Abstract: A vibration signal-based smartwatch authentication method includes generating incremental vibration signals using a vibration motor in a smartwatch; performing frequency band-based hierarchical endpoint segmentation to obtain vibration signals at a plurality of frequency bands; extracting frequency-domain features for the vibration signals at the plurality of frequency bands; training a dynamic time warping model by taking the vibration signals at the plurality of frequency bands as a training data set, training a nearest neighbor model by taking the extracted frequency-domain features as training data; collecting to-be-authenticated vibration signals which are processed to serve as test data signals; discriminating similarities between the test data signals and corresponding training data signals through the dynamic time warping model, giving a classification result through the nearest neighbor model, performing weighted calculation on a discrimination result of the dynamic time warping model and a discrimin

Abstract: A communication device achieves inter-device authentication with high accuracy and high responsiveness. The communication device includes a control section configured to execute a process related to transmission or reception of a first authentication signal and a second authentication signal that are necessary for a first authentication process for authentication of another communication device. The control section starts execution of a second authentication process for different authentication from the first authentication process, after transmission or reception of the first authentication signal and before transmission or reception of the second authentication signal.

Abstract: [Object] To provide a mechanism that makes it possible to avoid inconveniences when the authentication process has abnormality. [Solution] A communication device comprising a control section configured to control each of a first process that achieves a prescribed function, and a second process that authenticates another communication device and that is different from the first process, wherein the control section performs control in such a manner that the second process is not performed in a case where abnormality is recognized.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for normalizing, compressing, and correlating vulnerabilities are disclosed. In one aspect, a method includes the actions of generating a first and second copy of a software target. The actions further include providing the first copy to a first scanning tool and the second copy to a second scanning tool. The actions further include receiving a first scanning tool output that identifies a first issue of the software target. The actions further include receiving a second scanning tool output that identifies a second issue of the software target. The actions further include determining that the first issue and the second issue are a same issue. The actions further include generating a combined issue of the first issue and the second issue. The actions further include outputting a notification that includes the combined issue.

Abstract: Disclosed herein are an apparatus and method for recommending privacy control. A privacy control server includes multiple common privacy control recommendation models learned based on personal information provision histories of multiple users, a user preference determination unit for generating at least one question item based on the multiple common privacy control recommendation models and determining a privacy control preference of a user based on a result of a user answer to the at least one question item, and a common privacy control recommendation model provision unit for providing a common privacy control recommendation model selected to match the privacy control preference of the user to the user.

Abstract: A method described herein involves various operations directed toward network security. The operations include accessing a traffic attribute describing a feature of network traffic. The operations further include determining a baseline distribution for the traffic attribute of a baseline set of transactions involving an online system over a baseline period and, additionally, determining an observed distribution for the traffic attribute of an observed set of transactions involving the online system over an observed period. Using the observed distribution and the baseline distribution, an attribute risk value for the traffic attribute is computed. The operations further include detecting that an anomaly exists in the traffic attribute of the observed set of transactions, based on the attribute risk value.

Abstract: A system includes an intelligent electronic device (IED) and a proxy device communicatively coupled to the TED via a Media Access Control (MACsec) communication link. The proxy device is configured to perform operations that include receiving permissions data, receiving a request to perform an action associated with the TED, determining whether the action is authorized based on the permissions data, and transmitting data to the TED via the MACsec communication link in response to determining that the action is authorized.

Abstract: Access level and security group information can be updated for a data instance without having to take down or recycle the instance. A data instance created in a data environment will have at least one default security group. Permissions can be applied to the default security group to limit access via the data environment. A control security group can be created in a control environment and associated with the default security group. Permissions can be applied and updated with respect to the control security group without modifying the default security group, such that the data instance does not need to be recycled or otherwise made unavailable. Requests to perform actions with respect to the control security groups are made via the control environment, while allowing native access to the data via the data environment.

Abstract: A network security system that analyzes data from network attacks to determine which attacks came from the same attacker, even if the attacker tries to disguise its identity by spreading attacks out over time and attacking from multiple IP addresses. Intrusion detection systems or firewalls may log data for each attack, such as the time of the attack, the type of attack, and the source and target addresses. Embodiments may augment this data with derived attributes that may profile the attacker's behavior. For example, some attackers may spread out attacks over time, but always attack on the same day of the week; some attackers may spread out attacks over different IP addresses, but these addresses may all be in the same country. The original and augmented data may be clustered using an algorithm such as DBSCAN, and each attacker may be identified with one of the resulting clusters.

Abstract: A computer-implemented method, computer system, and computer program product for threat management. A set of features used by a machine learning model is collected by the computer system to determine a threat type for an access attempt when the access attempt is detected. A cluster is determined, by the machine learning model in the computer system, for the access attempt using the set of features, wherein the machine learning model implements clustering to determine the cluster for the access attempt, and wherein the cluster for the access attempt corresponds to the threat type for the access attempt. A set of actions is performed by the machine learning model in the computer system based on the threat type determined for the access attempt.

Abstract: Methods, articles, and systems of computer graphics processing system validation for processing of encrypted image content are disclosed herein.

Abstract: Methods and systems for verifying a user's identity on a computing device using two-factor authentication are described. More particularly, the system utilizes a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.

Abstract: The techniques described in this disclosure provide resilient and reactive on-demand Distributed Denial-of-Service (DDoS) mitigation services using an exchange. For example, an exchange comprises a first virtual network for switching mixed traffic (including dirty (DDoS) traffic and clean (non-DDoS) traffic)) from one or more networks to one or more DDoS scrubbing centers; and a second virtual network for switching the clean traffic from the one or more DDoS scrubbing centers to the one or more networks, wherein the exchange is configured to receive the mixed traffic from the one or more networks and switch, using the first virtual network, the mixed traffic to a selected DDoS scrubbing center of the one or more DDoS scrubbing centers, and wherein the exchange is configured to receive the clean traffic from the selected DDoS scrubbing center and switch, using the second virtual network, the clean traffic to the one or more networks.

Abstract: Disclosed are systems and methods for securing a network including one or more network nodes connecting a plurality of network connected devices of the network. A method may include: receiving and temporarily storing a plurality of data packets in a shared buffer of a network node; receiving requests from a first processing engine and a second processing engine to access a temporarily stored data packet; generating a first pointer and a second pointer to the temporarily stored data packet, the second pointer being different from the first pointer while pointing to the same temporarily stored data packet; and enabling the first processing engine to use the generated first pointer to access the temporarily stored data packet and the second processing engine to use the generated second pointer to access the temporarily stored data packet.

Abstract: Examples for detecting a compromised device are described. A set of threat detection rules can instruct an application on the client device how to detect whether the client device is compromised. The rules can be updated dynamically and without updating the application that is performing the compromise detection. The rules can be encoded in an interpreted scripting language and executed by a runtime environment that is embedded within the application.

Abstract: Systems and methods are disclosed for computing network operations. For example, methods may include receiving, at a computing device located within a private network, a message sent from a server located outside of the private network, the message including an observable; invoking, within the private network, a search of data associated with the private network to obtain a search result that includes data matching the observable; aggregating, within the private network, data from the search result that matches the observable to obtain a report that includes an indication of the observable, a count of occurrences of the observable, and identification of one or more components associated with the observable; and transmitting the report to the server.

Abstract: Examples described herein include systems and methods for deploying Data Loss Prevention (DLP) policies to user devices. An example method can include receiving a configuration specifying at least one DLP policy applicable to an application, along with an indication of an assignment group specifying users, or user devices, to which the DLP policy should apply. Information regarding the DLP policy and assignment group can be provided to an identity service and then synchronized with a second server that manages the application. The method can further include provisioning the application to a user device and instructing the user device to retrieve the DLP policy from the second server and implement it when executing the provisioned application.

Abstract: A system and method are disclosed for authenticating and authorizing access to and accounting for consumption of bandwidth for IPv6 connectivity to the Internet over Wireless Access Vehicular Environment (WAVE) service channels by client devices using an Authentication, Authorization and Accounting (AAA) server. The AAA server authenticates and authorizes client devices to access WAVE service channels, and accounts for bandwidth consumption by the client devices using WAVE service channels to access the Internet. The AAA server enables an RSU infrastructure operator to quantify wireless bandwidth consumption by in-vehicle devices using the WAVE Service Channels, on a per-device basis.

Abstract: This relates to hierarchical pseudo-random number generation for use in computer simulations that operate across more than one computing machine.

Abstract: Embodiments include a method for vulnerability management of a computer system. The method includes collecting vulnerability information over a network from a publishing source. The vulnerability information includes a known vulnerability of a first computer asset, where at least some of the vulnerability information is a set of cybersecurity vulnerabilities and exposures (CVEs) published online. Further, at least some of the CVEs is in a human-readable format. The method further includes collecting system information of the computer system subject to the vulnerability management, where the system information includes information about a second computer asset of the computer system. The method further includes processing the collected vulnerability information and the collected system information by interpreting the human-readable CVEs and correlating the interpreted CVEs with the collected system information.