Abstract: A device may include one or more memories; and one or more processors, communicatively coupled to the one or more memories, to receive a query for data stored by a database; generate an abstract syntax tree based on the query; determine whether the abstract syntax tree matches a list, where the list identifies one or more abstract syntax trees corresponding to queries or types of queries; and selectively perform an action based on whether the abstract syntax tree matches the entry of the list.

Abstract: Methods and systems for improving security of a vehicle are disclosed. In one embodiment, a method comprises receiving, from a requester, a request to access a vehicle compartment of a vehicle; determining a scope of access of the vehicle compartment for the requester based on an operation of the vehicle; and configuring a lock mechanism of the vehicle compartment based on the scope of access.

Abstract: Disclosed are techniques for mutual authentication between a passenger that has requested a transportation service and a dispatched vehicle for providing the requested transportation service. A user device associated with the passenger verifies the dispatched vehicle using a vehicle access token generated by a transportation service platform and sends a secret key to the dispatched vehicle. The dispatched vehicle uses the secret key to recover passenger biometric information from a passenger secret received from the user device through the transportation service platform, captures passenger biometric information on-site, and compares the recovered passenger biometric information and the passenger biometric information collected on-site to verify the passenger.

Abstract: Embodiments of the disclosure provide systems and methods for determining fingerprint information of a terminal device in a transportation service. An exemplary system may include a communication interface configured to establish a communication link between first and second terminal devices and receive user data from the first terminal device associated with a user of the transportation service. The communication interface may also be configured to receive authentication information authenticating the second terminal device. The system may also include a memory configured to store the user data and at least one processor coupled to the memory. The at least one processor is configured to determine a first fingerprint of the first terminal device based on the user data after receiving the authentication information authenticating the second terminal device.

Abstract: Embodiments of the disclosure provide systems and methods for fraud detection in a transportation service. An exemplary system may include a communication interface configured to receive user data from a terminal device associated with a user providing the transportation service. The user data may include identification information of the terminal device. The system may also include a memory configured to store the user data. The system may also include at least one processor coupled to the memory. The processor may be configured to determine a first fingerprint based on the identification information. The processor may be further configured to determine whether the first fingerprint matches a first reference fingerprint associated with a registered terminal device. Moreover, the processor may be configured to generate a first notice when the first fingerprint does not match the first reference fingerprint.

Abstract: Disclosed are techniques for securing electronic control units (ECUs) in a vehicle while allowing secure repairing of the ECUs. A method of repairing a vehicle includes disabling message authentication in secure communication between any two ECUs in a plurality of ECUs on the vehicle, detecting a first ECU that has been changed based on detecting an absence of a valid security key on the first ECU, verifying that a digital certificate associated with the first ECU is a valid certificate, generating one or more security keys for secure communication between the first ECU and a set of ECUs in the plurality of ECUs, provisioning the one or more security keys to the first ECU and the set of ECUs, and enabling the message authentication in secure communication between any two ECUs of the plurality of ECUs.

Abstract: Disclosed are techniques for securing electronic control units (ECUs) in a vehicle. A security platform for a vehicle includes a key distribution center (KDC) for the vehicle. The KDC is configured to verify that a digital certificate associated with a first electronic control unit (ECU) on the vehicle is a valid certificate, where the digital certificate indicates a first security level of the first ECU. The KDC is configured to generate, based on the first security level of the first ECU, one or more security keys for secure communication between the first ECU and a set of ECUs on the vehicle, and provision the one or more security keys to the first ECU and the set of ECUs. In some embodiments, the KDC uses the provisioned keys to authenticate each ECU when the vehicle is powered up.

Abstract: Embodiments of the disclosure provide systems and methods for fraud detecting in a transportation service. An exemplary method may include receiving user data from a terminal device associated with a user providing transportation service. The user data may include a location associated with the transportation service and positioning data of a geographical positioning system. The method may also include determining a first fingerprint based on the positioning data. The method may further include determining whether the first fingerprint matches a first reference fingerprint of a transmitter of the geographical position system corresponding to the location. Moreover, the method may include triggering a first fraud alert when the first fingerprint does not match the first reference fingerprint.

Abstract: Aspects of the invention relate to a method for securing a vehicle compartment including receiving authorization data; setting a mode of operation of an access element based on the authorization data, the access element operable to control a locking mechanism of the vehicle compartment in a vehicle; receiving sensor data indicating that the vehicle compartment in the vehicle has been opened; and in response to the authorization data corresponding to the second mode of operation and the sensor data contemporaneously indicating that the vehicle compartment is opened: initiating a security protocol. The access element (e.g., user accessible button disposed in the vehicle cabin) can be configured to operate in a first mode of operation that allows the access element to control the locking mechanism and a second mode of operation that prevents the access element from controlling the locking mechanism.

Abstract: A device may include one or more memories; and one or more processors, communicatively coupled to the one or more memories, to receive a query for data stored by a database; generate an abstract syntax tree based on the query; determine whether the abstract syntax tree matches a list, where the list identifies one or more abstract syntax trees corresponding to queries or types of queries; and selectively perform an action based on whether the abstract syntax tree matches the entry of the list.

Abstract: Some embodiments include techniques for mutual authentication between a passenger that has requested a transportation service and a dispatched vehicle for providing the requested transportation service. A user device associated with the passenger verifies the dispatched vehicle using a vehicle access token generated by a transportation service platform and sends a secret key to the dispatched vehicle. The dispatched vehicle uses the secret key to recover passenger biometric information from a passenger secret received from the user device through the transportation service platform, captures passenger biometric information on-site, and compares the recovered passenger biometric information and the passenger biometric information collected on-site to verify the passenger.

Abstract: Methods and systems for improving security of a vehicle are disclosed. In one embodiment, a method comprises receiving, from a requester, a request to access a vehicle compartment of a vehicle; determining a scope of access of the vehicle compartment for the requester based on an operation of the vehicle; and configuring a lock mechanism of the vehicle compartment based on the scope of access.

Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.

Abstract: A system configured to detect a threat activity on a network. The system including a digital device configured to detect a first order indicator of compromise on a network, detect a second order indicator of compromise on the network, generate a risk score based on correlating said first order indicator of compromise on the network with the second order indicator of compromise on said network, and generate at least one incident alert based on comparing the risk score to a threshold.

Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.

Abstract: A device may include one or more memories; and one or more processors, communicatively coupled to the one or more memories, to receive a query for data stored by a database; generate an abstract syntax tree based on the query; determine whether the abstract syntax tree matches a list, where the list identifies one or more abstract syntax trees corresponding to queries or types of queries; and selectively perform an action based on whether the abstract syntax tree matches the entry of the list.

Abstract: A system configured to detect a threat activity on a network. The system including a digital device configured to detect a first order indicator of compromise on a network, detect a second order indicator of compromise on the network, generate a risk score based on correlating said first order indicator of compromise on the network with the second order indicator of compromise on said network, and generate at least one incident alert based on comparing the risk score to a threshold.

Abstract: A system configured to detect malware is described. The system including an infection verification pack configured to perform behavior detonation; identify a malware object based on machine-learning; and select one or more persistent artifacts of the malware on the target system based on one or more algorithms applied to behavior traces of the malware object to select one or more persistent artifacts of the malware on the target system.

Abstract: A system configured to generate a risk score for a threat activity including a digital device. The digital device configured to extract one or more threat events on a network based on metadata for one or more targeted digital devices on the network. Further, the digital device is configured to detect one or more incidents based on a correlation between at least a first threat event of the one or more threat events and a second threat event of the one or more threat events. And, the digital device is configured to generate a risk score for each of said one or more incidents.

Abstract: A system configured to detect malware is described. The system configured to detect malware including a data collector configured to detect at least a first hypertext transfer object in a chain of a plurality of hypertext transfer objects. The data collector further configured to analyze at least the first hypertext transfer object for one or more events. And, the data collector configured to generate a list of events based on the analysis of at least the first hypertext transfer object.