Abstract: Systems and methods for content filtering are provided. According to one embodiment, a self-extracting archive is received with an electronic mail (email) message. Prior to delivery of the email message, a determination is made regarding whether a file contained in the archive may be malicious or undesired. A type of archive and associated structure of the archive are determined by examining identification bytes stored within a header portion of the archive that identify the type of archive. Based on the type and associated structure, for each contained file, descriptive information, including a checksum of the file in uncompressed form, a size of the file in uncompressed form and/or a size of the file in the compressed form, is extracted from the header portion. A file is identified as potentially malicious or undesired when the descriptive information matches a detection signature of a known malicious or undesired file.

Abstract: The presently claimed invention relates generally to gaining access to secure systems. One claim recites an apparatus including: an image or video sensor for capturing image or video data; and a multi-purpose computer processor configured to: decode machine-readable information encoded in captured image or video data representing a plurality of physical objects, each instance of machine-readable information includes identifying information; determine an order in which the physical objects are presented to the image or video sensor for evaluation via the identifying information; and comparing the order to a predetermined sequence to determine whether to allow access to a remotely located computerized system. The apparatus may be housed, e.g., in a cell phone. Other combinations and claims are provided as well.

Abstract: A solution is provided for associating network traffic traversing on a networked environment according to a selected category item, such as a user name or other network entity identity-related information, by using a monitor device. The solution includes: obtaining user information from the directory service by obtaining at least one set of user object attributes from the directory service; identifying at least one authentication exchange packet from packets traversing on the networked environment; extracting a user ID and a network address from the authentication exchange packet; filtering or selecting packets traversing on the network environment that each have a network address equivalent to the extracted network address; and associating packets that were selected with user information having a name attribute equivalent to the extracted user ID.

Abstract: A method, apparatus, and system for proactive forced renewal of content protection implementations in devices. The method includes, on a first substantially periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation; wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and wherein the new content protection implementation comprises a new key to supersede the existing key for facilitating presentation of protected content. On a second substantially periodic basis, the method includes automatically pushing revocation data to the device, the revocation data to identify a plurality of revoked keys, each revoked key of the plurality of revoked keys comprising a key that has been superseded by the new key of the new content protection implementation.

Abstract: Method and apparatus to monitor and detect anomalies of information content flows, the method comprising the steps of capturing information access packets, filtering packets to extract information, decoding packets to determine information content, deriving content signatures, trending prototypical behavior, and detecting anomalies of information access, and said apparatus comprising a computing device comprising a network based device that captures the information and produces anomaly information.

Abstract: The present invention provides a virtual network, sitting “above” the physical connectivity and thereby providing the administrative controls necessary to link various communication devices via an Access-Method-Independent Exchange. In this sense, the Access-Method-Independent Exchange can be viewed as providing the logical connectivity required. In accordance with the present invention, connectivity is provided by a series of communication primitives designed to work with each of the specific communication devices in use. As new communication devices are developed, primitives can be added to the Access-Method-Independent Exchange to support these new devices without changing the application source code. A Thread Communication Service is provided, along with a Binding Service to link Communication Points. A Thread Directory Service is available, as well as a Broker Service and a Thread Communication Switching Service. Intraprocess, as well as Interprocess, services are available.

Abstract: When a resource-limited device (such as a mobile telephone) joins a network associated with an enterprise, the agent in the device generates digital signatures for all the files in the device and sends them to an enterprise controller. The controller compares them to the global signature database; it filters out the sensitive digital signatures and feeds them back to the agent in the device. The agent receives the feedback of digital signatures and consolidates them into its own local signature database. The agent analyzes each file that is attempting to be output from the device according to the local signature database and DLP policy. If the signature of the file is present in the local database then the action to output file is blocked. If a new file is created on the device, the agent generates and sends its digital signature to the controller for inspection. If the signature is sensitive, this new digital signature will be placed into the local signature database.

Abstract: A communications protocol is used to provide data privacy, message integrity, message freshness, and user authentication to telemetric traffic, such as to and from implantable medical devices in a body area network. In certain embodiments, encryption, message integrity, and message freshness are provided through use of token-like nonces and ephemeral session-keys derived from device identification numbers and pseudorandom numbers.

Abstract: A data integrity system including a transmitter, having a TX pseudorandom function generator, a TX switching function having a transmitting option and a TX combiner operative to receive, from a Host, an initialization data entity including at least one word, [TA1], in an initialization phase, to receive, during normal operation, two data entities of interest each including at least one data word of interest [TA2] and [TA3] respectively; to receive a first data entity including at least one word [TC1] comprising a randomized data entry, from the TX pseudorandom function generator, to generate a first XOR sum of the initialization data entity's word [TA1] and the at least one randomized data entity [TC1], in at least one iteration of an initialization phase; and, during normal operation, to generate and to output a second XOR sum [TA2?TC2=TB2] and a third XOR sum [TA3?TC3=TB3], wherein TB2 and TB3 are randomized data entities, wherein the words TA1, TA2 and TA3 are operative to initialize the data integrity sys

Abstract: Disclosed is an apparatus (500) for generating a second compressed video stream (550) having a second resolution, from a first compressed video stream (540) having a first resolution. The apparatus comprises means (513) for extracting transform domain luma data and spatial domain chroma data from the first compressed video stream (540), means (514-516) for applying a transform domain operation to the luma data to form reconstructed transform domain luma data, means (518, 519, 560) for applying a spatial domain operation to the chroma data to form reconstructed spatial domain chroma data, and means for scaling the reconstructed transform domain luma data and reconstructed spatial domain chroma data to generate the second compressed video stream.

Abstract: A system for external monitoring of networked digital file sharing to track predetermined data content, the system comprising: at least one surveillance element for deployment over said network, said surveillance elements comprising: surveillance functionality for searching said digital file sharing and identification functionality associated with said search functionality for identification of said predetermined data content, therewith to determine whether a given file sharing system is distributing said predetermined data content.

Abstract: A dynamic multimedia fingerprinting system is provided. A user requests multimedia content from a Web cache server that verifies that the user is authorized to download the content. A custom fingerprint specific to the user is generated and dynamically inserted into the content as the content is delivered to the user. The custom fingerprint can be generated on the Web cache server or at the content provider's server. The system allows a content provider to specify where the custom fingerprint is inserted into the content or where the fingerprint is to replace a placeholder within the content.

Abstract: An apparatus detects a motion vector using image data to be encoded, and a plurality of reference image data. The apparatus conducts a motion vector search for first reference image data using a large block obtained by dividing the image data to be encoded, and divides the large block into a smaller block size at the position of a smallest matching error. The apparatus determines a block size used in a motion vector search for another reference data based on matching errors in the small blocks.

Abstract: There are provided methods and apparatus for adaptive reference filtering of bi-predictive pictures in multi-view coded video. An apparatus includes an encoder (100) for encoding a current picture as a bi-predictive picture. The encoder (100) performs adaptive filtering of at least one reference picture to respectively obtain at least one filtered reference picture, and bi-predictively codes the current picture using the at least one filtered reference picture. The at least one reference picture is a picture wherein at least one sample thereof is used for inter-prediction either of subsequent to the least one sample being applied to an in-loop filter or in an absence of the at least one sample being applied to an in-loop filter. Reference filter coefficients for the adaptive filtering are determined responsive to at least one of luma values and chroma values of pixels grouped based on at least one of depth and disparity and motion.

Abstract: Methods and apparatus for applying a single virtual private network (VPN) address to tunnels or connections associated with different access interfaces are disclosed. In one embodiment, a method includes establishing a first tunnel between a node and a VPN server. The first tunnel has a first address. The method also includes assigning a VPN address to the first tunnel, as well as establishing a second tunnel between the node and the VPN server. The second tunnel has a second address. The VPN address is assigned to the second tunnel, and VPN address is accessed by both the first address and the second address.

Abstract: A method, system, and medium are provided for formatting video frames such that a region of interest is emphasized and the video frames can be encoded, communicated, and rendered without excessive processing burdens. A region of interest is identified in a video frame and a feature mask is created that represents the region of interest. The feature mask can be used to crop the video frame to remove background images that are not within the region of interest and the cropped video frame can be overlayed on a simulated background before being encoded and communicated to a display device.

Abstract: An image coding apparatus calculates an image change rate with respect to input image data, predicts an average activity appropriate for a coding target picture that is included in the input image data based on the image change rate, and normalizes an activity using the predicted value of the average activity. Based on the normalized activity, the image coding apparatus performs a quantization of the image data.

Abstract: Dynamically selecting an endpoint for a tunnel into an enterprise computing infrastructure. A client dynamically selects a gateway (which may alternatively be referred to as a boundary device or server) as a tunnel endpoint for connecting over a public network (or, more generally, an untrusted network) into an enterprise computing infrastructure. The selection is made, in preferred embodiments, according to least-cost routing metrics pertaining to paths through the enterprise network from the selected gateway to a destination host. The least-cost routing metrics may be computed using factors such as the proximity of selectable tunnel endpoints to the destination host; stability or redundancy of network resources for this gateway; monetary costs of transmitting data over a path between the selectable tunnel endpoints and destination host; congestion on that path; hop count for that path; and/or latency or transmit time for data on that path.

Abstract: One or more techniques and/or systems are disclosed for providing recommendations for an add-on to a base program operating on a computing device, thus allowing a user to make a more informed decision as to whether to allow the add-on to be installed or not. To make the recommendation, collection software is queried for information about an add-on when installation or instantiation of the add-on is detected on the computing device. Information about the add-on is collected by the collection software, which comprises one or more add-on detection programs. A recommendation for applying the add-on (or not) is generated using the collected information, where the recommendation comprises a ranking based on detection program prioritization.

Abstract: A method and apparatus for group session key and establishment using a certified migration key are described. In one embodiment, the method includes exporting of a protected certified migration key (CMK) to a target platform. In one embodiment, exporting of the protected CMK requires that the target platform is authorized for participation in a group and has a storage key, including attributes that comply with the group security policy. Once the protected CMK is exported, in one embodiment, a group master key is encrypted with a public portion of the CMK to form a protected group master key. Subsequently, the protected group master key is transmitted to the target platform. In one embodiment, possession of the group master key enables the target platform to participate in a secure group communication session. Other embodiments are described and claimed.