Abstract: A method performing anonymous hardware attestation. A local software monitor is loaded at an originating device. The local software monitor may receive at least a command to execute at least a program and execute the at least a program by performing a series of authentications. Originating device activates a secure computing module located within originating device to generate a secure proof a device specific secret of the originating device. The originating device generates a digital signature conferring a credential on the local software module. The originating device deactivates the secure computing module upon generating the digital signature.

Abstract: Techniques are provided herein for classifying domains based on DNS traffic so that domains that are malicious or associated with malicious activity can be identified. Traffic between one or more domain name system (DNS) resolvers and one or more authoritative name servers hosted on the Internet is analyzed analyzing at a server having network connectivity. A mismatch between a hostname and Internet Protocol (IP) information for the hostname is detected in the traffic and domains included in the traffic are classified based on the detecting.

Abstract: Methods and systems for event detection include defining a plurality of conditions that represent one or more synthetic events. Data from a plurality of data sources is aggregated across a period of time, multiple attack surfaces, and geographically distinct locations. The aggregated data is matched to the conditions to determine whether a synthetic event has occurred. A response to the synthetic event is formed to resist an attack.

Abstract: In a system for facilitating detection of vulnerabilities in a deployed software application, a software component (also called a self-scanning component) is provided for integration with the software application. The self-scanning component is configured to detect one or more conditions associated with the deployment of the software application and, upon the detection of such condition(s), to collect and/or transmit at least a portion of the application code to a vulnerability scanner. The self-scanning component can receive a vulnerability report from the scanner and can present the report or an analysis of the report. The presentation can be a display or inclusion of the report or analysis thereof in a log generated by the software application.

Abstract: This document discloses a heuristic data analytics method and system for analysing potential information security threats in information security events. In particular, the heuristic data analytics method and system analyses Binary Large Objects (BLOBs) of structured and unstructured information security events at high speed and in real-time to anticipate potential security breaches that will occur in the near future using algorithms and large scale computing systems.

Abstract: Disclosed embodiments provide a temporary privacy mode for an electronic device. The user selects one or more regions of allowable content and/or unallowable content. The user then invokes a temporary privacy mode of the device. While the device is in the temporary privacy mode, only the allowable content is viewable on the display of the electronic device. The unallowable content is obfuscated or hidden from view. The third party therefore cannot see the content deemed private by the user. When the third party has completed review of the content, the user can exit the temporary privacy mode to return to normal operation.

Abstract: Technologies for USB controller state integrity protection with trusted I/O are disclosed. A computing device includes an I/O controller, a channel identifier filter, and a memory. The I/O controller generates a memory access to controller state data in a scratchpad buffer in the memory. The memory access includes a channel identifier associated with the I/O controller. The channel identifier filter determines whether a memory address of the memory access is included in a range of a processor reserved memory region associated with the channel identifier. A processor of the computing device may copy the controller state data to a memory buffer outside of the processor reserved memory region. The computing device may reserve an isolated memory region in the memory that includes the processor reserved memory region. Secure routing hardware of the computing device may control access to the isolated memory region. Other embodiments are described and claimed.

Abstract: Disclosed are systems, methods, and non-transitory computer-readable media for consuming, transforming and generating verified data sets. A verified data management system receives, from a client device, a request to generate a verified data set, and in response, accesses available verified data for a user associated with the client device. The verified data management system causes presentation of a listing of the available verified data on the client device and receives a selection of a subset of the available verified data to be included in the verified data set. The verified data management system generates the verified data set based on the subset of the available verified data and generates a unique identifier for the verified data set. The verified data management system provides the unique identifier to the client device, thereby enabling access of the verified data set.

Abstract: In an example, a method includes requesting cohort data for the cohort, computing a plurality of cohort data first accuracy metrics, adding a threshold percentage of noise data points to the cohort data, computing a plurality of cohort data second accuracy metrics, repeating the adding and computing the second accuracy metrics until a mathematical difference between one or more of the first accuracy metrics and the second accuracy metrics exceed a threshold value, and suppressing displaying the cohort data in response to the mathematical difference exceeding the threshold value.

Abstract: Identifying users is disclosed including, in response to receiving an account operating request of an account sent by a user device, obtaining a personal question from a personal questions database and sending the personal question to the user device, receiving, from the user device, a verification response to the personal question, and determining whether a current user is a user associated with the account based at least in part on the verification response and a corresponding standard response in the personal questions database, where the personal question obtained from the personal questions database and the corresponding standard response were generated based at least in part on account operating information of the user associated with the account.

Abstract: Embodiments of the present application disclose a method and system for identifying whether an application is genuine by means of digital watermarks, which can conveniently determine whether an application is genuine.

Abstract: A method for detecting a domain name that is associated with malicious behavior includes receiving domain data for a plurality of domain names including a first domain name and a plurality of similar domain names. The domain data includes a first attribute and a second attribute of the first domain name and the similar domain names. The first attribute of the first domain name is compared to the first attributes of the similar domain names to produce a first value. The second attribute of the first domain name is compared to the second attributes of the similar domain names to produce a second value. The first value and the second value are combined to produce a combined value. A likelihood that the first domain name is associated with malicious behavior is determined based on the combined value.

Abstract: Described embodiments provide systems and methods for initiating establishment of a connection. The system may include a device intermediary between a client and a server. The device may determine at least one server name indicator (SNI) for an application executing on the client and having a secure session established with the server. The device may determine, for each domain name corresponding to the at least one SNI, a session timeout value for the corresponding domain name. The device may send a message to the client according to each session timeout value, to cause the client to initiate establishment of a connection for the corresponding domain name using the secure session.

Abstract: Disclosed is a system and method for the monitoring and authorization of an optimization device in a network. In exemplary embodiments, an optimization device transmits an authorization request message to a portal to receive authorization to operate. The portal transmits an authorization response message to the optimization device with capability parameters for operation of the device, including at least one expiration parameter for the authorization. The optimization device sends updated authorization request messages to the portal with its device usage information, such that the portal can dynamically monitor the optimization device and continue to authorize its operation.

Abstract: A system and method for verifying entry credentials and activating/deactivating an access control system is disclosed herein. Particularly, the system and method include an embedded local control device attached or communicative with an electronic gate or lock. The control device is communicative with a remote access control management system, which is structured to receive, track and manage access tokens that can be used to control access to a gated community or other secured location. For each access token, a lookup key is generated, which is used in conjunction with a bijective transformation process to thereby generate a unique access code. The unique access code can be used to enter the electronic gate or lock, provided that any associated access restrictions, such as date and time, are also validated.

Abstract: A system and method includes establishing a trusted relationship between a first user using a first user device to access a collaboration platform and a second user using a second user device to access the collaboration platform. The method includes receiving, by the collaboration platform, a request from the first user device to establish the trusted relationship with the second user of the collaboration platform. The method also includes transmitting a first authentication code to the first user device responsive to the request. The method includes receiving a second authentication code from the second user device. The method further includes authenticating the second user to establish the trusted relationship between the first user and the second user of the collaboration platform responsive to determining the second authentication code received from the second user device matches the first authentication code transmitted to the first user device.

Abstract: A configuration in which usage control that is substantially similar to content usage control in a copy source medium can be performed in a content copy destination is implemented. A data processing unit that performs a copy process of recording data recorded on a first medium on a second medium records encrypted content in the first medium on the second medium, without decrypting the encrypted content. In addition, the data processing unit converts a CPS unit key file recorded on the first medium to generate a converted CPS unit key file and records the converted CPS unit key file on the second medium. Further, the data processing unit acquires an MKB not requiring KCD, which is capable of directly calculating a media key using only a device key, without using key conversion data (KCD) recorded on the first medium, from a server and records the MKB not requiring KCD on the second medium.

Abstract: A system is provided that determines a location of a user based on various criteria. The system may detect the location of a user based on the location of the user's voice and the location of the user's device, as determined using a beacon signal. The system may process data representing the user's voice and device locations using a model to determine a confidence that a user is at a particular location. Based on the determined location, the system may perform various actions.

Abstract: Disclosed are systems, apparatus, methods, and computer-readable storage media for providing access to an online social network. The online social network can be specific to an organization having one or more internal users. In some implementations, a request message is received from a requesting user to access social network data of the online social network. The requesting user is identified as an external user of the organization, and it is determined that the requesting user has an authorized status. Access to only a portion of the social network data is provided to the authorized requesting user.

Abstract: A system and method for security risk identification in a secure software lifecycle. A knowledge database has a plurality of security elements which are identified for a particular software application depending on software environment and prioritized in a task list. Code vulnerabilities are identified using code scanners, with security requirements updated based on identified vulnerabilities, lack of vulnerabilities for weaknesses covered by a code scanner, potential weaknesses not adequately covered by code scanners, and software environment changes.