Abstract: Biometric keystroke measure data derived from a computer-implemented long form examination taken by an examinee is received. Features are the extracted from the biometric keystroke measure data for the examinee. A similarity value is then determined, using one or more of a direct distance approach or a machine learning approach, for the extracted features relative to features extracted from biometric keystroke measure data derived from each of a plurality of other examinees while taking the long form examination. At least one of the determined similarity values is then identified having a value above a pre-defined threshold. The pre-defined threshold indicates a likelihood of the examinee being the same as one of the other examinees. Data can then be provided that characterizes the identification. Related apparatus, systems, techniques and articles are also described.

Abstract: Provided is a new digital music storage and readout system and method that incorporates layers of anti-pirating features to inhibit unauthorized reproduction of device music content. This concept and device design may be extended to video storage and playback.

Abstract: Described embodiments provide systems and methods for contextual confidence scoring-based access control. The systems and methods can include one or more processors configured to receive a request from the client device to access an item of content. The one or more processors can select a first subset of authentication techniques. The authentication techniques identifiable with a score. The one or more processors can determine that a sum of the scores of the selected first subset of the authentication techniques exceeds a threshold. The one or more processors can transmit, to the client device, one or more authentication requests utilizing the selected first subset of authentication techniques. The one or more processors can provide, responsive to successful authentication by the client device, access to the item of content to the client device.

Abstract: Methods and apparatus for providing access to content across a plurality of devices and environments. In one embodiment, a downloadable rights profile is utilized in order for a user device to determine whether to provide content to a subscriber. The user device is first registered to content delivery the network; the device then requests a rights profile indicating the rights of the subscriber associated with the device to access content. The rights profile is transmitted to the device. The rights profile may be configured to be valid only for a pre-determined time, thus enabling a subscriber's rights to be updated (including revoked). Security mechanisms may also be utilized to ensure access to content is limited only to authorized subscribers. In another embodiment, a user-based authentication procedure is utilized, thereby making the rights determination and content provision process completely agnostic to the underlying hardware.

Abstract: Systems and methods for assessing cybersecurity risk of a computer network include the use of a risk model application that is configured to determine an initial cyber risk score value based upon an underwriting process. A cyber risk data stream is sent from the client's computer network to the system processor to periodically calculate an updated cyber risk score based upon actual data. The system processor is adapted to use the data stream to generate client information that is accessible by the client via a web-based client portal. In embodiments, the cyber risk data stream can be actively monitored to identify a threat of a cybersecurity breach.

Abstract: A system and methods for determining the degree to which a vendor, supplier, or company's compliance or lack of compliance with a specific regulation or requirement contributes to, or could contribute to, the cybersecurity risk of an organization whose employees use that company's products or services. This source of risk may be evaluated for a plurality or set of vendors to determine an estimated total risk arising this source or set of sources. In response to evaluating the degree or level of this source of risk, the system and methods can be used to determine or select the apprFinal opriate security process or protocol that should be applied to employees, devices, systems, and networks to limit the risk to the organization.

Abstract: A client device accesses content and performs actions at a remote application server via a user-agent application. The application server directs the user-agent application to a security verification system to retrieve and perform security tests. The security verification system receives information from the user-agent application describing characteristics of the user-agent application, and the security verification system selects a set of security tests to be performed by a security module executing in the user-agent application to verify that the user-agent application is accessing the application server consistent with the described user-agent application. The security verification system compares a set of test results with other user-agent applications and provides a token to the user-agent application to access the application server. The security module may also monitor and actions on the user-agent application to permit the security verification system to revise or revoke the token.

Abstract: A system and method is provided that enables the recovery of data packets transmitted over an unreliable network. The system and method utilize an algorithm for transmitting the data packets with restoration of lost data during data transfer over UDP Protocol encrypted with DTLS Protocol. Advantageously, the algorithm does not require changes to data for either UDP or DTLS packets, but rather a separate, specifically designed packet is transmitted to the recipient to facilitate and ensure the recovery of any lost data packets over the unreliable network.

Abstract: A technological approach can be employed to protect data. Datasets from distinct computing environments of an organization can be scanned to identify data elements subject to protection, such as sensitive data. The identified elements can be automatically protected such as by masking, encryption, or tokenization. Data lineage including relationships amongst data and linkages between computing environments can be determined along with data access patterns to facilitate understanding of data. Further, personas and exceptions can be determined and employed as bases for access recommendations.

Abstract: The disclosure herein describes managing defects in a model training pipeline. A synthetic data set is generated that is associated with a defect type and a lifecycle stage of the model training pipeline, and baseline performance metrics associated with the defect type are generated. Based on a code change to the pipeline, a test model is trained using the pipeline and the synthetic data set, and test performance metrics are collected based on the test model and associated with the defect type. Based on comparing the baseline performance metrics and the test performance metrics, a defect of a particular defect type is identified in the pipeline. An indicator of the defect is provided that includes the defect type and the lifecycle stage with which the synthetic data set is associated, whereby a defect correction process is enabled to remedy the defect based on the associated defect type and the lifecycle stage.

Abstract: Systems, methods, and devices for authenticating vehicle-to-vehicle communication are disclosed. A method includes receiving sensor data from a first vehicle and receiving secondary sensor data from a second vehicle. The method includes extracting, based on the sensor data and the secondary sensor data, an authentication comprising one or more of: a proximity of the second vehicle to the first vehicle or a common object identified by the sensor data and the secondary sensor data. The method includes determining whether the authentication satisfies a trust threshold of the first vehicle.

Abstract: A method of preventing exploitation of a vulnerability of a computing system includes generating a deprivation token to cause disabling of a selected one or more features of a component of the computing system to prevent an exploit of a vulnerability affecting the selected one or more features; and publishing the derivation token to at least one of a computing system manufacturer computing system and an enterprise information technology (IT) computing system for distribution to affected computing systems.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate sensitive data policy recommendation are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise an extraction component that can employ an artificial intelligence model to extract compliance data from a data source. The computer executable components can further comprise a recommendation component that can recommend a sensitive data policy based on the compliance data. In some embodiments, the recommendation component can further identify one or more sensitive data entities of a sensitive data dataset that are affected by actionable obligation data of the data source.

Abstract: Apparatuses, methods, and systems are disclosed for integrity protection for a packet data unit. One method includes determining a first portion of a packet data unit, wherein the packet data unit includes the first portion and a second portion. The method includes applying an integrity protection function to the first portion of the packet data unit to result in an integrity protection indicator without applying the integrity protection function to the second portion of the packet data unit. The method includes transmitting the packet data unit with the integrity protection indicator.

Abstract: There is disclosed in one example a gateway apparatus to operate on an intranet, including: a hardware platform; and an access proxy engine to operate on the hardware platform and configured to: intercept an incoming packet; determine that the incoming packet is an access request directed to an access interface of a resource of the intranet; present an access checkpoint interface; receive an authentication input response; validate the authentication input response; and provide a redirection to the access interface of the device.

Abstract: A communication brokering device receives, from a first device, a measurement of at least one of a bit-error-rate (BER) or a signal-to-noise ratio (SNR) associated with receipt of a transmission at the first device. The communication brokering device determines whether the first device is vulnerable to message interception or eavesdropping based on the measurement of the at least one of the BER or the SNR. The communication brokering device controls communications between at least one second device and the first device based on the determination of whether the first device is vulnerable to message interception or eavesdropping.

Abstract: A signal analysis method is described. The signal analysis method comprises the following steps: An input signal function associated with a time domain is obtained. A window function is determined based on the input signal function via an artificial intelligence module. The artificial intelligence module comprises at least one computing parameter, wherein the window function is determined based on the at least one computing parameter. The input signal function and the window function are convolved, thereby generating a convolved signal. Further, a signal analysis module is described.

Abstract: Machine learning adversarial campaign mitigation on a computing device. The method may include deploying an original machine learning model in a model environment associated with a client device; deploying a classification monitor in the model environment to monitor classification decision outputs in the machine learning model; detecting, by the classification monitor, a campaign of adversarial classification decision outputs in the machine learning model; applying a transformation function to the machine learning model in the model environment to transform the adversarial classification decision outputs to thwart the campaign of adversarial classification decision outputs; determining a malicious attack on the client device based in part on detecting the campaign of adversarial classification decision outputs; and implementing a security action to protect the computing device against the malicious attack.

Abstract: Methods and systems for distributed ledger-based digital content distribution chain tracing may comprise receiving an indication of a content asset and an indication of a first user associated with the content asset. A first distributed ledger record may be stored and/or created on a distributed ledger comprising the indication of the content asset and the indication of the first user. A second distributed ledger record may be stored on and/or created on the distributed ledger comprising an indication of a second user associated with the content asset. A version of the content asset may be generated comprising one or more frames having a digital marker. The digital marker may comprise an indication of the first user. At least one of the first distributed ledger record or the second distributed ledger record may be determined based on the digital marker as part of tracking or tracing the content asset.

Abstract: One embodiment of this invention describes a method and apparatus for the use of Machine Learning to efficiently detect, identify, prevent, and predict cyber-attacks on Low Power and Low Complexity Sensor 100 (FIG. 1) networks that have low data transmission requirements, something that all current Machine Learning techniques are unable to accomplish due to numerous restrictions when applied to Low Power and Low Complexity Sensors. Low Power and Low Complexity Sensors are frequently found in various Internet of Things (IOT) network architectures. The IOT is a network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and connectivity which enables them to connect and exchange data, providing more direct integration of the physical world into computer-based systems. However, this should not restrict the applicability of any potential embodiment of this invention as described in this patent application.