Abstract: An apparatus and method for dissembling electronic devices are described. The apparatus includes a housing with an aperture providing access to an interior thereof, and an adjustable support assembly positioned therein. The support assembly includes a first side plate and a second side plate with spacing in between, and a base plate for supporting an electronic device. A user interface is provided for receiving a user input, and in response to the user input, a motor is configured to drive a ram member downwards to contact and apply force to the electronic device held in the support assembly. A sensor may be included to measure the motor load current and output the measured load to an indicator to be viewed by a user for determining when a shell of the electronic device has been cracked.

Abstract: Disclosed herein are enhancements for operating a communication network to detect malware in scripts of web applications. In one implementation, a method for modeling the structure of embedded unclassified scripts to compare the abstract dynamism of similar scripts. The method may determine structure of unclassified end user browser script by building abstract structure using code from unclassified end user browser script; compare determined structure of unclassified end user browser script with a plurality of generalized abstract structures; if the determined structure of unclassified end user browser script matches within a predetermined threshold of any of the plurality of generalized abstract structures, then the unclassified end user browser script is classified as benign, otherwise the determined structure is classified as malicious. This, in turn, provides a scalable and efficient way of identifying benign, malicious, known and unknown scripts from a script available in full or in part.

Abstract: The embodiments execute machine-learning architectures for biometric-based identity recognition (e.g., speaker recognition, facial recognition) and deepfake detection (e.g., speaker deepfake detection, facial deepfake detection). The machine-learning architecture includes layers defining multiple scoring components, including sub-architectures for speaker deepfake detection, speaker recognition, facial deepfake detection, facial recognition, and lip-sync estimation engine. The machine-learning architecture extracts and analyzes various types of low-level features from both audio data and visual data, combines the various scores, and uses the scores to determine the likelihood that the audiovisual data contains deepfake content and the likelihood that a claimed identity of a person in the video matches to the identity of an expected or enrolled person.

Abstract: The invention is applicable for use in conjunction with a system that includes connected vehicle communications in which vehicles in the system each have an onboard processor subsystem and associated sensors, the processor subsystem controlling the generation, transmission, and receiving of messages communicated between vehicles for purposes including crash avoidance. A method is set forth for determining, by a given vehicle receiving messages, the occurrence of misbehavior, including the following steps: processing received messages by performing a plurality of plausibility determinations to obtain a respective number of plausibility measurements; determining at least one context for the region at which the given vehicle is located; weighting the plurality of plausibility measurements in accordance with values determined from the at least one context to obtain a respective plurality of plausibility indicator values; and deriving a misbehavior confidence indicator using the plausibility indicator values.

Abstract: In one embodiment, data at rest is securely stored. A data safe performing data plane processing operations in response to requests of received read data requests, received write data requests, and received read information responses, with the data safe being immutable to processing-related modifications resulting from said performing data plane processing operations. In one embodiment, performing these data plane processing operations does not expose any pilot keys outside the data safe in clear form nor in encrypted form. The pilot keys are used to encrypt information that is subsequently stored in a storage system. One embodiment uses pilot keys to encrypt data that is subsequently stored in a storage system. One embodiment uses data cryptographic keys to encrypt data, uses the pilot keys to cryptographically-wrap (encrypt) the data cryptographic keys, and stores the cryptographically wrapped data keys and encrypted data in a storage system.

Abstract: Systems, computer program products, and methods are described herein for mapping information security configurations across technology platforms. The present invention is configured to electronically receive, from a computing device associated with a technology infrastructure, one or more responses to one or more queries; extract one or more security information and event management (SIEM) fields from the one or more responses; map the one or more SIEM fields to a generic content schema of a common information security model; generate a unique SIEM map for the technology infrastructure based on at least mapping the one or more SIEM fields to the generic content schema of the common information security model; generate a use case for the technology infrastructure using the common information security model; and transform the use case generated using the common information security model using the unique SIEM map.

Abstract: Preference data is received. The received preference data is compared to stored preference data associated with a user with which the received preference data is associated. A determination is made whether to authorize an action based at least on the comparison. The preference data is received as a selection.

Abstract: A method includes receiving a request to execute bytecode that corresponds to secured program code, the secured program code including an encrypted version of the bytecode. Based on receiving the request to execute the bytecode, the method resolves the request, the resolving including identifying a location on disk of the secured program code. Based on resolving the request, a license file for decrypting the encrypted version of the bytecode for execution is accessed, the license file including an encrypted key-value. The encrypted key-value is used in decrypting the encrypted version of the bytecode to obtain decrypted bytecode, where the decrypting places the decrypted bytecode in working memory, and the decrypted bytecode is executed.

Abstract: Disclosed herein are techniques for protecting web applications from untrusted endpoints using remote browser isolation. In an example scenario, a browser isolation system receives a request from a client browser executing on a client device to connect with a remote application accessible via a private network. A surrogate browser is provided to facilitate communications between the client browser and the remote application. A security policy is enforced against the communications.

Abstract: Systems and methods are disclosed that receive data at an electronic computing device. The data can include phrases that can be transformed according to an algorithm to generate a masked version of the phrases. The masked version can be transmitted to a third party system for securing. The secured version can be received from the third party system. A secured filter representative of the received data can be generated based on the received secured version.

Abstract: Systems and methods are disclosed for generation of secure indexes that permit the querying or searching of encrypted data in a cryptographically-secure manner. In various embodiments, a filter gradient comprises a node identifier, a set membership filter, and an ordered genealogy (such that it comprises a filter that encodes a subset of the items encoded by its parent), and a FiG tree is a rooted tree with filter gradients (and, optionally, one or more dictionaries) as nodes such that each filter gradient uses a different hash. A HiiT data structure, in various embodiments, comprises a hash table that points to the rows of an inverted index table. In various embodiments, an oblivious pseudorandom function may be employed to mask, secure, and prepare the phrases for insertion into the secure indexes.

Abstract: Techniques to facilitate protection of web application components are disclosed herein. In at least one implementation, a plurality of web resources associated with a web applications is received. The plurality of web resources is processed to generate individual generalized code templates for each of the web resources by removing data constants and code formatting elements from the web resources. A set of the individual generalized code templates for each of the web resources is stored in a probabilistic data structure. A security web module comprising the probabilistic data structure having the set of the individual generalized code templates for each of the web resources stored therein is deployed to protect the web application.

Abstract: The invention is applicable for use in conjunction with a system for connected vehicle communications in which each vehicle in the system is issued a limited number of unique pseudonym certificates that are used by the vehicle to establish trust in messages sent by the vehicle by signing each message with a pseudonym certificate. A method is set forth for selecting a pseudonym certificate for use, from among the vehicle's pseudonym certificates, so as to protect the privacy of the vehicle's activity against attacks by eavesdroppers, including the steps of: tracking and storing vehicle location data; computing, from inputs that include the vehicle location data, the vehicle's relative achievable anonymity in particular geographical regions; prioritizing the pseudonym certificates; and selecting a pseudonym certificate for use from among the pseudonym certificates having a priority that is determined by the relative achievable anonymity for the geographical region in which the certificate is to be used.

Abstract: In one embodiment, data at rest is securely stored. A data safe performing data plane processing operations in response to requests of received read data requests, received write data requests, and received read information responses, with the data safe being immutable to processing-related modifications resulting from said performing data plane processing operations. Performing these data plane processing operations does not expose any pilot keys outside the data safe in plaintext form nor in encrypted form. The pilot keys are used to encrypt information that is subsequently stored in a storage system. In one embodiment, the information encrypted and decrypted by the data safe includes data structure instances including feature-preserving encrypted entries generated using feature-preserving encryption on corresponding plaintext data items.

Abstract: Techniques are provided for detecting a malicious script in a web page. Instrumentation code is provided for serving to a client computing device with a web page. The instrumentation code is configured to monitor web code execution at the client computing device when a script referenced by the web page is processed. Script activity data generated by the instrumentation code is received. The script activity data describes one or more script actions detected by the instrumentation code at the client computing device. Prior script activity data generated by a prior instance of the instrumentation code is obtained. A malicious change in the script is detected based on comparing the script activity data and the prior script activity data. In response to detecting the malicious change in the script, a threat response action is performed.

Abstract: Systems and methods for permitting software presence/configurations to function as a factor in a multi-factor authentication scheme so that a user's access to a different software program/application is conditioned on the presence of certain pre-specified software or software configurations that would otherwise not be necessary for access and/or operation of the different software program/application. Generally, by confirming the presence/configuration of the pre-specified software on a computing device, the system ensures that a user, in one embodiment, may only access the different software program/application with the proper configuration of the pre-specified software.

Abstract: A computer-implemented method comprises accessing, by a networking hardware device, identity awareness data for a plurality of client computing devices and device security policies of a plurality of IoT computing devices from at least one distributed data repository; authenticating, by the networking hardware device, a client computing device requesting access to at least one Internet of Things (IoT) computing device, based on the accessed identity awareness data; establishing, at the networking hardware device, firewall rules based on the accessed device security policies; creating, by the networking hardware device, a session for the authenticated client computing device to communicate with the at least one IoT computing device, wherein creating a session comprises posting information relating to the session as authentication session information to the at least one distributed data repository.

Abstract: A method for imaging includes illuminating a vehicle undercarriage with illumination in an atmospheric absorption band, imaging the vehicle undercarriage to form an image, wherein scanning includes filtering out illumination returned from the vehicle undercarriage that is outside the atmospheric absorption band. The method includes forming an image with the filtered illumination returned from the vehicle undercarriage.

Abstract: An assessment query may be received and analyzed to identify relevant assessment attributes and select a set of associated assessment resources. Assessment information may be extracted from the set of associated assessment resources. The extracted information may be used to identify additional relevant assessment attributes that may be utilized to extract additional assessment information. The extracted information may be used to generate a comprehensive threat assessment report. The threat assessment report, and the threat assessment, may be updated based on user feedback.

Abstract: A keyless access system for securely authorizing access to a resource via a dynamic interface that user equipment (“UE”) may access using a changing access identifier without the UE installing or executing any specialized applications or code. The secure authorization of visitor access may include periodically modifying the access identifier, providing access activation data with a first access identifier to a UE in response to a triggering action, providing the dynamic interface to the UE in response to the access activation data automatically directing a browser of the UE to the first access identifier, receiving UE authorization data that is entered using a keypad or login screen of the dynamic interface, and providing access to the resource based on the first access identifier being associated with the resource, the UE authorization data authorizing access to the resource, and the access being provided before an expiration time.