Abstract: A method, apparatus and program product utilize Domain Name Service (DNS) prefetching in a recursive DNS server, e.g., to mitigate Distributed Denial of Service (DDoS) attacks on a DNS service.

Abstract: The method provides a multi system trust chain between a client system and a remote system in a secure connection, wherein an intermediary system associated with the network flow path serves as a signing entity to establish an end to end transitive trust. The intermediate system is a corroborative entity in the operations technology (OT) realm of the client system. The remote system serves as the host for a plurality of services in the information technology (IT) realm. A two way handshake during the initial secure exchange protocol between a local client application and a remote service is extended to a three way handshake that includes a nonce issued by the remote service on the remote system and a digital signature for the nonce issued by a signature service on an associated intermediate system. The nonce signature is verified authoritatively at the remote system based on the signing certificate of the intermediate system for explicit proof of association.

Abstract: A method, apparatus and program product utilize Domain Name Service (DNS) prefetching in a recursive DNS server, e.g., to mitigate Distributed Denial of Service (DDoS) attacks on a DNS service.

Abstract: An electronic device and a method for detecting a malicious file are provided. The method includes the following steps: An executable file is searched, and an import table is extracted from the executable file. The import table includes at least a name of a first DDL and a name of a second DDL. A distance between the first DLL and the second DLL is calculated. Whether the distance exceeds a threshold is determined. If the distance exceeds the threshold, then whether a duplicate content of the import table exists in the executable file is checked. The executable file is regarded as a malicious file if the duplicate content of the import table exists in the executable file.

Abstract: A monitoring system monitors authentication sessions both on the air interface between the terminals and the network, and on at least one wired network-side interface between network-side elements of the network. The monitoring system constructs a database of sets of network-side authentication parameters using network-side monitoring. Each set of network-side authentication parameters originates from a respective authentication session and is associated with the International Mobile Station Identity (IMSI) of the terminal involved in the session. In order to start decrypting the traffic of a given terminal, the system obtains the off-air authentication parameters of that terminal using off-air monitoring, and finds an entry in the database that matches the air-interface authentication parameters. From the combination of correlated network-side and off-air authentication parameters, the processor is able to extract the parameters needed for decryption.

Abstract: A method for secure cloud storage of user data includes deriving, using content of the user data and a secret key stored by a server, an encryption key, encrypting, using the derived encryption key, the user data to provide encrypted user data, applying an all-or-nothing transform on the encrypted user data to produce blocks of transformed encrypted user data, partitioning the blocks of transformed encrypted user data to data partitions, creating, for each of the data partitions, an authenticator, and performing data deduplication on the transformed encrypted user data.

Abstract: In some embodiments, a method is provided for storing data in a storage device associated with a first electronic device. The first electronic device can receive a request for data from a remote electronic device. The request for data can include pairing information, which can be used to confirm the remote electronic device as an approved paired device. The request for data can also include authentication information, which can be used to authenticate the request for data. The first electronic device can retrieve the data from the storage device and transmit the data in encrypted form to the remote electronic device.

Abstract: The present disclosure generally relates to managing access to credentials. In some examples, an electronic device authorizes release of credentials for use in an operation for which authorization is required. In some examples, an electronic device causes display of one or more steps to be taken to enable an input device for user input. In some examples, an electronic device disambiguates between commands to change the account that is actively logged-in on the device and commands to cause credentials to be released from the secure element.

Abstract: A reputation of an installer may be determined based on contextual information including its source (e.g., its publisher), a cryptographic signature or certificate, a process that carried out its download, a user that initiated its download, whether the installer has been previously vetted by a security policy, and so forth. A corresponding reputation may then be inferred for each of the computer objects contained within the installer, such that the reputation remains with the computer objects if/when they are unpacked on an endpoint. Each of the computer objects may then be unpacked for individual analysis (e.g., a static analysis) regarding each object's compliance with a security policy, thereby producing a second reputation for each computer object. A decision whether to execute the installer/objects, e.g., during an installation process, may then be made by reconciling the reputation of the installer and the second reputation for each computer object.

Abstract: The present invention relates to methods, systems and apparatus for mitigating denial of service attacks. One exemplary embodiment in accordance with the invention is a method of operating a communication system including the steps of receiving at a first device packets of a first packet flow; sending, from the first device, control information to a switch through which packets of the first packet flow pass or to a control device which controls the switch, the control information including a mask corresponding to a range of expected packet values to be used for determining which packets in the first packet flow should be dropped.

Abstract: On a computer system, a shell is invoked, through which a plurality of commands and/or scripts can be executed. Individual ones of the plurality of commands and/or scripts are validated. Given individual ones of the plurality of commands and/or scripts, for which the validation is successful, are executed via the shell.

Abstract: Provided is a user authentication method including reproducing sound data of which a sound source in a first position of a space around a user is virtually localized using a Head-Related Transfer Function (HRTF) of the user toward the user, acquiring a second position of the space around the user, the second position being estimated by the user who has listened to the reproduced sound data as a position of the sound source; and authenticating the user according to a coincidence between the first position and the second position.

Abstract: Systems, computer products, and methods are described herein for improvements for identifying if an interaction between a user and an entity have been misappropriated. A classical computer may be utilized to analyze data inputs related to a particular interaction and to determine if the interaction is potentially misappropriated based on a trigger activated by one or more of the inputs. If the classical computer identifies that the interaction is potentially misappropriated, then the inputs may be provided to a quantum optimizer to analyze the inputs in greater depth in order to provide a more in depth analysis of the interaction. Because the quantum optimizer is able to analyze more inputs than a classical computer it can provide a more accurate analysis of the interaction. For example, the quantum optimizer assigns qubits to the inputs and analyzes the inputs to determine if the potentially misappropriated interaction is likely misappropriated or not.

Abstract: A method for protecting encrypted data may includes encrypting, by a client terminal, the sensitive data by using a key in response to receipt of the sensitive data; sending the encrypted sensitive data to a provider server through a first request and obtaining a unique tag corresponding to the sensitive data; and sending the key and the unique tag to the provider server through a second request so that the provider server decrypts the sensitive data corresponding to the unique tag by using the key. The first request and the second request are different requests. Since the client terminal sends the encrypted sensitive data and the key to the provider server respectively in different requests, if others intercept the encrypted sensitive data, it is difficult to intercept the key carried in another request, and the encrypted sensitive data cannot be decrypted. Thus security of the sensitive data is protected.

Abstract: Techniques allow identification of credential fields in a credential form on a web page that can be stored in a credential manager database to allow a credential manager application to fill the credential fields with saved credentials managed by the credential manager.

Abstract: Systems and methods are described for securely and efficiently processing electronic content. In one embodiment, a first application running on a first computing system establishes a secure channel with a second computing system, the secure channel being secured by one or more cryptographic session keys. The first application obtains a license from the second computing system via the secure channel, the license being encrypted using at least one of the one or more cryptographic session keys, the license comprising a content decryption key, the content decryption key being further encrypted using at least one of the one or more cryptographic session keys or one or more keys derived therefrom.

Abstract: An intermediary can securely migrate a security credential between systems despite different underlying encoding technologies used for authentication by the system. This intermediary can also securely migrate an identity between different authentication technologies. A secure login interface program code that is digitally signed by the intermediary is provided in advance to devices that will source authentication requests. The interface program code is at least secure because it has been digitally signed by the intermediary. An instance of the secure interface program code directs authentication requests entered into the interface instance to the intermediary, which is at least identified by the digital signature. After a successful authentication by a destination system identified by the authentication request, the intermediary can migrate the authenticated security credential to a migration target.

Abstract: An interaction method includes scanning, by a client, a target two-dimensional code to acquire a uniform resource locator (URL) in the target two-dimensional code; sending, by the client, the URL to a third-party server; receiving, by the client, multifunction interaction information that is returned from the third-party server according to the URL, wherein each piece of the multifunction interaction information includes interaction type information; and interacting, by the client, with the third-party server based on the multifunction interaction information.

Abstract: One embodiment provides a system for event space communication infrastructure, including: a plurality of mobile infrastructure devices; each of the plurality of mobile infrastructure devices being associated with one or more predetermined users; each of the plurality of mobile infrastructure devices comprising a wireless communication device that: broadcasts a unique identifier associated with a predetermined user; detects a response from at least one client mobile device; switches into a communication mode after detecting the response; and establishes data exchange with the at least one client mobile device. Other aspects are described and claimed.

Abstract: Approaches presented herein enable dynamic security policies through a plurality of application profiles. More specifically, a mobile device can open a profile of a plurality of profiles, each associated with an unlock credential and a security scope, in response to an unlock credential associated with that profile. All these profiles can be opened in a single user session and can be swapped within the session in response to an unlock credential corresponding to the desired profile. When the mobile device receives a request to open a digital item, the digital item is compared to a security scope of the opened profile to determine whether access to the digital item is permitted, and, in response to the determination, access to the digital item is permitted or denied. A list of digital items permitted to be accessed in each profile can be synchronized to a list received from a mobile device manager.