Abstract: Computer systems and methods for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols are discussed herein.

Abstract: Techniques are provided for client-side security key generation. An initial request is received from an application executing on a client device. The application includes a security component includes security code. In response to the initial request, a key component is generated. The key component includes one or more parameters from which a valid security key can be generated at the client device by executing the security code. The key component is provided to the client device. A security key associated with a request from the client device to an application server is received. The security key is checked for validity. In response to determining that the security key is valid, processing of the request by the application server is caused.

Abstract: A computer-implemented method for securing a content server system is disclosed. The method includes identifying that a request has been made by a client computing device for serving of content from the content server system; serving, to the client computing device and for execution on the client computing device, reconnaissance code that is programmed to determine whether the client computing device is human-controlled or bot-controlled; receiving, from the reconnaissance code, data that indicates whether the client computing device is human-controlled or bot-controlled; and serving follow-up content to the client computing device, wherein the make-up of the follow-up content is selected based on a determination of whether the client computing device is human-controlled or bot-controlled.

Abstract: Systems and methods for securing or encrypting data or other information arising from a user's interaction with software and/or hardware, resulting in transformation of original data into ciphertext. Generally, the ciphertext is generated using context-based keys that depend on the environment in which the original data originated and/or was accessed. The ciphertext can be stored in a user's storage device or in an enterprise database (e.g., at-rest encryption) or shared with other users (e.g., cryptographic communication). The system generally allows for secure federation across organizations, including mechanisms to ensure that the system itself and any other actor with pervasive access to the network cannot compromise the confidentially of the protected data.

Abstract: This document describes, among other things, a computer-implemented method that can include receiving, from a web server system, web page code to be provided over the internet to a computing device. The web page code can correspond to a particular web page served by the web server system. The method may include generating an intermediate representation of at least a portion of the web page code, and comparing the intermediate representation to a prior intermediate representation of the particular web page. Based on a result of the comparison, the method can include determining what portion of the web page code to analyze for re-coding of the web page code before serving the web page code to the computing device.

Abstract: In a speaker recognition apparatus, audio features are extracted from a received recognition speech signal, and first order Gaussian mixture model (GMM) statistics are generated therefrom based on a universal background model that includes a plurality of speaker models. The first order GMM statistics are normalized with regard to a duration of the received speech signal. The deep neural network reduces a dimensionality of the normalized first order GMM statistics, and outputs a voiceprint corresponding to the recognition speech signal.

Abstract: Techniques to facilitate detection of real user interaction with mobile applications are disclosed herein. In at least one implementation, a mobile application that generates a web service request is executed on a wireless communication device. The wireless communication device executes a client security component of the mobile application to include user behavior attributes in the web service request, and utilizes a mobile application programming interface to transfer the web service request including the user behavior attributes for delivery to a web server. The web server executes a server security component of a web service to extract the user behavior attributes from the web service request and process the user behavior attributes to determine whether or not the mobile application is being operated by a human user.

Abstract: A system comprises a web-cloud security subsystem that hosts, manages, and analyzes data related to a plurality of hosted applications that provide at least one of physical access control, surveillance, alarm management, visitor management, and elevator management; at least one physical security subsystem that exchanges data with a corresponding hosted application of the web-cloud security subsystem; and a real-time control and monitoring device that provides secure access of the web-cloud security subsystem.

Abstract: A method for implementing controller area network (CAN) communications between a plurality of CAN nodes using a single radio frequency (RF) coax cable is provided. In an aspect, a hardware interface (e.g., an electronic circuit) may be coupled to each of the plurality of CAN nodes. The hardware interface may receive a CAN signal from a first CAN node. The hardware interface may convert the CAN signal to a single RF signal and transmit the RF signal to a second CAN node over the single RF coax cable. Moreover, the hardware interface may transmit a CAN feedback signal received over the RF coax cable to the first CAN node. In an aspect, the hardware interface may include an amplitude modulation (AM) modulator, an AM detector, and a bandpass filter.

Abstract: Aspects of the invention determining a threat score of a call traversing a telecommunications network by leveraging the signaling used to originate, propagate and terminate the call. Outer-edge data utilized to originate the call may be analyzed against historical, or third party real-time data to determine the propensity of calls originating from those facilities to be categorized as a threat. Storing the outer edge data before the call is sent over the communications network permits such data to be preserved and not subjected to manipulations during traversal of the communications network. This allows identification of threat attempts based on the outer edge data from origination facilities, thereby allowing isolation of a compromised network facility that may or may not be known to be compromised by its respective network owner.

Abstract: An approach for enforcing standards regarding security vulnerabilities for an endpoint user device associated with a user includes collecting, at an inline frame implemented with a web application, endpoint health data of the endpoint user device in response to the user interfacing with the web application through the endpoint user device, generating endpoint health intelligence from the endpoint health data, the endpoint health intelligence indicating endpoint security health of the endpoint user device, generating a first endpoint health notification comprising the endpoint health intelligence, and notifying an administrator of network with the first endpoint health notification.

Abstract: Techniques for code modification for automation detection are described. Web code is obtained corresponding to content to be served to a first client device in response to a first request from the first client device. Instances of a particular programmatic element in the web code are identified. In response to the first request, modified web code is generated from the web code by consistently changing the particular programmatic element to a modified programmatic element throughout the web code. The modified web code is caused to be provided to the first client device in response to the first request from the first client device. A communication is received from the first client device that is made in response to the modified web code. The communication includes an attempt to interact with the particular programmatic element that exists in the web code but not in the modified web code.

Abstract: A system and method for intercepting commands issued to a host server. An agent is installed on the host server and configured to intercept commands issued to the host server and to transmit indications of said commands to a collector for logging and evaluation. The collector includes rules for determining whether a command issued to the host is to be blocked. Collector rules may be informed by supplementary information from third party information systems. The agent queries the collector for whether a command is to be blocked, and also include rules for blocking commands without evaluation by the collector. Indications of intercepted commands are stored by the collector in databases accessible by an administrator for monitoring activity on the host server and for configuring rules for blocking commands issued to the server.

Abstract: Techniques are described herein for detecting malicious program code stored on computer devices before the code can be executed to potentially compromise a computer network. In an embodiment, a method comprises receiving, at a computer device, a file containing instructions in a programming language; based on a syntax of the programming language, parsing the file to generate parsed information, and based on the parsed information, generating a syntax tree for the file; identifying one or more alphanumeric strings in the syntax tree, and based on the alphanumeric strings, generating a syntax string for the syntax tree; generating a hash digest by applying a piecewise hashing to the alphanumeric strings in the syntax string; determining whether the hash digest indicates that the file contains potentially malicious code; in response to determining that the hash digest indicates that the file contains the potentially malicious code, performing a responsive action.

Abstract: In one embodiment, data at rest is securely stored. A data safe performing data plane processing operations in response to requests of received read data requests, received write data requests, and received read information responses, with the data safe being immutable to processing-related modifications resulting from said performing data plane processing operations. In one embodiment, performing these data plane processing operations does not expose any pilot keys outside the data safe in clear form nor in encrypted form. The pilot keys are used to encrypt information that is subsequently stored in a storage system. One embodiment uses pilot keys to encrypt data that is subsequently stored in a storage system. One embodiment uses data cryptographic keys to encrypt data, uses the pilot keys to cryptographically-wrap (encrypt) the data cryptographic keys, and stores the cryptographically wrapped data keys and encrypted data in a storage system.

Abstract: A method provides a graphical interface for a computer system and includes receiving window information from each domain of multiple domains in which applications execute. Based on the received window information, the method builds the graphical interface on a graphics device of the computer system from graphics data provided from the multiple domains to the graphics device. The graphics device includes a GPU and graphics memory having multiple graphics memory portions, where each domain is dedicated a respective different graphics memory portion and is given write access thereto. The building issues commands to the graphics device that instruct the GPU to composition together graphics data from graphics memory portion(s) to thereby composition together graphics data from each of two of more domains of the multiple domains. The method also includes issuing commands to the graphics device to output the graphical interface to a set of one or more display devices.

Abstract: Techniques to facilitate securing web services from unauthorized access are disclosed herein. In at least one implementation, user interactions with a web service are monitored, and sets of the user interactions are generated per originator based on origination information associated with the user interactions. The sets of the user interactions are processed to identify credentials used to access the web service per originator. The credentials used to access the web service per originator are compared with compromised credentials stored in a database to identify one or more user accounts of the web service associated with an originator that used the compromised credentials found in the database. Security measures are applied for at least the one or more user accounts of the web service associated with the originator that used the compromised credentials found in the database.

Abstract: Obtaining, in association with origination of outbound network traffic to be sent by a system, user account information of a user account on behalf of which the outbound network traffic is generated, and performing filtering of the outbound network traffic based on the obtained user account information of the user account on behalf of which the outbound network traffic is generated, where the filtering is further based on one or more rules, and the filtering includes determining whether to block or allow sending of the outbound network traffic from the system.

Abstract: An API call filtering system filters responses to API call requests received, via a network, from UEs. The API call filtering system is configured to require personalized API call requests wherein each API call (except for some minor exceptions) includes a unique UE identifier (“UEIN”) of the UE making the request. Using the UEIN, the web service or other service protected by the API call filtering system can be secured against excessive request iterations from a set of rogue UEs while allowing for ordinary volumes of requests of requests the UEs, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria.

Abstract: Techniques to facilitate detection of whether or not applications are executed on physical devices are disclosed herein. In at least one implementation, a mobile application that generates a web service request is executed on a computing system. The computing system executes a client security component of the mobile application to collect attributes associated with the computing system and an operating environment on which the mobile application is executing, and utilizes a mobile application programming interface to transfer the web service request including the attributes for delivery to a web server. The web server executes a server security component of a web service to extract the attributes from the web service request and process the attributes to determine whether or not the mobile application is being executed on a physical mobile device.