is manufactured and includes an onboard computing device having the secure memory integrated therein. The onboard computing device is configured to sign one or more ledger operations with the private key.

Abstract: Embodiments for detecting malicious modification of data in a network, by: setting, by a first layer of network resources, a number of markers associated with input/output (I/O) operations of the network; saving the markers, location, and associated metadata in a marker database; reading, by a second layer of the network resources, the markers corresponding to relevant I/O operations; and verifying each scanned I/O operation against a corresponding marker to determine whether or not data for a scanned specific I/O operation has been improperly modified for the first and second layers and any intermediate layer resulting in a fault condition, and if so, taking remedial action to flag or abort the specific I/O operation.

Abstract: The disclosed computer-implemented method may include initializing a server instance using a specified network address and an associated set of credentials, logging the network address of the initialized server instance as well as the associated set of credentials in a data log, analyzing network service requests to determine that a different server instance with a different network address is requesting a network service using the same set of credentials, accessing the data log to determine whether the second server instance is using a network address that is known to be valid within the network and, upon determining that the second server instance is not using a known network address, preventing the second server instance from performing specified tasks within the network. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Techniques for providing a smart proxy for a large scale high-interaction honeypot farm are disclosed. In some embodiments, a system/method/computer program product for providing a smart proxy for a large scale high-interaction honeypot farm includes receiving tunneled traffic at a smart proxy from a sensor for a honeypot farm that is executed in a honeypot cloud, wherein the tunneled traffic is forwarded attack traffic, and wherein the honeypot farm includes a plurality of container images of distinct types of vulnerable services; selecting a matching type of vulnerable service from the plurality of container images of distinct types of vulnerable services based on a profile of the attack traffic; and forwarding the tunneled traffic to an instance of the matching type of vulnerable service.

Abstract: Techniques are described selecting consensus nodes in a blockchain. A voting process is performed by a plurality of shareholder nodes to generate a voting result for each shareholder node. The voting process comprises each shareholder node voting for a plurality of expected nodes, and the expected nodes and the plurality of shareholder nodes comprise a group of nodes associated with a blockchain. A shareholder node is a node that owns at least one share. A voting result is verified for each shareholder node. After the voting process, a number of shares owned by each node of the group of nodes id determined based on the voting result. A plurality of consensus nodes are selected from shareholder nodes based on the number of shares owned by each of the shareholder nodes.

Abstract: Techniques for providing a large scale high-interaction honeypot farm are disclosed. In some embodiments, a system/method/computer program product for providing a large scale high-interaction honeypot farm includes sending traffic detected at a sensor to a smart proxy for a honeypot farm that is executed in a honeypot cloud, wherein the traffic is forwarded attack traffic that is sent using a tunneling protocol, and wherein the honeypot farm includes a plurality of container images of distinct types of vulnerable services; selecting a matching type of vulnerable service from the plurality of container images of distinct types of vulnerable services based on a profile of the attack traffic; forwarding the traffic to an instance of the matching type of vulnerable service; and executing a security agent associated with the instance of the matching type of vulnerable service to identify a threat by monitoring behaviors and detecting anomalies or post exploitation activities.

Abstract: A method of storing data allowing a seed value for generating an encryption key to be retrieved is provided. The method comprises obtaining, for each of a plurality of biological data sources, a respective set of biometric data from an authorised user. A respective biometric identifier is generated from each set of biometric data. The biometric identifiers are stored in a database. A plurality of seed portions are generated that are combinable using a function to generate the seed value. Each seed portion is stored in the database in association with a biometric identifier.

Abstract: A control method for controlling a wireless device includes setting a decode protocol at a first wireless device and a second wireless device; publishing a service set identifier (SSID) by the first wireless device; detecting the service set identifier by the second wireless device; decoding the service set identifier according to the decode protocol by the second wireless device; and executing a specific function according to the service set identifier by the second wireless device.

Abstract: Disclosed herein are system, method, and computer program product embodiments for performing threat detection on a monitored system. The monitored system may periodically send artifacts (e.g., database records, binaries, program code, business data) to a repository for storage and creation of a snapshot. This repository is typically held in a cloud-based system. The cloud-based system can compare a snapshot of the artifacts against prior snapshots, and generate a change log. This change log can then be provided to a threat detection system for analysis. By this approach, an intrusion can potentially be detected even when system logs cannot be trusted, due to tampering or other inaccuracies.

Abstract: Embodiments of the invention provide a computing device comprising one or more processors, each processor comprising one or more processing unit, said one or more processing units being configured to execute at least one program, each program comprising data and/or instructions, the computing device further comprising, for at least some of the processors, a processor cache associated with each processor, the processor cache being configured to access data and/or instructions comprised in the programs executed by the processor, the computing device comprising: an auxiliary cache configured to access metadata associated with the data and/or instructions comprised in said programs; a security verification unit configured to retrieve, from the auxiliary cache, at least a part of the metadata associated with data and/or instructions corresponding to a memory access request sent by a processor (11) to the processor cache (117).

Abstract: Embodiments of the present invention disclose a data transmission method and a related device and system. The system includes an access network device AN and user equipment UE. The AN is configured to receive a base key sent by a key management device in a core network, where the base key is a key generated from two-way authentication between the UE and the core; the AN and the UE are configured to process the base key according to a preset rule to generate an air interface protection key; the UE is configured to: protect a target field in an uplink protocol data unit PDU by using the air interface protection key; and the AN is configured to parse the target field in the uplink protocol data unit by using the air interface protection key.

Abstract: Centralized systems execute one or more applications for monitoring and operating a plurality of network enabled medical devices. An indication to start a selected application at the centralized system or at a network enabled medical device is received at the centralized system/network enabled medical device. The selected application may require a license to operate and, at the time the indication is received, may have a first license available. Instead of using the first license, the centralized system/network enabled medical device may determine to inherit at least a portion of a second license to operate the selected application. The centralized system/network enabled medical device may inherit at least the portion of the second license to form an inherited license, where the inherited license enables features of the selected application. Using the inherited license, the selected application is started with the enabled features. Related apparatus, systems, techniques and articles are also described.