Abstract: A system includes a plurality of computing nodes that form a blockchain network, wherein one or more of the computing nodes is a metaverse computing node configured to generate a mixed reality environment. A processor of at least one computing node is configured to receive information relating to a suspicious data interaction associated with a data file of a user, simulate, based on the received information, the suspicious data interaction in a synthetic mixed reality environment that is substantially identical to the mixed reality environment, verify the suspicious data interaction while the simulated data interaction is being performed, when the suspicious data interaction cannot be verified, disable one or more future data interactions processed using the same smart contract used to process the suspicious data interaction, and when the suspicious data interaction is successfully verified, terminate the simulated data interaction and process the suspicious data interaction.

Abstract: An apparatus for bypassing user authentication comprises a memory and a processor. The processor is configured to receive a contextual payload for authentication of a first user and process the contextual payload to identify interaction session information associated with the first user. The processor is further configured to identify a file associated with the first user and a session classifier based on the interaction session information. In response to determining authentication information from the interaction session information, the processor is further configured to transmit file information associated with the file of the first user to an entity device associated with an entity and to transmit an instruction to display pre-populated fields in a process flow based on the identified session classifier on the entity device. The processor is further configured to establish a network connection between a first user device associated with the first user and the entity device.

Abstract: A computer-implemented method comprising: generating, from a key-seed associated with a user, a set of homomorphic encryption (HE) keys associated with an HE scheme; receiving, from a key management system (KMS) associated with said HE scheme, an encrypted version of said key-seed; storing said encrypted version of said key-seed, and said set of HE keys, in an untrusted storage location; and at a decryption stage, decrypting an encrypted computation result generated using said HE scheme, by: (i) recalling, from said untrusted storage location, said encrypted version of said key-seed, (ii) providing said encrypted version of said key-seed to said KMS, to obtain a decrypted version of said key-seed s associated with said user, (iii) generating, from said received decrypted version of said key-seed, a secret HE key associated with said HE scheme, and (iv) using said secret HE key to decrypt said encrypted computation result.

Abstract: Disclosed is a method for ultra-wide band (UWB) security ranging and a UWB device configured to perform secure ranging. The method includes obtaining, from a UWB sub-system of the UWB device, first encryption data including a symmetric key encrypted with a public key of a secure application of the UWB device; transferring the first encryption data to the secure application; obtaining, from the secure application, second encryption data including a ranging data set (RDS) encrypted with the symmetric key; and transferring the second encryption data to the UWB sub-system. In this case, the RDS may include a ranging session key configured to secure a UWB ranging session, and the secure application may be included in a trusted execution environment area.

Abstract: A computer implemented method of automatically generating security rules for a networked environment based on anomalies identified using Machine Learning (ML), comprising receiving one or more feature vectors each comprising a plurality of operational parameters of a plurality of objects of a networked environment, identifying one or more anomaly patterns in the networked environment by applying one or more trained ML models to the one or more feature vectors trained to identify patterns deviating from normal behavior of the plurality of objects, parsing each anomaly patterns to a set of behavioral rules by traversing the anomaly pattern through a tree-like decision model, and generating one or more security rules for the networked environment according to the set(s) of behavior rules. Wherein the one or more security rules are applied to increase security of the networked environment.

Abstract: The present invention relates to a method and system of cybersecurity; and particularly relates to an encryption method and system on the basis of cognitive computing for xenomorphic cryptography or unusual form of cryptography; said method comprises generating a Functional Neural Network or KeyNode (KN) of the system by programming a chain of multiple nodes also called Artificial Mirror Neurons (AMN) based on captured information of reaction time and emotional response to a simple task; racing the nodes in the Functional Neural Network or KeyNode (KN) as an encryption device or cipher for the time of use; generating a password at the time of use based on the sum of intrinsic values of the nodes in the racing network at this time and adopting the generated password for authentication.

Abstract: A packet that includes a header and a payload can be acquired. A first portion of the payload can be selected such that the first portion that is smaller than the payload. The header and the first portion of the payload can be encrypted based on an encryption algorithm to generate an encrypted packet. The encrypted packet can be transmitted to a node on a network.

Abstract: A computing device receives network message data. The computing device determines a message processing type corresponding to the network message data. In accordance with a determination that the message processing type is a consensus processing type, the computing device obtains a consensus parameter corresponding to the network message data. In accordance with a determination that the consensus parameter does not meet a consensus validity condition, the computing device classifies the network processing message data as an invalid consensus message; and filters out the network message data.

Abstract: This disclosure describes techniques for preventing network attacks within messages. For instance, electronic device(s) may receive a message, such as an email, from a first electronic device. The message may include a first code with a first embedded address to a first network resource, such as a malicious network resource. As such, the electronic device(s) may analyze the message to identify the first code. The electronic device(s) may then generate a second address associated with a second network resource, such as a secure proxy, a remote browser, a click-time protection service, and/or the like. Next, the electronic device(s) may embed the second address in a second code and replace the first code within the message with the second code. After replacing the first code, the electronic device(s) may send the message to a second electronic device of the second user.

Abstract: A security system generates a digital signature for a small cell of a wireless network and assigns the digital signature to the small cell for connecting to the wireless network. The digital signature can be generated based on a connectivity schedule for the small cell. When the security system obtains a connection request from the small cell to connect to the wireless network, the security system compares an instance of the digital signature included in the connection request with an expected digital signature and compares the point in time when the connection request was communicated with an expected time indicated in the connectivity schedule. The security system detects an anomaly when the instance of the digital signature deviates from the expected digital signature or the point in time deviates from the expected time, and causes performance of an action based on a type or degree of the anomaly.

Abstract: Systems, methods, and other embodiments described herein relate to improving incident response within a vehicle environment. In one embodiment, a method includes, responsive to detecting an attack on a threatened component of a computing system, gathering information about the threatened component, including at least a dependency list that specifies related components to the threatened component. The method includes determining a risk score for the attack according to a risk level associated with the attack, a risk type of the threatened component, and combined risks associated with compromising the related components. The method includes providing a report specifying information about the attack, including at least the risk score.

Abstract: The present disclosure provides a method and apparatus for suppressing the spread of viruses in a local area network (LAN). The method includes, in response to that an ARP packet is received, determining whether a number of interacting terminals corresponding to a target terminal that sent the ARP packet reaches a first preset threshold; in response to that the number of interacting terminals reaches the first preset threshold, further determining whether a number of abnormal terminal relationships corresponding to the target terminal reaches a second preset threshold; and in response to that the number of abnormal terminal relationships reaches the second preset threshold, providing protection to the target terminal to so to suppress virus propagation in the LAN.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to analyze telemetry data of a network device for malicious activity. An example apparatus includes an interface to obtain first telemetry data, a rules generator to, using the first telemetry data, generate a global block list using a machine learning model, the machine learning model generated based on a device specific block list and a device specific allow list, and a model manager to transmit the global block list to a gateway, the gateway to facilitate on-path classification of second telemetry data.

Abstract: Methods and apparatus consistent with the present disclosure may prevent a computer process from failing when a firewall located between a client device and a server identifies that a process at the firewall should be bypassed using fingerprint information associated with a connection attempt. When fingerprint information stored at a firewall matches previously received fingerprint information, the firewall may allow processes typically performed at the firewall to be bypassed, thereby, allowing communications to pass between the client device and the server without inspection. When that fingerprint information does not match previously received fingerprint information, the firewall may perform a process that causes the client device to fail the first connection attempt. Because of this, methods consistent with the present disclosure may allow communications from an application program to be passed through a firewall without relying on an ever growing list of trusted application programs.

Abstract: The Present invention provides for a biometric authentication system, the method implemented in the system, and its use, based on venous networks, to provide a highly available system for resilient biometric authentication that does not require the possession or the memorization of confidential information of users while ensuring security, while allowing to discard the template and the images of the vascular network while having a tamper-proof system.

Abstract: Methods and systems for detecting forged Kerberos protocol tickets are presented. In one embodiment, a method is presented that includes receiving and decrypting an authentication request including a ticket. A validity start time and a validity end time may then be extracted from the ticket and a validity period may be calculated based on the validity start time and the validity end time. The method may then include retrieving a domain validity period from a domain controller and comparing the validity period to the domain validity period. If the validity period differs from the domain validity period, the authentication request may be blocked.

Abstract: Systems, methods, and related technologies for determining an anomaly based on properties associated with an entity are described. The determination of an anomaly associated with an entity may include accessing network traffic from a network and storing a first value of a property associated with an entity communicatively coupled to the network. The first value of the property is based on the network traffic. Additional network traffic associated with the entity may be accessed and a second value of the property determined based on the additional network traffic. Whether the first value of the property does not match the second value of the property may be determined and in response to the first value of the property not matching the second value of the property, an indicator that an anomaly has detected may be stored. An action may be performed based on determination of an anomaly.

Abstract: A system and method for publishing encoded identity data that uses at least biometric information as well as non-biometric identity and/or authentication data is disclosed. The system and method can be used for verifying a user's identity against the published encoded identity data on a distributed system, such as a distributed ledger or blockchain. Using this system, a user's identity can be verified efficiently by multiple parties, in sequence, or in parallel, as a user need only enroll in the verification process a single time. The system further includes a biometric enrollment sub-system that allows for a highly secure method of verifying a user based on unique biometric signals, such as features extracted from an audio voice signal.

Abstract: An integrated physical unclonable function device includes at least one reference capacitor and a number of comparison capacitors. A capacitance determination circuit operates to determine a capacitance of the at least one reference capacitor and a capacitance of each comparison capacitor. The determined capacitances of the comparison capacitors are then compared to the determined capacitance of the reference capacitor by a comparison circuit. A digital word is then generated with bit values indicative of a result of the comparisons made by the comparison circuit.

Abstract: Systems, methods, and computer program products are directed to machine learning techniques that use a separate embedding layer. This can allow for continuous monitoring of a processing system based on events that are continuously generated. Various events may have corresponding feature data associated with at least one action relating to a processing system. Embedding vectors that correspond to the features are retrieved from an embedding layer that is hosted on a separate physical device or a separate computer system from a computer that hosts the machine learning system. The embedding vectors are processed though the machine learning model, which may then make a determination (e.g. whether or not a particular user action should be allowed). Generic embedding vectors additionally enable the use of a single remote embedding layer for multiple different machine learning models, such as event driven data models.