Abstract: A host device, a storage device, and a method employ a vendor unique command (VUC) authentication system. The storage device includes a memory and a memory controller which includes a VUC authentication module and controls the memory. The VUC authentication module transmits first memory information about the memory to the host device, receives from the host device a one-time password generated by the first memory information, verifies the one-time password, and receives a vendor unique command from the host device when the one-time password is correct.

Abstract: Systems and methods are disclosed for authenticating a chunk of data identified in a query received by a data intake and query system. The data intake and query system receives a query that identifies a set of data and manner for processing the set of data, and identifies a chunk of data that is part of the set of data. The system generates a content identifier, such as a hash, of the chunk of data. The system further authenticates the chunk of data based on the generated content identifier and a content identifier stored by a distributed ledger system.

Abstract: To facilitate improved email and device security, embodiments of systems and methods include intercepting, by a processor associated with an entity, an internet request, where the internet request is produced by a link received in an email at a first computing device. The processor determines that the link is externally bound relative to an entity network. The processor determines an existence of a sandbox environment instance in a set of existing sandbox environment instances. The processor routes the link through the sandbox environment instance. The processor updates the sandbox log in the database based on the sandbox environment instance and the link. The processor causes to display on a screen of the first computing device a user interface for interacting with the link in the sandbox environment instance, and the processor logs activities associated with interacting with the link in a security log.

Abstract: In modern object-oriented programming, programs are written using typed objects like classes and instances that interact with one another via rules of composition, inheritance, encapsulation, message passing, and polymorphism. Some embodiments described herein can include a method for tokenizing such modern objects that maintains their interactive properties on a blockchain. It improves upon, and diverges from, the smart contract model used mainly on account-based blockchains today to create a generally-programmable token system that is native to UTXO-based blockchains, where individually-owned software objects interact with other software objects owned by other individuals. These tokenized objects are called jigs. Jigs, an abstraction like objects, enable applications to build their own digital assets that interact with other jigs from other applications. Jogs enable users to own their data as tokens and use their data independent of any one application's complete control.

Abstract: Methods and systems of segmenting computing devices in a wireless network having an access point broadcasting in a single domain are described. In an exemplary method, a request to join the wireless network is received from a computing device. The request is associated with an identifier. When the identifier is not associated with a virtual network within the wireless network, a virtual network is configured within the wireless network and the identifier is associated thereto and the computing device is assigned thereto. When the identifier is associated with an existing virtual network within the wireless network, the computing device is assigned to the existing virtual network.

Abstract: Two-way secure channels are provided between multiple services across service groups, where the certification is performed by a certificate authority associated with one of the service groups. One method comprises a first service providing a first handshake communication with a first token to a second service, wherein the first service obtains the first token by authenticating with an identity and access management service having a first certificate signed by a certificate authority, wherein the first handshake communication succeeds when the second service has a second certificate signed by the certificate authority, and wherein the second service obtains a second token by authenticating with the identity and access management service. The first service receives a second handshake communication from the second service with the second token.

Abstract: Disclosed are examples for providing functions to receive a media file to be stored in a media repository. In the examples, a location in the media repository may be assigned to the media file. A media file address in a blockchain platform may be assigned to the media file. Metadata including the assigned location in the media repository and the assigned media file address in the blockchain platform may be added to the media file. A media file hash value may be generated by applying a hash function to the media file including the metadata. The media file hash value may be included in a message and uploaded to the assigned media file address in the blockchain platform as a transaction in the blockchain. An indication that the media file is uploaded to the media repository may be delivered to a subscriber device from which the media file was received.

Abstract: A method for assessing a cybersecurity risk of a software object includes generating an abstract syntax tree (AST) for a software object, and determining that the AST is insufficient to identify, to a specified confidence level, a cybersecurity risk of the software object. In response to determining that the AST is insufficient to identify the cybersecurity risk of the software object, a graph convolutional neural network (gCNN) is executed, based on the AST, to produce a set of features for the AST and to produce a probability of maliciousness of the software object based on the set of features. A signal representing an alert is sent, based on the probability of maliciousness, if the probability of maliciousness exceeds a pre-defined threshold.

Abstract: An example operation includes one or more of encrypting, by a transport, received data based on a first biometric associated with an occupant, unencrypting, by the transport, the encrypted data, based on a verification of a second biometric, wherein the second biometric is a continuum of the first biometric, and providing, by the transport, the unencrypted data to the occupant.

Abstract: Preliminary program analysis of an executable may be performed. A security vulnerability level of a portion of the executable may be determined based on the preliminary program analysis. The security vulnerability level of the portion may be compared to a security vulnerability threshold. The precision of runtime monitoring of the portion may be tuned based on the comparison.

Abstract: A computer-implemented method of user authentication is provided. The method comprises combining, by a computer system, a user recurrent neural network with a system recurrent neural network to form a unique combined recurrent neural network. The user recurrent neural network is configured to generate a unique user key, and the system recurrent neural network is configured to generate a system key. The computer system inputs a predetermined input into the combined recurrent neural network, and the combined recurrent neural network generates a unique combined key from the input, wherein the combined key differs from both the user key and system key. The computer system then associates the combined key with a unique access authorization to authenticate a user.

Abstract: The present disclosure provides a data processing method for coping with ransomware, which encrypts data with a malicious intent and blocks an access to the data, to protect the data, and a program for executing the data processing method. In a computer apparatus that loads an application program stored in a memory onto a processor and carries out a predetermined processing according to the application program, on an operating system (OS) kernel which controls an access of the application program to hardware components of the computer apparatus, the processor reads the data stored in the memory, performs the predetermined processing at the request of the application program, determines whether a ransomware attack occurred for the data before storing the processed data back to the memory, and stores the processed data to the memory according to a determination result, thereby preventing the damage caused by the ransomware attack.

Abstract: A gateway device between a first and second communication network outside the gateway device handles communication between a first device in the first network and a second device in the second network. When the gateway receives a communication request from the first device, directed to the second device, for performing a first cryptographic data communication protocol, the gateway determines whether the first cryptographic data communication protocol is registered as unsafe in the gateway device, and/or registered as safe, in particular whether it is safe against key reconstruction by a quantum computer. When the first cryptographic data communication protocol is not registered as unsafe in the gateway device, and/or registered as safe, the gateway device forwards messages exchanged as part of execution of the first cryptographic data communication protocol between the first and second device.

Abstract: A medical device of a medical system is configured for communicating with an external programmer over a wireless communications link. The medical device comprises a wireless communications module configured for receiving a first unencrypted version of a random number and a first encrypted version of the random number from the external programmer over the wireless communications link. The medical device further comprises control circuitry configured for performing an authentication procedure on the external programmer based on the first unencrypted version of the random number and the first encrypted version of the random number, and preventing the external programmer from commanding the medical device to perform an action unless the authentication procedure is successful.

Abstract: Presented here is a system to reduce the computational cost of validating transactions recorded in a block chain by at least 500 million. In one embodiment, no proof of work is required, and the validity of the data stored in the block chain is guaranteed using a combination of private identification associated with one or more authorized users and a hash value propagated from each block to the subsequent blocks in the block chain. In another embodiment, the proof of work required is designed to be mildly computationally expensive, for example, at least 500 million times cheaper than the proof of work required to perform a bitcoin verification. The proof of work required can be increased or decreased based on various factors such as an expected time to add a new block to the block chain and/or current processor performance.

Abstract: Methods and systems for introducing self-contained intent functionality into decentralized computer networks is described. Specifically, the methods and systems for encoding user intent (e.g., what functions a value may be used for) into data structures for computer programs and/or transaction protocols intended to automatically execute, control, or record events and actions according to predetermined terms or criteria are described herein. For example, the methods and systems may include using a permission structure native to one or more cryptocurrencies to provide additional functionality that allows for an intent to be introduced into the computer program and/or transaction protocol. This intent may be introduced using a routing data structure indicating exchange eligibility of resource sources.

Abstract: According to examples, an apparatus may include a processor may identify features in a plurality of data items, determine similarities and/or patterns in the identified features, and group the plurality of data items into a plurality of clusters of data items based on the determined similarities and/or patterns in the identified features in the plurality of data items. The processor may also evaluate the plurality of clusters to identify a potentially malicious pattern among the data items in the plurality of clusters. In addition, the processor may, based on a potentially malicious pattern being identified in a generated cluster of the generated clusters, execute an action with regard to the data items in the generated cluster.

Abstract: Applications on a device are assigned scores based on their attributes, update status, and source. A device is a assigned a score based on its attributes and the scores of applications installed thereon. the device score may be combined with an evaluation of user behavior to obtain a user score. The scores may be used to invoke security actions with respect to data and services of an enterprise. Security reports for a network environment may be modified such that the severity of threats accounts for policies and attributes of the environment. Security of a device may be evaluated locally, including the training of a model to identify anomalous authentication or usage behavior. Security of a device may be reduced to a score lacking personal information that may be used by a server to select access controls for a device.

Abstract: A reference file set having high-confidence malware severity classification is generated by selecting a subset of files from a group of files first observed during a recent observation period and including them in the subset. A plurality of other antivirus providers are polled for their third-party classification of the files in the subset and for their third-party classification of a plurality of files from the group of files not in the subset. A malware severity classification is determined for the files in the subset by aggregating the polled classifications from the other antivirus providers for the files in the subset after a stabilization period of time, and one or more files having a third-party classification from at least one of the polled other antivirus providers that changed during the stabilization period to the subset are added to the subset.

Abstract: The portable peripheral (100) of communication with the data network (105) utilizing the internet protocol, comprises: a connector (110) to mechanically connect and establish a removable wired connection between the peripheral and a portable terminal, a first means (115) of wired bidirectional communication with the portable terminal, a second means (120) of bidirectional communication with a data network and a unit security (122) protecting the communication between the first and the second means of communication, this communication being established between the first and the second means of communication, the security unit (122) comprising a system (127) of autonomous DNS management, the means of communication and the security unit being embedded in a unique housing (130) removable from the portable terminal.