Abstract: Methods and systems for performing on demand access transactions are disclosed. In one example, the method includes receiving, by a directory service computer from an authorizing computer, a file including a primary access identifiers and virtual access identifiers, the virtual access identifiers not being capable of being used at resource providers to conduct transactions. The method also includes receiving a request to provide an access token that is associated with an account, the request comprising information that identifies the account. The method further includes retrieving a virtual access identifier based on the identifying information; and requesting, by the directory service computer to a token service computer, that the access token be provisioned on the user device or an application computer associated with an application on the user device.

Abstract: In accordance with some embodiments, the method includes: receiving, via the one or more input devices, a request to access a resource protected by a verification code; after receiving the request to access the resource, receiving, at the electronic device, an electronic message; and after receiving the electronic message and while displaying, via the display device, a user interface for inputting the verification code: in accordance with a determination that the electronic message includes content that meets respective criteria, wherein the respective criteria include a format requirement that the electronic message includes content that matches a predetermined format, displaying an insertion affordance that, when selected, automatically inserts the content that matches the predetermined format as a verification code in the user interface.

Abstract: Techniques for providing innocent until proven guilty (IUPG) solutions for building and using adversary resistant and false positive resistant deep learning models are disclosed. In some embodiments, a system, process, and/or computer program product includes storing a set comprising one or more innocent until proven guilty (IUPG) models for static analysis of a sample; performing a static analysis of content associated with the sample, wherein performing the static analysis includes using at least one stored IUPG model; and determining that the sample is malicious based at least in part on the static analysis of the content associated with the sample, and in response to determining that the sample is malicious, performing an action based on a security policy.

Abstract: Embodiments are directed to surveying security environments. A subject index that includes entries may be generated based on a survey of a content system. A question of a client may be compared to entries in the subject index. A prompt associated with the content system may be generated based on the entries, the data sources, or the question. Query models may be employed to obtain data associated with the question from the data sources. Other prompts may be generated based on the data from the data sources to generate candidate answers based on the question and the data from the data sources. An evaluation prompt that includes the candidate answers and the question may be generated to rank the candidate answers for correctness. Answers may be determined based on the ranking of the candidate questions such that top ranked candidate answers are provided to the client.

Abstract: The present disclosure includes methods, devises and systems for preparing and installing one or more application keys owned by application owners in a remote device. The present disclosure further proposes methods, devices and systems for secure installation of subsequent application keys on a device utilising corresponding key derivation functions to associate an application with a respective policy and identifier using significantly lmv bandwidth for transfer of keys for execution of the respective application on the device.

Abstract: A method for providing oracle service of a blockchain network by using zero-knowledge proof includes steps of: (a) in response to feeder terminals registering data feeder transactions, including commitments generated with a commitment key and off-chain data, encrypted data generated by encrypting the off-chain data with a public key and data validation values proving with feeder zero-knowledge proof keys that the commitments are identical to the off-chain data, onto the blockchain network, the aggregator terminal acquiring at least one data feeder transaction therefrom; (b) the aggregator terminal verifying data validation values with its corresponding feeder zero-knowledge proof key, decrypting encrypted data with a private key, generating on-chain data from the decrypted data using a calculator and calculation validation values proving with an aggregator zero-knowledge proof key that the on-chain data is generated from the decrypted data, and registering the on-chain data and the calculation validation valu

Abstract: Techniques for an email-security system to screen emails, extract information from the emails, analyze the information, assign probability scores to the emails, and classify the emails as likely fraudulent or not. The system may analyze emails for users and identify fraudulent emails by analyzing the contents of the emails. The system may evaluate the contents of the emails to determine probability score(s) which may further determine an overall probability score. The system may then classify the email as fraudulent, or not, and may perform actions including blocking the email, allowing the email, flagging the email, etc. In some instances, the screened emails may include legitimate brand domain addresses, names, images, URL(s), and the like. However, the screened emails may contain a reply-to domain address that matches a free email service provider domain. In such instances, the email-security system may assign a probability score indicative that the screened email is fraudulent.

Abstract: Systems and methods for performing adaptive bitrate streaming using alternative streams of protected content in accordance with embodiments of the invention are described. One embodiment of the invention includes a processor, and memory containing a client application. In addition, the client application configures the processor to: request a top level index file identifying a plurality of alternative streams of protected content, where each of the alternative streams of protected content are encrypted using common cryptographic information; obtain the common cryptographic information; request portions of content from at least the plurality of alternative streams of protected content; access the protected content using the common cryptographic information; and playback the content.

Abstract: A method for verifying a worker agent includes receiving, by a core node, from a worker agent, a capability description describing a plurality of tasks and, for each of the plurality of tasks, (i) at least one parameter of the task and (ii) an outcome expected to be produced by performing the task. The method includes generating, based on the capability description, a plurality of request-output pairs, each representing a particular request and a corresponding baseline output expected to be produced upon processing the request. The core node receives, from the worker agent, a plurality of outputs, each of the plurality of outputs generated by the worker agent and corresponding to one of the plurality of request-output pairs. The core node compares the plurality of baseline outputs to the plurality of actual outputs to produce comparison output and determines whether to approve the worker agent based on the comparison output.

Abstract: A method may include determining an absence of an authorized attendee and/or a presence of an unauthorized attendee at a first client device engaged in a web conference session with a second client device. Data from the first client device may also be analyzed to determine a presence of unauthorized content. Remedial actions may be performed in response to determining the absence of an authorized attendee, the presence of an unauthorized attendee, and/or the presence of the unauthorized content. The remedial actions may include terminating, at the first client device, the capture and/or uploading of audio and/or video data. The remedial actions may also include terminating, at the second client device, the downloading and/or display of data from the first client device. The remedial actions may further include terminating, at a web conference server, the sending of data from the first client device to the second client device.

Abstract: A system includes a communication module that receives a request to post content to an event gallery associated with an event. The request in turn includes geo-location data for a device sending the content, and identification data identifying the device or a user of the device. The system further has an event gallery module to perform a first authorization operation that includes determining that the geo-location data corresponds to a geo-location fence associated with an event. The event gallery module also performs a second authorization operation that includes using the identification data to verify an attribute of the user. Finally, based on the first and second authorization operations, the event gallery module may selectively authorize the device to post the content to the event gallery.

Abstract: Internet of Things (IoT) device application workload capture is disclosed. A target IoT device is selected. A flow associated with the target IoT device is determined and tagged. Packets from the tagged flow are admitted into a ring buffer. An indication is received that an extraction should be performed on a portion of the packets included in the ring buffer.

Abstract: A key management system is disclosed, including: a control node; multiple computing nodes, all the multiple computing nodes are connected to the control node; and multiple Quantum Key Distribution (QKD) nodes, all the multiple QKD nodes are connected to the control node, and each QKD node is connected to one of the computing nodes, where each QKD node is configured to generate a root key, generate Key Encryption Keys (KEKs) between the QKD node and a plurality of other QKD nodes according to a first instruction sent by the control node, and generate, according to a second instruction sent by the control node, a Data Encryption Key (DEK) corresponding to a user on the computing node connected to the QKD node.

Abstract: A computer-implemented method is provided for statistical modeling of entities of a particular type. The method can include obtaining entity data including a plurality of entity data sets, each entity data set associated with a respective entity and including values for one or more static parameters indicative of a type of the entity. Each entity data set can include (i) values for input parameter(s) indicative of a security profile of the entity and (ii) a value of a security class parameter indicative of a security class of the entity based on the values of the input parameters. The method can include training a statistical classifier to infer a value of the security class parameter indicative of the security class of a particular entity of the particular type based on values of one or more of the input parameters indicative of a security profile of the particular entity.

Abstract: A system and method for inferring device types. A method includes selecting a device type inference model from among a plurality of device type inference models based on a manufacturer of a device, wherein each device type inference model corresponds to a respective manufacturer and is trained using training data of devices manufactured by the respective manufacturer, wherein each device type inference model is trained to output a device type prediction; and determining an inferred device type for the device, wherein determining the inferred device type for the device further comprises applying the selected device type inference model to a plurality of features, wherein the plurality of features is extracted from device activity data indicating ports used by the device and at least one volume of traffic communicated via each port used by the device.

Abstract: An apparatus and a method with image recognition-based security are disclosed. The method includes, for an unlocked terminal, tracking a face detected in a previous frame, detecting a background region change between the previous frame and a current frame based on a region of the tracked face, when the background region change is not detected, determining whether a state maintenance time fails to meet a preset time, in response to the state maintenance time failing to meet the preset time, determining an operation mode to be a first operation mode for determining whether recognition succeeds for the current frame, performing the first operation mode, including performing face detection with respect to the current frame, and maintaining the unlocked state of the terminal for the current frame when the face is detected as a result of the performing of the face detection, representing that the recognition succeeded for the current frame.

Abstract: A risk-aware access control system and related methods are provided. In accordance with one aspect of the present disclosure, there is a provided a method of risk-aware access control, comprising: detecting a request to perform an action with respect to two factors, the factors being of a factor type selecting people, devices, documents, and location, wherein the factors are of a different factor type; determining a coupling associated with the requested action based on the factors of the requested action; determining a risk level associated with the coupling; denying the requested action in response to a determination that the risk level does not match a security policy; and allowing the requested action in response to a determination that the risk level matches the security policy.

Abstract: A system may be configured to identify VPN traffic. Some embodiments may: obtain a plurality of default port numbers and/or protocol types; obtain information continually updated to indicate at least one of a predetermined host or DNS; and detect VPN traffic based on a used port number and/or used protocol type, the VPN traffic being generated based on user-interaction at a client device. The detection may be performed by comparing the port number or protocol type against the obtained port numbers or protocol types, the VPN traffic being detected from among a larger set of network traffic. Some embodiments may further: determine that the detected port number or protocol type indicates a higher level of security; filter the larger set of traffic by identifying the detected VPN traffic routed to the predetermined host or DNS; and block or otherwise disrupt the VPN traffic.

Abstract: Various embodiments comprise systems, methods, architectures, mechanisms and apparatus for caching and sharing client/device keys, session keys, and so on between APs of overlapping wireless networks operated by same or different wireless local areal network (WLAN) operators via one or more Neighbor Key Cache Servers (NKCSs) configured to store client device or session key data for client devices overlapping network boundaries so as to facilitate fast reauthentication between presently serving and target access points (APs) of the same or different WLAN operators. Neighbor reports data may comprise data based on WLAN/SSID from APs associated with each of a plurality of AP home regions and/or realm/Network Access Identifiers from APs associated with an overlapping network of a different WLAN operator.

Abstract: A system includes a plurality of electronic control units (ECUs) and a shared high security module (sHSM) separate from and connected to the plurality of ECUs over one or more private networks. At least one of the ECUs, over at least one of the plurality of private networks, authenticates a session with the sHSM and requests servicing during the authenticated session. The servicing includes encryption, decryption, or authentication, of a message designated to be handled by the at least one ECU and included in the request for servicing. The sHSM receives the message, performs the requested servicing of the message using capabilities onboard the sHSM, and publishes a serviced version of the message to a designated controller area network bus.