Abstract: In an approach for testing an application for a security vulnerability, a processor inserts an instrumentation hook in the application to be tested, wherein the instrumentation hook is executed prior to a sink operation. A processor transmits a probe input value to the application to be tested. A processor detects a modification to the probe input value at the instrumentation hook by comparing the probe input value at the instrumentation hook to a signature value and detecting that the probe input value matches the signature value. A processor removes the sink operation from testing for the security vulnerability.

Abstract: Access to transactional multimedia content may be based on network routing. Some multimedia content may be best delivered via a private network. Other multimedia content may be best delivered via a public network. A type of the multimedia content may thus determine network routing.

Abstract: The present invention relates to a method for electronic signing of a document with a predetermined secret key (x), the method being characterized in that it comprises the implementation of steps of: (a) Drawing a pair formed by a first internal state (s1i) and a white-box implementation (WBi) of a modular arithmetic operation, from among a set of predetermined pairs ({(s1i,WBi)}i?[0,n-1]) each for one nonce (ki), said first internal state (s1i) being a function of the nonce (ki) and said modular arithmetic operation being a function of the first internal state (s1i), of the nonce (ki) and of the secret key (x); (b) Determining a second internal state (s2i) by application of said drawn white-box implementation (WBi) to a condensate of the document obtained via a given hash function; (c) Generating an electronic signature of the document from the first internal state (s1i) of the drawn pair and from the second determined internal state (s2i), and deleting the drawn pair of said set of pairs ({(s1i,WBi)}i?[0

Abstract: Methods and systems for detecting malicious network activity. The method may include analyzing payload data relating to activity on one or more virtual security appliances, grouping related payloads, and analyzing a time series dataset describing the groupings to identify anomalous payloads.

Abstract: A proxy server receives from a client device a request to perform an action on an identified resource that is hosted at an origin server for a domain. The proxy server receives the request as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server and the origin servers are owned by different entities. The proxy server analyzes the request to determine whether a visitor belonging to that request poses a threat. If the proxy server determines that the visitor poses a threat, the proxy server blocks the request and transmits a block page to the client device that indicates that the request has been blocked.

Abstract: A transport layer security (TLS) connection is established between a signature device and the host computer via an interface (e.g., a universal serial bus (USB) interface). The signature device acts as a TLS server, and the host computer acts as a TLS client. Data such as pen data, control data, or image data may be received or transmitted via a USB bulk transfer mechanism. In one aspect, the host computer sends a command via the interface to the signature device to generate a new key pair, receives a certificate signing request (CSR) from the signature device via the interface, sends the CSR to a user certificate authority, receives a public key certificate from the user certificate authority, and sends the public key certificate to the signature device via the interface.

Abstract: Embodiments of the present systems and methods may provide data watermarking without reliance on error-tolerant fields, thereby providing for the incorporation of watermarks in data that was not considered suitable for watermarking. For example, in an embodiment, a computer-implemented method for watermarking data may comprise inserting watermark data into a field that requires format-preserving encryption.

Abstract: Technologies are disclosed herein for near field communication (“NFC”) enhanced firmware security. Using an implementation of the technologies disclosed herein, an NFC card or an NFC-equipped mobile device can be utilized to access an NFC-equipped server computer. The server computer reads a login key from an NFC card or an NFC-equipped mobile device. Based upon the login key, a firmware executing on the server computer can determine whether a user is to have administrator access rights, non-administrator user access rights, or no access rights at all to a firmware setup menu provided by the server computer. Based upon the login key, the firmware executing in the NFC-equipped server computer can also identify an operating system to be booted by the server computer. In some configurations, an NFC-equipped mobile device contacts an authorization server to obtain the login key based upon a user's access credentials.

Abstract: A program file classification method, a program file classification apparatus, and a program file classification system, where the system sets an agent program in a client and a sandbox server to obtain behavior information corresponding to at least two behaviors executed by a program file at runtime. Each piece of behavior information includes a behavior identifier and a path related during execution of a corresponding behavior. A classification server performs normalization process on the path in each piece of behavior information, where the normalization process reduces path diversity, generates a feature vector according to at least two pieces of behavior information obtained after the path normalization process, and determines, according to the feature vector, a category to which the program file belongs. Because normalization process is performed on the path, randomness of a path obtained after the normalization process is reduced.

Abstract: A communication system is provided, the communication system including: an authenticating unit that authenticates a plurality of communication terminals based on a single user ID, and keeps the plurality of communication terminals logged into an information providing service; a storing unit that stores therein provider registration information including a plurality of pieces of provider information that indicate providers of respective pieces of data being displayed on each communication terminal among the plurality of communication terminals; a receiving unit that receives designation information that designates the provider registration information; and a transmitting unit that transmits each piece among the plurality of pieces of provider information to each communication terminal among the plurality of communication terminals so as to cause each communication terminal among the plurality of communication terminals to display data provided by a provider indicated by a plurality of pieces of provider inf

Abstract: A flow control method and apparatus are provided. The flow control apparatus groups stored multiple pieces of address information into at least two security groups according to attribute information; arranges the at least two security groups, so that a security group at a high level may completely include a security group at a low level and security groups at a same level are completely independent of each other without overlap; receives a policy configuration instruction; configures a specified rule according to the policy configuration instruction, and configures a storage sequence of the specified rule according to the policy configuration instruction, where the specified rule is generated according to the policy configuration instruction; receives a data packet after the at least two rules are configured; and processes the data packet according to the at least two rules and storage sequences of the rules, to implement flow control.

Abstract: A method, an apparatus, and a system for authenticating a WI-FI network, where a terminal sends, to an associated authentication center when the WI-FI network exists in an area in which the terminal is located, a request message that carries a user identifier, receives access verification information allocated to a user represented by the first user identifier from the associated authentication center, sends, to a WI-FI authentication center, a login request that carries the access verification information, receives authentication information obtained and fed back by the WI-FI authentication center carrying a user identifier corresponding to the access verification information, and determines that the WI-FI network is a secure network when the user identifier carried in the authentication information is the same as the user identifier carried in the request message.

Abstract: In an implementation of identifying related computing devices for automatic user account login, a login request to a user account that includes a unique identification (ID) of a user computing device and an internet protocol (IP) address of the user computing device are received. One or more user computing devices that have logged in to the user account using a same IP address as the user computing device are identified based on a user ID of the user account and the unique ID of the user computing device. Whether one or more unique IDs corresponding to the one or more user computing devices that have logged in to the user account are correlated with the unique ID of the user computing device is determined. If yes, data corresponding to login information used by the one or more user computing devices to log in to the user account to the user computing device for automatic account login are sent.

Abstract: In one aspect, a first device includes a processor, a wireless transceiver accessible to the processor, at least one biometric sensor accessible to the processor, and storage accessible to the processor. The storage bears instructions executable by the processor to receive input from the at least one biometric sensor, identify a user based on input from the at least one biometric sensor, and determine a second device with which the first device is to communicate using the wireless transceiver based at least in part on identification of the user based on input from the at least one biometric sensor.

Abstract: Devices, systems and methods for enabling voice access to a portable electronic device in a closed physical configuration with biometric authentication are disclosed. A device can have multiple physical configurations, including a closed configuration in which a display and/or user interface is not accessible. A biometric sensor disposed on an outer surface of the device in at least the closed configuration can be used to enable access to the device or secure functions of the device, via a voice engine or the like, even though the device is physically closed. In some embodiments, unsecure functions can be accessed via voice engine without use of the biometric sensor when the device is closed.

Abstract: Method for providing a secure mode for mobile applications including: configuring which applications should be available in secure mode; defining in the mobile operating system kernel, rules and privileges for applications defined for the secure mode; checking continuously if the secure mode is enabled by the user; if the security mode is enabled by the user, then the operating system kernel searches all processes and applications running on the operating system, suspend) the system applications not configured to be available in secure mode, hides the protected application, restricts inter-process communications and enforce privilege escalation events and enables access to application files protected by the protected application user Id; and if the security mode is disabled by the user, then the kernel releases all processes and applications that were stopped by the secure mode and denies any access to the protected application files.

Abstract: A computer identifies one or more privacy settings. The computer receives a query for information. The computer determines whether a response to the query satisfies the one or more privacy settings. If the computer determines that the response to the query does not satisfy the one or more privacy settings, the computer alters the response to satisfy the one or more privacy settings.

Abstract: A computer identifies one or more privacy settings. The computer receives a query for information. The computer determines whether a response to the query satisfies the one or more privacy settings. If the computer determines that the response to the query does not satisfy the one or more privacy settings, the computer alters the response to satisfy the one or more privacy settings.

Abstract: Some embodiments provide a technique for detecting highly-vulnerable domain names and remediating associated problems. The technique can include collecting DNS data representing a requests to the DNS over a period of time and determining a subset of the DNS data representing DNS-based service discovery requests to unregistered domains over the period of time. The technique can also include, for each of the unregistered domains, determining a query ratio and a persistence ratio. The technique can also include ranking the unregistered domains according to a metric that includes the query ratios and the persistence ratios, such that a ranked list of domain names is produced and outputting an initial segment of the ranked list of domain names as the highly-vulnerable domain names. The technique can also include remediating attacks on at least one of the highly-vulnerable domain names.

Abstract: The present invention relates to a security method for a smart phone, in which method a security keyboard app is installed in a smart phone of a staff member so as to make it possible to monitor information leakage. The security method for a smart phone comprises the steps of: running a first app on a smart phone and, when the first app is subject to key input, determining, by means of a security keyboard app installed in the smart phone, whether the first app is a predetermined app which is to be subject to security; monitoring the key input which is inputted to the first app, if the first app is a predetermined app that is to be subject to security; transmitting the monitored key input to a security server; and blocking the key input if the monitored key input includes a predetermined security key word.