Abstract: A method of disambiguating a location of a mobile station within a structure includes: obtaining, at the mobile station, regional pressure indications and corresponding region indications indicating regions within a structure that are vertically displaced with respect to each other, each of the regional pressure indications indicating atmospheric pressure information associated with the corresponding region; determining mobile station pressure information associated with a present location of the mobile station; comparing the mobile station pressure information with the regional pressure indications; and based on the comparing, determining in which of the regions the mobile station presently resides.

Abstract: A location anomaly for a mobile device can be detected using non-location information from the mobile device. The non-location information does not include data from a location based device, such as a GPS. A probabilistic model is created using historical non-location information accumulated from the mobile device. Current non-location data is compared with the probabilistic model to determine a probability associated with the current non-location information. If the probability is less than a predetermined or configurable threshold, a location anomaly is detected. A notification of the location anomaly may be displayed and/or transmitted in response to detecting the location anomaly.

Abstract: A location anomaly for a mobile device can be detected using non-location information from the mobile device. The non-location information does not include data from a location based device, such as a GPS. A probabilistic model is created using historical non-location information accumulated from the mobile device. Current non-location data is compared with the probabilistic model to determine a probability associated with the current non-location information. If the probability is less than a predetermined or configurable threshold, a location anomaly is detected. A notification of the location anomaly may be displayed and/or transmitted in response to detecting the location anomaly.

Abstract: An electronic messaging method is provided, the method implemented by one or more processors. The method includes launching a textual communication application by a user device including a user interface. In the user interface a data entry interface is enabled including language elements in a particular language determined based on an international calling code of a stored textual communication involving a user of the user device or a language of a stored textual communication involving a user of the user device, the stored textual communication comprising text transmitted by the user of the user device or text received by the user of the user device from a particular party. Textual input is received via the data entry interface including the language elements in the particular language.

Abstract: Confusion resulting from assigning the same node identifier to multiple nodes is resolved through the use of confusion detection techniques and the use of unique identifiers for the nodes. In some aspects an access point and/or an access terminal may perform operations relating to detecting confusion and/or providing a unique identifier to resolve confusion.

Abstract: A central platform remote from a local network can detect anomalies on the local network. The central platform can assign a unique pair of DNS server IP addresses to the local network. The central platform can receive configuration data from the local network and use the configuration data and the assigned pair of DNS server IP addresses to uniquely identify devices on the local network. In the case that current network flow statistics do not match expected network flow statistics for the local network, a device causing the anomalous behavior can be identified using the assigned pair of DNS server IP addresses and configuration data.

Abstract: Approaches for analyzing risk of security breaches to a network. Agents gather, from multiple sources across the network, analysis data that identifies one or more habitable nodes and one or more opaque nodes. Habitable nodes each possess a computing environment conducive to installation of at least one of agent, while opaque nodes do not. An enterprise risk model is generated for the network using the analysis data. The enterprise risk model models a risk of security breaches to assets of the network from both authorized and unauthorized users of the network based on attributes of the habitable nodes and the opaque nodes of the network. The enterprise risk model may model both the present and the future risk to the enterprise, enabling, resources, such as time and money, to be best allocated in a scientific and methodical manner to improve the risk profile of the enterprise network.

Abstract: Approaches for enforcing security constraints against a network without impacting business workflows. A network is programmatically divided into a set of restrictive subnetworks without human intervention. One or more agents, executing on a plurality of nodes of the network, enforce security constraints by requiring a process, which requests access to an asset stored on a node of the network, to possess a security credential associated with a particular restrictive subnetwork to which the node belongs for access to the asset to be granted. The set of restrictive subnetworks may be determined based upon an enterprise risk model that models both the present and the future risk to the enterprise.

Abstract: A device identification module identifies devices on a remote network, where the remote network may use Network Address Translation techniques. The device identification module can receive a list of devices on the remote network. The devices in the remote network can be identified by the device classification module based, at least in part, on the device classification and one or more of Dynamic Host Configuration Protocol (DHCP) information for the remote network, port sequences used in Network Address Translation on the remote network, and a live Uniform Resource Locator (URL) check performed on the remote network.

Abstract: Minimizing the latency of on-device detection of malicious executable files, without sacrificing accuracy, by applying a machine learning model to an executable file in quantized steps. Allowing a threshold confidence level to be set to different values enables controlling the tradeoff between accuracy and latency in generating a confidence level indicative of whether the executable file includes malware.

Abstract: Various embodiments include methods, and computing devices implementing the methods, for analyzing sensor information to identify an abnormal vehicle behavior. A computing device may monitor sensors (e.g., a closely-integrated vehicle sensor, a loosely-integrated vehicle sensor, a non-vehicle sensor, etc.) in the vehicle to collect the sensor information, analyze the collected sensor information to generate an analysis result, and use the generated analysis result to determine whether a behavior of the vehicle is abnormal. The computing device may also generate a communication message in response to determining that the behavior of the vehicle is abnormal, and send the generated communication message to an external entity.

Abstract: Various embodiments include methods for detecting software attacks on a process executing on a computing device. Various embodiment methods may include monitoring structural attributes of a plurality of virtual memory regions utilized by the process, and comparing the monitored structural attributes to the expected structural attributes of the plurality of VMRs. Various embodiment methods may further include determining whether the monitored structural attributes represent anomalous behavior of the process based on the comparison between the monitored structural attributes and the expected structural attributes.

Abstract: A recommendation engine can provide recommendations with respect to an application and can provide insights to a user of a computing device. The recommendation engine can receive a prediction based on user engagement with the application during an initial period of time (e.g., a trial period) as to whether the user will convert use of the application to a paid basis (e.g., a subscription or license to the application). An action can be recommended based on the prediction. The recommendation engine can provide insights to a user based on a score associated with the insight. The score can be determined by measuring previous user interactions with the insight over a period of time.

Abstract: Approaches for modeling a risk of security breaches to a network. Agents gather, from multiple sources across the network, analysis data that identifies observed characteristics of habitable nodes and opaque nodes. Using the analysis data a multi-layer risk model for the network is generated that comprises a first layer that models an inherent risk of security breaches to assets of the network based on the observed characteristics. The model also comprises a second layer that models a present state of the inherent risk to the assets caused by global and temporal events. The model also comprises a third layer that models a change to the risk of security breaches in response to potential mitigative actions. The model may be used to understand how risk of a security breach is distributed and interdependent upon the nodes of the network so as to allow the most valuable preventive measures to be taken.

Abstract: Local IP access is provided in a wireless network to facilitate access to one or more local services. In some implementations, different IP interfaces are used for accessing different services (e.g., local services and operator network services). A list that maps packet destinations to IP interfaces may be employed to determine which IP interface is to be used for sending a given packet. In some implementations an access point provides a proxy function (e.g., a proxy ARP function) for an access terminal. In some implementations an access point provides an agent function (e.g., a DHCP function) for an access terminal. NAT operations may be performed at an access point to enable the access terminal to access local services. In some aspects, an access point may determine whether to send a packet from an access terminal via a protocol tunnel based on the destination of the packet.

Abstract: Techniques for providing a user with an augmented virtuality (AV) experience are described herein. An example of a method of providing an AV experience includes determining a location of a mobile device, determining a context based on the location, obtaining AV object information, displaying the AV object information in relation to the context, detecting an interaction with the context, modifying the AV object information based on the interaction, and displaying the modified AV object information. The context may include weighting information. The weighting information may be based on Received Signal Strength Indication (RSSI) or Round-Trip Time (RTT) data. The weighting information may be associated with a composition of a physical object in the context. A user gesture may be received, and the AV object information may be modified based on the received gesture information.

Abstract: The various aspects configure a mobile computing device to efficiently identify, classify, model, prevent, and/or correct the conditions and/or behaviors occurring on the mobile computing device that are related to one or more peripheral devices connected to the mobile computing device and that often degrade the performance and/or power utilization levels of the mobile computing device over time. In the various aspects, the mobile computing device may obtain a classifier model that includes, tests, and/or evaluates various conditions, features, behaviors and corrective actions on the mobile computing device that are related to one or more peripheral devices connected to the mobile computing device. The mobile computing device may utilize the classifier model to quickly identify and correct undesirable behaviors occurring on the mobile computing device that are related to the one or more connected peripheral devices.

Abstract: Various embodiments provide methods, devices, and non-transitory processor-readable storage media enabling network path probing with a communications device by sending probes via a network connection to a STUN server and receiving probe replies. The communications device may increment a counter and transmit a test probe configured to be dropped at the first access point (NAT) causing all subsequent NATs to release their IP/port mappings. The communications device may send another probe to the STUN server and receive a probe reply. The communications device may compare the first and second probe replies to determine whether the final IP addresses within the network path match. By continuously incrementing the counter and querying access points, the communications device may determine the number of access points lay along any given network path. The presence of addition or unexpected numbers of NAT Servers may indicate the presence of a rogue access point.

Abstract: Various embodiments include methods, and computing devices implementing the methods, for authenticating vehicle information by polling selected sensors. A server computing device receiving vehicle information from a reporting vehicle may compare the received vehicle information to contextual information to generate a comparison result, and determine whether the received vehicle information should be evaluated with greater scrutiny based on the comparison result. The server computing device may select sensors for polling based on the received vehicle information (and in response to determining that the received vehicle information should be evaluated with greater scrutiny), and poll the selected sensors to received sensor information. The server computing device may use the received sensor information to corroborate the received vehicle information, and perform a responsive action based on the result of the corroboration.

Abstract: Embodiments include computing devices, apparatus, and methods implemented by the apparatus for time varying address space layout randomization. The apparatus may launch first plurality of versions of a system service and assign a random virtual address space layout to each of the first plurality of versions of the system service. The apparatus may receive a first request to execute the system service from a first application. The apparatus may randomly select a first version of the system service from the first plurality of versions of the system service, and execute the system service using data of the first version of the system service.