Abstract: A method relates to distributing user credentials in a distributed physical access control system, and more generally to distributing user credentials in a distributed system. A method may include storing a user credential database (DB), a first transformed credential DB and a second transformed credential DB for authenticating users to access a first and a second service provided by the device. The method may include generating the first transformed credential DB and the second transformed credential DB based on the user credential DB and comparing a credential received from a user to the first or the second transformed credential DB to determine whether to grant access to the first or the second service. The method may include distributing the user credential DB to a plurality of other devices connected in a network for the other devices to generate transformed credential DBs for authenticating users to access services.

Abstract: According to one embodiment, a threat detection system is integrated with at least a dynamic analysis engine. The dynamic analysis engine is configured to automatically detect a function call by an application, responsive to detecting the function call, analyze contents located at one or more addresses located within a portion of memory allocated for the application, and, based on the analysis, determine whether one or more objects included in received network traffic is associated with a return-oriented programming (ROP) exploit.

Abstract: A security management system may be remotely deployed (e.g., using a cloud-based architecture) to add security to an enterprise network. For example, the security management system may scan assets within the enterprise network for vulnerabilities and may receive data chunks from these scans. The security management system may also receive data chunks from other sources, and, as a result, the system may handle data chunks having many different formats and attributes. When the security management system tries to associate data chunks to assets, there may not be a globally unique identifier that is applicable for all received data chunks. Provided in the present disclosure are exemplary techniques for tracking assets across a network using an asset correlation engine that can flexibly match data chunks to assets based on the attribute or attributes that are available within the data chunks.

Abstract: According to one embodiment, a threat detection system is integrated with at least a dynamic analysis engine. The dynamic analysis engine is configured to automatically to detect potential shellcode at a first storage location within a region of memory allocated for an application, conduct a first search at one or more storage locations prior to the first storage location within the region of allocated memory for at least one or more patterns, conduct a second search at one or more storage locations subsequent to the first storage location within the region of allocated memory for at least one or more patterns, detect a first pattern at one or more storage locations prior to the first storage location within the region of allocated memory, and detect a second pattern at one or more storage locations subsequent to the first storage location with the region of allocated memory, wherein at least one of the first pattern or the second pattern is absent from a predefined list of patterns.

Abstract: A request is received to access protected data from a data access requesting party. Authentication text to be read aloud is then generated and transferred to a first computing system associated with the data access requesting party. The authentication text is then displayed on the first computing system. The access requesting party is then requested to read the authentication text aloud and first audio data is obtained from a first audio detection capability associated with the first computing system and second audio data is obtained from a second audio detection capability associated with a second computing system associated with a data access requesting party. The authentication text is then compared to the first audio data and the second audio data and, if the data matches, the data requesting party is provided access to the protected data.

Abstract: A router is provided. The router includes a packet marking unit that inserts marking information generated based on an address of the router into a packet received by the router, according to a packet marking probability that is dynamically set, and a marking probability determination unit that calculates filtering efficiency of the router, and determines the packet marking probability based on the filtering efficiency. The marking information is used to obtain the address of the router by a device that has received the packet containing the marking information.

Abstract: The invention is directed to a tamper-evident method of encrypting data relating to one or more print cartridges installed in an imaging device that includes triggering a gathering of data relating to the one or more print cartridges installed in the imaging device; recording a number of instances the triggering is performed; retrieving a previously encrypted data relating to the one or more print cartridges installed in the imaging device, the previously encrypted data gathered at a time prior to the triggering; and encrypting the gathered data using the previously encrypted data.

Abstract: In accordance with the exemplary embodiments of the invention there is at least a method and apparatus to perform operations including triggering by user terminal device a new streaming server to generate new user-specific security keys; receiving at the user terminal device from the new streaming server a new security key specific for the new streaming server; generating at the user terminal device for the streaming server user-specific security keys; and using the new user-specific security keys generated at the user terminal device with the new streaming server for a previously established streaming service.

Abstract: A computer-implemented method for detecting selective malware attacks is described. A website visited by a user is identified based on a number of visits to the website satisfying a predetermined threshold. A web crawl is performed on the identified website. Results of the web crawl are analyzed to determine whether the identified website includes a malicious software attack designed to selectively attack visitors to the website.

Abstract: A method and apparatus for verifying data for use on an aircraft. A plurality of digital certificates associated with the data is received by a processor unit. The processor unit verifies the data for use on the aircraft using a selected number of the plurality of digital certificates.

Abstract: A system and method for facilitating users to obfuscate user credentials in credential responses for user authentication are disclosed. A string sequence may be presented to a user for prompting the user to input credential characters sequentially but not continuously. The string sequence may comprise a set of prompt strings containing a prompt character sequence associated with the user and a set of noise strings that do not contain the prompt character sequence. The individual prompt strings in the set of prompt strings may be composed by obfuscating the prompt sequence among noise characters. A user credential response may be received and a user provided credential may be extracted from the received user credential for user authentication.

Abstract: A method and apparatus for verifying data for use on an aircraft. A plurality of digital certificates associated with the data are received by a processor unit. The processor unit determines whether one of the plurality of digital certificates is compromised. The processor unit selects a selected number of the plurality of digital certificates in response to a determination that the one of the plurality of digital certificates is compromised. The processor unit verifies the data for use on the aircraft using the selected number of the plurality of digital certificates.

Abstract: To address the security requirements for cyber-physical systems, embodiments of the present invention include a resilient end-to-end message protection framework, termed Resilient End-to End Message Protection or REMP, exploiting the notion of the long-term key that is given on per node basis. This long term key is assigned during the node authentication phase and is subsequently used to derive encryption keys from a random number per-message sent. Compared with conventional schemes, REMP improves privacy, message authentication, and key exposure, and without compromising scalability and end-to-end security. The tradeoff is a slight increase in computation time for message decryption and message authentication.

Abstract: A method and apparatus for forming and distributing quantum encryption keys. A first quantum signal generated by a number generator in a communicator is transmitted through an aperture in the communicator to a receiving communicator. A second quantum signal is received through the aperture at the communicator from a transmitting communicator. The first quantum signal is isolated from the second quantum signal such that the first quantum signal is transmitted from the communicator in response to the first quantum signal passing through the aperture and such that the second quantum signal is received at a number detector in the communicator in response to the second quantum signal passing through the aperture.