Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception farm. The deception farm can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception farm. The deception farm can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception farm. The deception farm can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception farm. The deception farm can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Provided are methods, network devices, and computer-program products for dynamically configuring a deception mechanism in response to network traffic from a possible network threat. In various implementations, a network deception system can receive a packet from a network. The network deception system can determine an intent associated with the packet by examining the contents of the packet. The network deception system can further configure a deception mechanism to respond to the intent, for example with the appropriate network communications, software or hardware configuration, and/or data.

Abstract: Provided are methods, including computer-implemented methods or methods implemented by a network device, devices including network devices, and computer-program products for providing dynamic security mechanisms for mixed networks. A mixed network can include an IoT type device and a non-IoT device. Using a configuration of the network, a deception device type can be determined. A second network that includes a deception mechanism corresponding to the deception device type can be determined. A network tunnel from the mixed network to the second network can be configured. The network tunnel enables the deception mechanism to be a node on the mixed network, such that the deception mechanism can be accessed from the mixed network. The deception mechanism can be used to monitor the mixed network for network abnormalities. An action can be taken when the deception mechanism detects an abnormality.

Abstract: An application analysis computer obtains reports from user terminals identifying operational states of instances of an application being processed by the user terminals. Sequences of the operational states that the instances of the application have transitioned through while being processed by the user terminals are identified. Common operational states that occur in a plurality of the sequences are identified. For each of the common operational states, a frequency of occurrence of the common operational state is determined. For each state transition between the common operational states in the sequences, a frequency of occurrence of the state transition is determined. State predictive metrics are generated based on the frequencies of occurrence of the common operational states and the frequencies of occurrence of the state transitions. The state predictive metrics are communicated, such as to an application server to control access to the application by user terminals.

Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception farm. The deception farm can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Provided are methods, network devices, and computer-program products for a network deception system. The network deception system can engage a network threat with a deception mechanism, and dynamically escalating the deception to maintain the engagement. The system can include super-low, low, and high-interaction deceptions. The super-low deceptions can respond to requests for address information, and requires few computing resources. When network traffic directed to the super-low deception requires a more complex response, the system can initiate a low-interaction deception. The low-interaction deception can emulate multiple devices, which can give the low-interaction deception away as a deception. Hence, when the network traffic includes an attempted connection, the system can initiate a high-interaction deception. The high-interaction more closely emulates a network device, and can be more difficult to identify as a deception.

Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception center. The deception center can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Systems, apparatus, methods, and computer program products for using quick response (QR) codes for authenticating users to ATMs and other secure machines for cardless transactions are disclosed. Embodiments of the present disclosure read an image displayed on a display of an external device using a mobile device associated with a user authorized to access a secure resource, decode transaction information encoded in the image, transmit the transaction information and an identifier of the mobile device from the mobile device to an authentication system, and grant access to the secure resource if the transaction information and the identifier satisfy an authentication test performed at the authentication system.

Abstract: Provided are methods, network devices, and computer-program products for dynamically configuring a deception mechanism in response to network traffic from a possible network threat. In various implementations, a network deception system can receive a packet from a network. The network deception system can determine an intent associated with the packet by examining the contents of the packet. The network deception system can further configure a deception mechanism to respond to the intent, for example with the appropriate network communications, software or hardware configuration, and/or data.

Abstract: Provided are systems, methods, and computer-program products for providing network deceptions using a network tunnel. In various implementations, a network device on a first network can be configured as a projection point. A projection point can be configured as one endpoint of a network tunnel. The other end of the network tunnel can terminate at a deception center. The deception center can host a second network, where the second network includes network devices configured as deception mechanisms. By assigning a deception mechanism a network address from the first network, the network address and the network tunnel enable the deception mechanism to appear as a node in the first network.

Abstract: Provided are methods, network devices, and computer-program products for a network deception system. The network deception system can engage a network threat with a deception mechanism, and dynamically escalating the deception to maintain the engagement. The system can include super-low, low, and high-interaction deceptions. The super-low deceptions can respond to requests for address information, and requires few computing resources. When network traffic directed to the super-low deception requires a more complex response, the system can initiate a low-interaction deception. The low-interaction deception can emulate multiple devices, which can give the low-interaction deception away as a deception. Hence, when the network traffic includes an attempted connection, the system can initiate a high-interaction deception. The high-interaction more closely emulates a network device, and can be more difficult to identify as a deception.

Abstract: According to the invention, a method of using a one-time password for a transaction between a user and a merchant is disclosed. The method may include generating the one-time password. The method may also include authenticating the user by the authentication server in response to a request from the user to use the one-time password. The method may further include authorizing the use of the one-time password for the transaction in response to authenticating the user by the authentication server. The method may moreover include using the one-time password in combination with an account number to settle the transaction between the user and the merchant. The method may additionally include sending a message to the authentication server originating from the merchant, wherein the message comprises the one-time password, and wherein the message requests a determination whether the one-time password is authorized for use in the transaction.

Abstract: Provided are systems, methods, and computer-program products for a network device, configured to use data science techniques to manage the deployment of deception mechanisms in a network, where the deception mechanisms can attract and detect threats to the network. In various implementations, the network device can receive network data. The network data can include data produced by an interaction with a deception mechanism. The deception mechanism can be part of the security of the network. An interaction can include a potential threat to the network. The network device can further be configured to analyze the network data using a data science engine, including identifying a pattern of network behavior. The network device can further generate an attack pattern that includes the behavior of the potential threat. The network device can further use the attack pattern to modify deception mechanisms on the network.

Abstract: According to the invention, a method of using a one-time password for a transaction between a user and a merchant is disclosed. The method may include generating the one-time password. The method may also include authenticating the user by the authentication server in response to a request from the user to use the one-time password. The method may further include authorizing the use of the one-time password for the transaction in response to authenticating the user by the authentication server. The method may moreover include using the one-time password in combination with an account number to settle the transaction between the user and the merchant. The method may additionally include sending a message to the authentication server originating from the merchant, wherein the message comprises the one-time password, and wherein the message requests a determination whether the one-time password is authorized for use in the transaction.

Abstract: Provided are devices, computer-program products, and methods (e.g., methods implemented by a production system or security agent program or process) for providing services on a production system to mimic a deception mechanism. For example, a method can include determining a deception characteristic of a deception mechanism and determining a production characteristic of the production system. The method can further include determining an additional service or a modification of an existing service of the production system using the deception characteristic and the production characteristic. In some cases, the additional service and/or the modification can be a deterrent to potential attackers of the production system. The method can further include modifying the production system to mimic the deception mechanism, including adding the additional service to the production system or modifying the existing service using the modification.

Abstract: Provided are systems, methods, and computer-program products for a network device configured to dynamically deploy deception mechanisms to detect threats to a network. In various implementations, the network device can be configured to collect network data from a network, and determine a selection of deceptions mechanisms. The deception mechanisms can represent resources available on the network, and are separate from normal operation of the network. The network device can further determine locations within the network to deploy the deception mechanisms. The network device can further identifying a potential threat to the network. The potential threat may be identified by a deception mechanism. The network device can further determine additional deception mechanisms, and use the additional deception mechanisms to facilitate an action on the network.

Abstract: An application analysis computer obtains reports from user terminals containing application performance metrics and dimensions having values characterizing the applications and the user terminals. Statistics for each different type of the performance metrics across the reports are generated. One of the statistics, for one type of the performance metrics, that has changed at least a threshold amount between two time intervals is identified, and that performance metric is selected for analysis. For each combination of a different type of the characteristic dimensions and a different value among the values occurring for the type of the characteristic dimension, a statistic is generated for the selected type of the performance metrics from the reports. Information is communicated based on an active warning ID that was selected based on being associated with a combination of the type of the characteristic dimension and one of the statistics that changed at least a threshold amount.