Abstract: Described are methods and devices to identify vulnerabilities in a software package that includes two or more build files. The build files include at least an application file and one or more resource files. The method includes scanning the build files to identify strings. Strings that appear in one of the resource files and are not referenced in the application file are labelled orphaned. Strings that appear in the application file and are node defined in any of the resources files are labelled hardcoded. The identity of hardcoded and orphaned strings is output as potential vulnerabilities or data leakage points.

Abstract: A process for securely pairing devices. A host device receives an input indicating a user credential for logging into the host device and initiates a scanning process for discovering target devices available for pairing with the host device. During the scanning process, the host device receives wireless pairing information from a target device. The wireless pairing information includes a unique device identifier associated with the target device and an electronic signature generated as a function of a signature key stored at the target device and the unique device identifier. The host device compares the electronic signature with a run-time signature generated at the host device as a function of the user credential received at the host device and the unique device identifier. The host device then initiates a pairing process to establish a short-range communication link with the target device when the electronic signature matches with the run-time signature.

Abstract: An asset storage server is provided herein that assigns related files to an asset name and assigns permissions to the asset name such that related files with unrelated names can be assigned permissions independent of the file naming convention and without requiring a user to individually set the permissions of each file. The asset storage server may also generate modified versions of original file names and index a distributed object store based on the modified versions such that related files with related names are not listed in the same partition of the distributed object store. Indexing the distributed object store based on the modified versions of the original file names may reduce data retrieval latency.

Abstract: Targeted lockdown of a computer system for an identified vulnerability is provided. The targeted lockdown includes configuring a vulnerability lockdown module implemented on a computer system to perform targeted actions to change a configuration of the computer system. The computer system may be scanned by a vulnerability scanner configured to identify vulnerabilities. In response to identifying a vulnerability, the vulnerability may be communicated to the vulnerability lockdown module and the vulnerability lockdown module may implement a vulnerability lockdown mode by causing the computer system to perform the targeted actions to change the configuration of the computer system by restricting functionality of portions of the computer system affected by the identified vulnerability.

Abstract: A method, non-transitory computer readable medium and device that assists with preventing distributed denial of service attack includes receiving a request for a web resource from a client computing device. The received requested for the web resource is determined for presence of referrer header information. When the received request is determined to include the referrer header information, then the referrer header information is checked whether it includes a known domain and a valid cookie associated with the known domain. A distributed denial of service attack is prevented by providing a proactive challenge to the requesting client computing device when received request for the web resource does not include the referrer header information or when the referrer header information comprises the known domain and does not include the valid cookie.

Abstract: A difference extracting unit extracts, from an executable file converted from a source code and an executable file converted from a source code after vulnerability correction is made to the source code, a difference of a part where the vulnerability correction is made. A feature calculating unit calculates features of the difference extracted by the difference extracting unit. A difference extracting unit extracts, from an executable file converted from a source code and an executable file converted from a source code after correction is made to the source code, a difference of a predetermined part. A similarity calculating unit calculates similarity between the difference of the predetermined part calculated by the difference extracting unit and the features of the difference of the part where the vulnerability correction is made calculated by the feature calculating unit.

Abstract: The present disclosure provides a memory test method. The method includes: determining a refresh cycle T, a designed attack resistance frequency F, and a single row read time t of a target repository; determining an attack row quantity N based on the refresh cycle T, the designed attack resistance frequency F, and the single row read time t; determining a group of target attack rows in the target repository based on a value of the attack row quantity N, where the group of target attack rows include N target attack rows, and at least two of the N target attack rows are spaced apart by one row; detecting, after reading the N target attack rows for X consecutive times, whether data exception occurs in all adjacent rows of the target attack rows, to complete one attack test.

Abstract: The present invention relates to systems and methods for providing and managing a repository of free and/or open source software (FOSS) which is free of malware and/or vulnerabilities. The invention comprises scanning FOSS with a malware scanner and adding the FOSS to an anti-malware package management system when the malware scanner indicates no malicious code and/or vulnerabilities have been detected. The anti-malware package management system is accessible by users as a trusted source to obtain FOSS which is free of malware and believed to be safe to use. The anti-malware package management system is updated over time to keep up with changing FOSS libraries and changing malware detection capabilities so that the anti-malware package management system remains a trusted source for users to obtain FOSS.

Abstract: Embodiments are disclosed that allow encrypted data to be sent between a Bluetooth enabled device and a virtual device associated with a corresponding physical device. In particular, a Bluetooth implementation on the physical device may include one or more raw interfaces to facilitate endpoint to endpoint secure Bluetooth cryptography. Using these raw interfaces, an encrypted Bluetooth channel may be established directly between the virtual device and the Bluetooth enabled device using the radio of the physical device, where data may be encrypted and decrypted at an endpoint of the Bluetooth communication channel (such as at the virtual device or the Bluetooth enabled device) and passed through a Bluetooth implementation on the physical device without any additional encryption or decryption being performed on that data.

Abstract: Disclosed herein are systems and methods for determining learned associations between authentication credentials and network contextual data, such as may be utilized in a network that supports network roving. A mobile device attempts to rove to a visited network using authentication credentials associated with another network, based at least in part on first contextual information associated with the other network and second contextual information associated with the visited network indicating that the visited network is part of a common association of networks that supports roving internetworking between the networks of the common association.

Abstract: According to an example aspect of the present invention, there is provided a method comprising, transmitting by a wireless device, during a first phase, a first probe signal associated with a user and receiving a reflected version of the first probe signal, transmitting by the wireless device, during the first phase, the reflected version of the first probe signal to a ground truth classifier, transmitting by the wireless device, during a second phase, a second probe signal associated with the user and receiving a reflected version of the second probe signal and transmitting by the wireless device, during the second phase, the reflected version of the second probe signal to a trusted apparatus.

Abstract: A shared database platform implements dynamic masking on data shared between users where specific data is masked, transformed, or otherwise modified based on preconfigured functions that are associated with user roles. The shared database platform can implement the masking at runtime dynamically in response to users requesting access to a database object that is associated with one or more masking policies.

Abstract: Generating verification codes includes selecting at least two verification code generators from a verification code generator set comprising a plurality of verification code generators to compose a current use set, executing each verification code generator in the current use set to obtain corresponding partial verification codes, composing a current verification code from the partial verification codes, outputting the current verification code to a user, receiving a user response that is made in response to the current verification code, and comparing the current verification code and the user response to determine whether the user is verified.

Abstract: Techniques for connecting known entities to a protected network are described. A user device with a certified application installed is authenticated with an identification repository. The authentication is accomplished using credentials associated with the certified application. The user device is also enrolled with an authentication server and the authenticated user device is connected to the protected network.

Abstract: Embodiments described herein provide a service to enable a user to track a variety of even when those devices are not connected to the internet by either Wi-Fi or cellular. One embodiment provides techniques to enable a pairing registration for a wireless accessory device that enables a server-mediated pairing process to be performed between the wireless accessory device and a companion device.

Abstract: A determination apparatus includes a keyword extraction unit that extracts keywords characterizing a vulnerability from known vulnerability information, and a 0-day attack determination unit that compares the keywords characterizing the vulnerability and keywords included in a request used for an attack, and when a value of a score indicating a degree of inclusion of same keywords as the keywords characterizing the vulnerability in the request is smaller than a predetermined threshold, determines that the request is a 0-day attack that is neither a known attack nor an attack similar to the known attack.

Abstract: Various examples are provided related to software and hardware architectures that enable a lightweight incremental encryption scheme that is implemented on a System-on-chip (SoC) resource such as a network interface. In one example, among others, a method for incremental encryption includes obtaining, by a network interface (NI) of a sender intellectual property (IP) core in a network-on-chip (NoC) based system-on-chip (SoC) architecture, a payload for communication to a receiver intellectual property (IP) core; identifying, by the NI, one or more different blocks between the payload and a payload of a previous packet communicated between the sender IP core and the receiver IP core; and encrypting, by the NI, the one or more different blocks to create encrypted blocks of an encrypted payload.

Abstract: Embodiments include devices and methods for providing secure communications between a first computing device and a second computing device are disclosed. A processor of the first computing device may determine in a first application software first security key establishment information. The processor may provide the first security key establishment information to a communication layer of the first computing device for transmission to the second computing device. The processor may receive, in the first application software from the communication layer of the first computing device, second security key establishment information received from the second computing device. The processor may determine a first security key by the first application software based at least in part on the second security key establishment information. The processor may provide the first security key to the communication layer for protecting messages from the first application software to the second computing device.

Abstract: A cyber-threat coordinator-component identifies devices and/or users that are in a breach state of a benchmark of parameters, utilized by AI models, that correspond to the normal pattern of life for the network. The cyber-threat coordinator-component sends an external communication to selected network devices in order to initiate actions with that network device in order to change a behavior of a detected threat of at least one a user and/or a device acting abnormal to the normal pattern of life on the network. The initiated actions are also targeted to minimize an impact on other network devices and users that are i) currently active in the network and ii) that are not in breach of being outside the normal behavior benchmark.

Abstract: Apparatus and methods for mitigating network attacks, such as by dynamically re-routing traffic. Various disclosed embodiments manipulate path-based routing of the backbone network to insert a scrubbing appliance within the backbone network topology, rather than using traditional network addressed tunnels in the edge network. In one implementation, traffic entering the backbone network ingress peer routers (from either another backbone network, or an edge network) is normally destination-address routed via the backbone to its appropriate egress router based on a path label; however, when a Distributed Denial of Service (DDoS) attack is detected, the ingress peer router inserts an additional hop into the path label that redirects dirty traffic to a substantially centralized scrubbing appliance. The benefits of the disclosed solutions include, among other things, significantly reduced attack response/recovery times without significant capital outlays.