Abstract: In one example, intelligence is gathered about an attacker that is attempting an attack via a malicious exploit message by exploiting the attacker's belief that the attack is succeeding. A received message (e.g., malicious message) sent from a first message account (e.g., attacker) to a second message account (e.g., intended victim) is received. A security risk associated with the received message is determined. It is determined that the security risk associated with the received message meets one or more criteria. Based on the determination that the security risk associated with the received message meets the one or more criteria, a responsive message is sent in response to the received message from a third message account (e.g., security service) to the first message account. The responsive message includes a content reference identified as referring to a content for a user of the first message account.

Abstract: Logins within a private network are classified as benign or malicious by (a) receiving login patterns within a private network, wherein each login pattern includes one or more attributes of each of (i) a user uniquely associated with the login, (ii) a source computer uniquely associated with the login, and (iii) a destination computer uniquely associated with the login, and wherein each login pattern is characterized as one of (A) a normal login pattern, (B) a benign login pattern, or (C) a malicious login pattern; (b) receiving a new login; and (c) classifying the new login as benign or malicious using the login patterns for the private network that were received.

Abstract: A cryptographic key is generated using biometric data and a hierarchy of biometric descriptors. The hierarchy of biometric descriptors includes multiple levels, wherein a biometric descriptor at a first level is associated with a subset of the biometric descriptors at the next lower level. To generate a cryptographic key, biometric data is collected and compared to the biometric descriptors at the first level of the hierarchy. One of the biometric descriptors is selected at the first level, and a first key component is generated based on the first selected biometric descriptor. The biometric data is then compared to the subset of biometric descriptors at the second level of the hierarchy associated with the first selected biometric descriptor. This process of selecting a biometric descriptor and generating a key component continues for each level of the hierarchy. The key components are then used to generate a cryptographic key.

Abstract: A cryptographic key is generated using biometric data and a hierarchy of biometric descriptors. The hierarchy of biometric descriptors includes multiple levels, wherein a biometric descriptor at a first level is associated with a subset of the biometric descriptors at the next lower level. To generate a cryptographic key, biometric data is collected and compared to the biometric descriptors at the first level of the hierarchy. One of the biometric descriptors is selected at the first level, and a first key component is generated based on the first selected biometric descriptor. The biometric data is then compared to the subset of biometric descriptors at the second level of the hierarchy associated with the first selected biometric descriptor. This process of selecting a biometric descriptor and generating a key component continues for each level of the hierarchy. The key components are then used to generate a cryptographic key.

Abstract: The embodiments include methods and systems for detecting advertising fraud in a computing device by monitoring information received in a receiver component of the computing device, monitoring information received in a render component of the computing device, comparing the information received in the receiver component to the information received in the render component to generate comparison results, using the comparison results to determine whether there are discrepancies between the received information and the rendered information, and performing fraud prevention operations in response to determine that there are discrepancies between the received information and the rendered information. The fraud prevention operations may include dropping a connection to cease receiving the information in the receiver component, sending negative or position feedback to the service provider or a security server, and performing other similar operations.