Abstract: A method of tokenizing sensitive data from a terminal device includes receiving, a connection request comprising a hardware serial number associated with a terminal device and validating the hardware serial number associated with the terminal device. The method includes sending a command to a terminal device that causes the terminal device to display a prompt for sensitive data associated with a user interacting with the terminal device and receiving an encrypted data packet from the terminal device. The encrypted data packet includes the sensitive data. The method includes sending the encrypted data packet to a gateway system for tokenization, receiving a token that represents the sensitive data, and providing the token to the terminal device.

Abstract: The system obtains a multimodal dataset containing different types of data gathered during operation of the computer system, wherein the multimodal dataset includes time-series data for different variables associated with operation of the computer system. Next, the system forms a set of feature groups from the multimodal dataset, wherein each feature group comprises variables from the multimodal dataset containing the same type of data. The system then computes a tripoint similarity matrix for each feature group, and aggregates the tripoint similarity matrices for the feature groups to produce a crossmodal tripoint similarity matrix. Next, the system uses the crossmodal tripoint similarity matrix to cluster the multimodal dataset to form a model. The system then performs prognostic-surveillance operations on real-time multimodal data received from the computer system, wherein the prognostic-surveillance operations use the model as a classifier to detect anomalies.

Abstract: A method for detecting spoofing attacks from network traffic log data is presented. The method includes training a spoofing attack detector with the network traffic log data received from one or more mobile networks by extracting features that are relevant to spoofing attacks for training data, building a first set of vector representations for the network traffic log data, training an anomaly detection model by employing DAGMM, and obtaining learned parameters of DAGMM. The method includes testing the spoofing attack detector with the network traffic log data received from the one or more mobile networks by extracting features that are relevant to spoofing attacks for testing data, building a second set of vector representations for the network traffic log data, obtaining latent representations of the testing data, computing a z-score of the testing data, and creating a spoofing attack alert report listing traffic logs generating z-scores exceeding a predetermined threshold.

Abstract: In some aspects, control circuitry receives, at a content provider server that is associated with a first subscription service, a first authentication key from a content aggregator server that is associated with a second subscription service, prior to the user subscribing to the first subscription service. The control circuitry generates and stores, at the content provider server, the first user account after comparing the first authentication key to acceptable authentication. In response to storing the first user account, the control circuitry receives a request from the content aggregator server to subscribe the user to the first subscription service, wherein the request includes a second authentication key.

Abstract: Examples of the present disclosure describe systems and methods for determining exploit prevention software settings using machine learning. In aspects, exploit prevention software may be used to identify processes executing on a computing device. Metadata for the identified processes may be determined and transmitted to a machine learning system. The machine learning system may use an exploit prevention model to determine exploit prevention configuration settings for each of the processes, and may transmit the configuration setting to the computing device. The computing device may implement the configuration settings to protect the processes and monitor the stability of the protected processes as they execute. The computing device may transmit the stability data to the machine-learning system. The machine-learning system may then modify the exploit prevention model based on the stability data.

Abstract: A real-time event processing system receives event data containing telemetric data and one or more personal identifiers. The personal identifier in the event data is replaced with an obfuscated value so that the telemetric data may be used without reference to the personal identifier. A reversible map is used to reverse the obfuscated personal identifier to its original value. In the case when a request is received to delete the mapped personal identifier, the link to the entry in the reversible map is broken by associating the personal identifier with a different obfuscated value.

Abstract: Methods, systems, and apparatus for providing secure communication. The device includes a secure element for generating application key pairs. The device includes a trusted environment that is physically or logically isolated from an untrusted environment. The trusted environment includes one or more processors configured to perform operations of an application. The operations include generating an application key pair. The application key pair includes a secure element private key and a secure element public key. The operations include sending an application authentication request including one or more device identifiers and the secure element public key to a server. The operations include obtaining a digital certificate that includes the secure element public key and the one or more device identifiers. The operations include providing the digital certificate to a second device and establishing a secure communication channel between the device and the second device using the digital certificate.

Abstract: A first network namespace and second network namespace are created in a computing instance of a computer system, with the second network namespace being accessible to the first network namespace via an interface. A service is executed in the first namespace and an encoder is executed in the second namespace, with the encoder transforming media from one format to another format. Communication from the encoder to the service is regulated via the interface.

Abstract: Techniques allow identification of credential fields in a credential form on a web page that can be stored in a credential manager database to allow a credential manager application to fill the credential fields with saved credentials managed by the credential manager.

Abstract: The present disclosure is directed to a novel system for using a distributed blockchain ledger to conduct, manage, and store application assessment data. In particular, computing systems may be used to perform assessments on the various applications within the enterprise environment and store the assessments as data records within the blockchain. The entity system may further comprise one or more blockchain interjectors which may trigger the addition of updated data records for one or more application assessments in the blockchain. In this way, the system provides for a highly efficient way to perform application assessments.

Abstract: The invention provides a generic operating system for coordinating, controlling and/or influencing the activities of a device. The invention is implemented using a blockchain platform with which the operating system is arranged to interact. The blockchain may be the Bitcoin blockchain. In a preferred embodiment, the device is an Internet of Things (IOT) device. The invention provides a computer-implemented control system and corresponding method for controlling a device, the system comprising a device configured for wireless communication with a network and having an IP address and a public-private key cryptographic key pair associated with the device; a software-implemented control component arranged to monitor the state of a blockchain network and/or transmit blockchain Transactions to the blockchain network; and a set of instructions arranged for execution by the control component to control the functionality of the device.

Abstract: An application login password input method and a terminal, where the method includes, obtaining, by the terminal, biometric feature information of a user, determining, according to the biometric feature information, whether the user has login permission, obtaining voice information of the user, determining, according to the voice information after it is determined that the user has the login permission, password information corresponding to the voice information, and inputting the password information into a password input box of the application. Hence, in combination with the biometric feature information of the user, password information input security is ensured, password information input accuracy can be improved, an operation is easy and convenient, and burdens of the user can be reduced.

Abstract: A method, apparatus and computer-readable medium for testing a target device. A fuzzer and a monitor are connected to the target device via a tactical bus. The fuzzer records messages sent from a source device to the target device over the tactical bus, creates a first fuzzed message having a data structure of the recorded message, and sends the first fuzzed message to the target device over the tactical bus. A fuzzer monitor monitors the target device for an anomalous response to the first fuzzed message, and determines a vulnerability of the target device from the response to the first fuzzed message.

Abstract: In a control terminal device for controlling a plurality of devices, when account information is registered in a first device which is one of the plurality of devices, after completion of registration of account information in the first device, a second device in which the account information is not registered is searched, and the account information is registered in the searched second device.

Abstract: A walled garden system includes a firewall controlling access between a first network and a second network at least by allowing connection requests originating from a user device on the first network to a destination IP address on the second network in response to determining that the destination IP address matches a cleared IP address on a cleared IP addresses list. A controller receives a domain name service (DNS) reply from a DNS server on the second network, and determines whether a domain name specified within the DNS reply matches a cleared domain name on a cleared domain names list. In response to determining that the domain name specified within the DNS reply matches the cleared domain name on the cleared domain names list, the controller adds a resolved IP address specified in the DNS reply to the cleared IP addresses list as a new cleared IP address.

Abstract: Provided is a user authentication method including reproducing sound data of which a sound source in a first position of a space around a user is virtually localized using a Head-Related Transfer Function (HRTF) of the user toward the user, acquiring a second position of the space around the user, the second position being estimated by the user who has listened to the reproduced sound data as a position of the sound source; and authenticating the user according to a coincidence between the first position and the second position.

Abstract: Embodiments of the present systems and methods may provide additional security mechanisms inside an operating system kernel itself by isolating parts of the kernel to protect them from attacks. For example, in an embodiment, a computer-implemented method implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor, the method may comprise: creating a namespace in an operating system kernel-space in the memory of the computer, creating an address space for the namespace that maps only kernel objects owned by the namespace, and providing access to kernel objects owned by the namespace only to the least one user process using the combined page table.

Abstract: A method and system for predicting subsequent cyber-attacks in attack campaigns are provided. The method includes receiving events data related to cyber-attacks occurring in a network during a predefined time window; extracting at least one sequence from the received events data at least one attack vector; generating a sequence signature for each of the at least one extracted sequence; comparing each sequence signature to a representation of historic sequence signatures to determine at least partially matching sequence signature; and based on the matching sequence, determining at least one subsequent cyber-attack in a respective sequence.

Abstract: Systems and methods for authentication with resistance to replay attacks are provided. A device may be used to capture image data of a physical token to authenticate or identify a user. Authentication information may be obtained by processing and analyzing the captured image data. Data about a state of the imaging device and the captured image data may be used for fraud detection. The data may be collected when the image data is processed and analyzed. The state of the imaging device and captured image data are unlikely to be repeated. The detected repetition of a state of the imaging device and captured image data may be a cause for increasing the likelihood that a replay attack is taking place. The device may be used to perform a transaction.

Abstract: A method performed by a wireless device (110) includes determining whether a first message received from a network node (160) includes an Authentication and Key Management for Applications (AKMA) key indicator and, based on whether the first message includes the AKMA indicator, determining whether to generate AKMA key material for the authentication procedure with the network.