Abstract: A method, including collecting information on data transmitted at respective times between multiple endpoints and multiple Internet sites having respective domains, and acquiring, from one or more external or internal sources, maliciousness information for the domains. An access time profile is generated based on the times of the transmissions to the domains, and a popularity profile is generated based on the transmissions to the domains. A malicious domain profile is generated based on the acquired maliciousness information, and the collected information is modeled using the access time profile, the popularity profile and the malicious domain profile. Based on their respective modeled collected information, one or more of the domains is predicted to be suspicious, and an alert is generated for the one or more identified domains.

Abstract: Aspects of the present invention disclose a method, computer program product, and system for detecting and mitigating adversarial virtual interactions. The method includes one or more processors detecting a user communication that is interacting with a virtual agent. The method further includes one or more processors determining a risk level associated with the detected user communication based on one or more actions performed by the detected user while interacting with the virtual agent. The method further includes one or more processors in response to determining that the determined risk level associated with the detected user communication exceeds a risk level threshold, initiating, a mitigation protocol on interactions between the detected user and the virtual agent, where the mitigation protocol is based on the actions performed by the detected user while interacting with the virtual agent.

Abstract: A computing device receives information content, which is rendered in a predefined display area of the display. When the information content satisfies predefined conditions privacy requirement), the computing device generates a shielding layer for the information content before rendering the shielding layer and displays the shielding layer on top of the display area such that the information content becomes invisible. Subsequently, the computing device receives a shielding layer hiding instruction from a user of the computing device. In response to the shielding layer hiding instruction, the computing device hides the shielding layer from the display area and restores the shielding layer on top of the display area after a predefined hiding period in accordance with a shielding layer hiding mechanism.

Abstract: Systems and methods are disclosed for generating one or more hardware reference keys (HRK) on a computing device, and for attesting to the validity of the hardware reference keys. An initial hardware reference key can be a silicon attestation key (SIK) generated during manufacture of a computing system, such as a system-on-a-chip. The SIK can comprise an asymmetric key pair based at least in part on an identifier of the processing system type and a unique identifier of the processing system. The SIK can be signed by the computing system and stored thereon. The SIK can be used to generate further HRKs on the computing device that can attest to the processing system type of the computing device and an operating system version that was running when the HRK was generated. The computing device can generate an HRK attestation (HRKA) for each HRK generated on the computing system.

Abstract: The present specification relates to a method for transmitting data by a first neighbor awareness networking (NAN) device in a wireless communication system. The method for transmitting data may comprise the steps of: performing a service discovery for a first service with a second NAN device through a service discovery frame (SDF); and exchanging data for the first service with the second NAN device on the basis of the performed service discovery. Here, when at least one of authentication and association is required in transmitting the data for the first service, attribute information which is required for the data transmission among information on authentication attributes and information on association attributes may be included in the service discovery frame.

Abstract: A risk analysis system and method that groups the attributes or components of assets together if the components face the same threats and vulnerabilities based upon the components, component properties, property values, and security controls of the asset. The risk analysis system and method creates different component groups if the components face different security risks. The risk analysis system and methods provides a more efficient, robust, detailed, and user friendly risk analysis.

Abstract: Certain embodiments described herein are generally directed to performing receive side scaling at a virtual network interface card for encapsulated encrypted data packets based on an security parameter index value of the encapsulated encrypted data packets.

Abstract: Embodiments include methods and systems for detecting security risks in network pages, comprising providing at least one secure transaction page to a secure transaction provider, the secure transaction page enabling the secure transaction provider to request secure transactions, determining a request rate for the secure transaction page associated with the secure transaction provider, determining a predetermined threshold for a change in request rate for the secure transaction page by the secure transaction provider, determining that the predetermined threshold, for the change in request rate for the secure transaction page by the secure transaction provider, has been exceeded, and providing a notification to the secure transaction provider based on the determination that the predetermined threshold, for the change in request rate for the secure transaction page by the secure transaction provider, has been exceeded.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account.

Abstract: Providing joint access to an isolated computer object by both an isolated computer application and a non-isolated computer application. In one embodiment, a method may include executing a first computer application as a virtualized first computer application in an isolation layer, executing a second computer application as an actual second computer application in an operating system outside the isolation layer, creating a virtualized second computer object in the isolation layer in a location accessible to the virtualized first computer application, creating a gateway third computer object associated with the virtualized second computer object, storing the gateway third computer object outside the isolation layer in a location accessible to the operating system, and enabling joint access to the gateway third computer object by both the virtualized first computer application and the actual second computer application.

Abstract: A method includes generating a first media file that includes a plurality of first media file segments, generating a second media file as a copy of the first media file, the second media file includes a plurality of second media file segments, embedding a first watermark with the plurality of first media file segments, embedding at least one second watermark with the plurality of second media file segments, generating a manifest file based on a portion of the plurality of first media file segments and a portion of the plurality of second media file segments, the manifest file including a plurality of addresses each referencing a media file segment, and encrypting each of plurality of addresses.

Abstract: A system and method are described in which a document transaction management platform coordinates performance of trust actions across a plurality of trust service providers. For example, a method can include operations executing on a connector module in communication with a digital transaction management platform and a trust service provider, such as the following. Receiving, from the digital transaction management platform, a transaction request including a token and a requested trust action. Accessing user information for a recipient involved in the requested trust action using the token. Obtaining, from the digital transaction management platform, transaction data associated with the requested trust action. Coordinating, with the trust service provider, performance of the trust action on at least a portion of the transaction data. Transmitting, to the digital transaction management platform, a proof received from the trust service provider confirming performance of the trust action.

Abstract: A digital certificate based information security realization method and system are provided. The method includes: separately issuing a digital certificate for a cloud management host, a physical cloud computing host and a virtual cloud computing machine; and carrying out a compliance authentication according to a corresponding digital certificate when the cloud management host, the physical cloud computing host and the virtual cloud computing machine start up or are in the running process. By using a digital certificate trust chain technology for reference and combining with a cloud management system, the digital certificate based information security realization method and system provided in embodiments of the present disclosure realize trusted systems of the cloud management system, the physical host and the virtual machine; beside, by putting emphasis on the security protection of the host platform of a system itself, the security of a virtual cloud platform is improved.

Abstract: A system and method are described in which a document transaction management platform coordinates performance of trust actions across a plurality of trust service providers. For example, a method can include operations such as send a first transaction request, selecting a first trust provider, facilitating performance of a first trust action, sending a second transaction request, selecting a second trust provider, and facilitating performance of a second trust action. Sending the first transaction request can include a first trust action associated with an electronic document. Selecting the first trust provider to execute the first trust action occurs in response to a first user accepting the first transaction request. Performance of the first trust action is facilitated through the first trust provider. Sending the second transaction request can include a second trust action associated with the electronic document.

Abstract: The present invention provides a method for detecting a website attack, comprising: selecting multiple uniform resource locators (URLs) from history access records of a website; clustering the multiple uniform resource locators; and generating a whitelist from the multiple uniform resource locators according to a clustering result. In some embodiments of the present invention, a common OWASP attack at URL level can be checked.

Abstract: An anti-tamper system includes a first object, second objects, and an anti-tamper circuit that includes conductive networks and a control unit. Each conductive network includes: conductive modules, each of which is sandwiched between the first object and a corresponding second object; and conductive connection members which are coupled to the conductive modules in such away that at least the conductive modules and the conductive connection members cooperatively form a corresponding electrical path sequentially going through the second objects. The control unit detects damage of each electrical path, and initiates a predetermined action upon detecting the damage.

Abstract: According to an example, security and access control may include receiving traffic that is related to an application tier of a plurality of application tiers, and that is to be routed to another application tier or within the application tier. The attributes of the traffic related to the application tier may be analyzed, and based on the analysis, an application related to the traffic and a type of the traffic may be determined. The type of the traffic may be compared to a policy related to the application to determine whether the traffic is valid traffic or invalid traffic. Based on a determination that the traffic is valid traffic, the valid traffic may be forwarded to an intended destination. Further, based on a determination that the traffic is invalid traffic, the invalid traffic may be forwarded to a predetermined destination or blocked.

Abstract: A system and method are described in which a document transaction management platform coordinates performance of trust actions across a plurality of trust service providers. For example, a system including one or more processors, working memory, persistent storage device and a network connect executes instructions to evaluate a policy including multiple rules controlling performance of trust actions. The instructions when executed cause the system to perform operations including processing a first transaction request including a first trust action, evaluating the first transaction request to determine a type of the first trust action, selecting, based on applying the policy against the type of the first trust action, a trust provider rule from the plurality of trust provider rules, and facilitating performance of the first trust action according to the selected trust provider rule.