Abstract: Methods, systems, and apparatuses for secure communications in a communications system through a secure database (SDB) using random numbers including, one-time use random number cipher keys.

Abstract: Examples of the present disclosure describe systems and methods for a behavioral threat detection engine. In examples, the behavioral threat detection engine manages execution of one or more virtual machines, wherein each virtual machine processes a rule in relation to a context. The behavioral threat detection engine uses any of a variety of techniques to identify when events occur. Accordingly, the behavioral threat detection engine provides event indications, in the form of event packets, to one or more virtual machines, such that corresponding rules are able to process the events accordingly. Eventually, a rule may make a determination as to the presence or absence of a behavior. As a result, execution of the associated virtual machine may be halted, thereby indicating to the behavioral threat detection engine that a determination has been made. Thus a behavioral threat detection engine employs a behavior-based approach to detecting malicious or potentially malicious behaviors.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for network monitoring, user account compromise determination, and user behavior database system. The system monitors network actions of user accounts including user account access across multitudes of network accessible systems, determines user account transitions, and determines different types of high-risk user behavior indicative of compromise. Network actions can be obtained from generated information by the network accessible systems, and correlated across additional data sets including contextual ones. User interfaces are generated describing network actions of user accounts, and are configured for user interaction, which cause generation of updated user interfaces and access to electronic data sources to determine information relevant to the user interaction.

Abstract: Disclosed herein are systems and methods for forming a log during an execution of a file with vulnerabilities. In one aspect, an exemplary method comprises, discovering an activation of a trigger during an execution of a thread of a process created upon opening the file, wherein the trigger describes conditions accompanying an event which relates to an attempt to exploit a vulnerability of the file, analyzing a stack of the process created upon opening the file, and discovering a chain of function calls preceding the event in a form of a sequence of call and return addresses, analyzing the discovered chain of function calls for fulfillment of conditions of the trigger which relate to the attempt to exploit the vulnerability, and when the conditions of the trigger are fulfilled, saving information about the chain of function calls in a log.

Abstract: Techniques for managing customer license agreements are described. In one embodiment, a user-specified resource metric of a license model and a user-specified limit of the user-specified resource metric are obtained. A request for permission to launch a new compute resource at a computing device of the provider network is obtained from a service within a provider network. The new compute resource having a property that is an amount of the user-specified metric. A determination is made that a launch of the new compute resource would cause the user-specified limit to be exceeded, and the request the request to launch the new compute resource is denied.

Abstract: A method of operating a privacy management system for managing personal data includes receiving a first input indicative of a first user activity in accessing personal data stored within a memory element. The method also includes creating an activity model based on the first input. The activity model is indicative of typical activity in accessing personal data stored in the memory element. The method further includes receiving a second input indicative of a second user activity in accessing personal data stored within the memory element. Also, the method includes recognizing, according to the activity model, the second user activity as being anomalous to the typical activity in accessing personal data stored in the memory element. Moreover, the method includes generating, as a result of recognizing the second user activity as being anomalous, a command that causes at least one of the client devices to perform an anomaly corrective action.

Abstract: Embodiments of a data transmission network device and methods of operating the same are disclosed. In one embodiment, the data transmission network device includes an encryption module and an RF transceiver. The encryption module is configured to receive data and encrypt the data so as to generate first encrypted data. The encryption module then encrypts the first encrypted data so as to generate second encrypted data. The RF transceiver is configured to generate an RF signal such that the second encrypted data is modulated onto the RF signal. By providing the double encryption in a single device, the data transmission network device has greater spectral efficiency and is a much more cost-effective solution than what is currently provided in the market. Furthermore, the encryption module can be disabled so that unsecure data can also be transmitted via the data transmission network device.

Abstract: The description relates to password reset security. One example can receive a login request and a password for a cloud-based user account. The example can also retrieve stored authenticated user information associated with the password. The example can further send a notification of the login request to a contact address associated with the cloud-based user account. The notification can contain at least some of the stored authenticated user information.

Abstract: A network device configured to communicate with a network executes a security protocol. The security protocol establishes a secure session with a security peer network device, exchanges security protected traffic with the security peer network device over a secure link, detects whether there is a security failure in the secure session, and upon detecting a security failure, signals there is a security failure. The network device also executes a routing protocol. The routing protocol maintains a routing table that includes a route to the security peer over the secure link, routes the security protected traffic along the route, and, upon receiving from the security protocol the signal that there is a security failure, removes the route from the routing table to stop the routing.

Abstract: A method is provided. The method is implemented by a secure interface control of a computer that prevents unauthorized accesses to locations in a memory of the computer. The secure interface control determines that a host absolute page is not previously mapped to a virtual page in accordance with securing the host absolute page and a host virtual page is not already mapped to an absolute page in accordance with securing the host absolute page.

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). Embodiments herein provide method and system for end-to-end security over signaling plane in a mission critical data (MCData) communication system. The proposed method includes various ways of securing MCData data payload transmitted over signaling plane using short data service (SDS). The proposed method allows usage of multiple security keys to encrypt the MCData SDS message as per the requirements. Various Keys such as, signaling plane key or media plane key or a dedicated MCData data payload signaling key can be used independently or in a combination thereof to achieve the desired security context. The proposed method allows protection of all the application level components with the signaling plane security context.

Abstract: In some embodiments, a method receives a packet at an instance of a distributed firewall associated with one of a plurality of workloads running on a hypervisor. Each of the plurality of workloads has an associated instance of the distributed firewall. An index table is accessed for the workload where the index table includes a set of references to a set of rules in a rules table. Each workload in the plurality of workloads is associated with an index table that references rules that are applicable to each respective workload. The method then accesses at least one rule in a set of rules associated with the set of references from the rules table and compares one or more attributes for the packet to information stored for the at least one rule in the set of rules to determine a rule in the set of rules to apply to the packet.

Abstract: An encryption device includes hardware processors to: acquire a public key including an identification polynomial f(t) and a multivariable indeterminate equation X having elements of a ring Fp[t]/g(t) as coefficients; disperse and embed a message m as coefficients of plaintext polynomial factors mi having, as coefficients, polynomials with a limited degree among the elements of the ring; generate a plaintext polynomial M by multiplying the plaintext polynomial factors mi; randomly generate a random polynomial r having as a coefficient an element of the ring; randomly generate a noise polynomial e having as coefficients polynomials with a limited degree among the elements of the ring; and generate a ciphertext by encryption processing of performing an operation including adding, subtracting, or multiplying the identification polynomial f(t), the random polynomial r, the noise polynomial e, and the multivariable indeterminate equation X to, from, or by the plaintext polynomial M.

Abstract: A server is provided for managing access of an electronic entity to a communications network. The server includes a contact point in operable communication with the electronic entity. The contact point is configured to receive a network access granting request message from the electronic entity. The server further includes a processing module, configured to process the received network access granting request message, validate trust indicators contained within the network access granting request message, authorize access of the electronic entity to the network upon validation of the trust indicators, and transmit a response message to the electronic entity indicating a level of access to the network that has been authorized.

Abstract: Systems and method of identifying malware in backups are provided. Backups are subjected to analysis for malware signatures based on malware signature files that are received after the backup is produced. This approach allows the distinction between clean and infected restore points. The testing of backups for malware infection may be performed by a backup provider or an third party.

Abstract: Technologies are provided for clockless physically unclonable functions (PUFs) in reconfigurable devices. Embodiments of the disclosed technologies include processing circuitry configured to perform numerous operations. The operations can include receiving a challenge continuous pulse signal, and generating a response continuous pulse signal by iteratively extending the challenge continuous pulse signal in time-domain. In some configurations, the iteratively extending includes generating a next continuous pulse signal by operating on a prior continuous pulse signal according to a stretching function, and generating a second next continuous pulse width signal by operating on the next continuous pulse signal according to a folding function.

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). Embodiments herein provide method and system for end-to-end security over signaling plane in a mission critical data (MCData) communication system. The proposed method includes various ways of securing MCData data payload transmitted over signaling plane using short data service (SDS). The proposed method allows usage of multiple security keys to encrypt the MCData SDS message as per the requirements. Various Keys such as, signaling plane key or media plane key or a dedicated MCData data payload signaling key can be used independently or in a combination thereof to achieve the desired security context. The proposed method allows protection of all the application level components with the signaling plane security context.

Abstract: A trusted server receives a request for an activation code, which includes an identifier associated with the trusted server and a one-time password, for a client device. The trusted server obtains the identifier from a public server, generates the one-time password, and combines the one-time password with the identifier to create the activation code. The trusted server provides the activation code to a provisioning client, which presents the activation code to the client device. The trusted server and client device secure a communication session using the one-time password as a shared secret. The trusted server downloads trusted cryptographic information to the client device over the secure communication session.

Abstract: In various embodiments, a method for performing a lattice-based cryptographic operation is provided. The method includes obtaining a noise polynomial, a secret polynomial and a public polynomial, disguising at least one of the noise polynomial, the secret polynomial and the public polynomial by means of multiplying it with a random blinding polynomial, calculating the sum of the noise polynomial with the product of the public polynomial and the secret polynomial based on the disguised at least one polynomial, and determining a result of the lattice-based cryptographic operation based on the calculated sum of the noise polynomial with the product of the public polynomial and the secret polynomial.

Abstract: A decoding apparatus includes a plurality-of-bits decoding part configured to receive an input vector obtained by adding a message encrypted by a trapdoor function and an error vector including an element(s) conforming with a discrete Gaussian distribution, and decode a plurality of bits from a lower bit of the message based on the input vector in correctness with a predetermined probability; and a confirmation calculation part configured to determine in parallel whether the decoded plurality of bits are correct or not, wherein the message is encrypted by taking an inner product with a vector including a power of two as an element(s).