Abstract: Various embodiments relating to exchanging a cryptographic key between a display device and an input device via electrostatic communication are disclosed. In one embodiment, an interactive communication device includes one or more electrodes and a radio transceiver. The one or more electrodes may be excited to capacitively couple with one or more electrodes of a proximate communication device so as to capacitively send a cryptographic key from the interactive communication device to the proximate communication device. The radio transceiver may be configured to communicate with a radio transceiver of the proximate communication device via a radio channel. The interactive communication device may be configured to subsequently exchange encrypted communications with the proximate communication device over the radio channel. The encrypted communications may be encrypted using the cryptographic key.

Abstract: The present invention provides the initiation of a transport layer security (TLS) session between a client device and a server using a firewall without interruption. The present invention holds a TLS hello message received from the client device until after the server has been validated. A firewall consistent with the present invention does not interrupt a transport layer control (TCP) connection that was established between the client device and the firewall before the TLS hello message was received by the firewall.

Abstract: A communication system provides secure communication between two nodes in a self-organizing network without the need for a centralized security or control device. A first node of the two nodes is provisioned with one or more security profiles, auto-discovers a second node of the two nodes, authenticates the second node based on a security profile of the one or more security profiles, selects a security profile of the one or more security profiles to encrypt a communication session between the two nodes, and encrypts the communication session between the two nodes based on the selected security profile. The second node also is provisioned with the same one or more security profiles, authenticates the first node based on a same security profile as is used to authenticate the second node, and encrypts the communication session based on the same security profile as is used for encryption by the first node.

Abstract: A method for measuring robustness of web services includes selecting a web-service method for testing. The request pattern with the slowest response by the web-service method from a series of request patterns is selected as a request pattern for testing. The series of request patterns includes irregular requests, each having a payload aimed at destabilizing the web service. A test is applied to the web-service method, using the selected request pattern applied at an increasing frequency to the web-service method. The response time of the request pattern is monitored by the web-service method. The frequency of the applied request pattern when a threshold maximum time for response of the web-service method to the request pattern is reached, or when the method fails, is determined by a computer processor. A metric is determined for the web-service method based on the frequency of the applied request pattern required to reach the threshold.

Abstract: Various embodiments relating to exchanging a cryptographic key between a display device and an input device via electrostatic communication are disclosed. In one embodiment, an interactive communication device includes one or more electrodes and a radio transceiver. The one or more electrodes may be excited to capacitively couple with one or more electrodes of a proximate communication device so as to capacitively send a cryptographic key from the interactive communication device to the proximate communication device. The radio transceiver may be configured to communicate with a radio transceiver of the proximate communication device via a radio channel. The interactive communication device may be configured to subsequently exchange encrypted communications with the proximate communication device over the radio channel. The encrypted communications may be encrypted using the cryptographic key.

Abstract: Techniques for enhancing electronic privacy utilize noise to prevent third parties from determining certain information based on search queries. Users submit search queries as part of their normal activities. For a user, the search queries submitted and information regarding search results used to generate additional search queries on different, but related topics. The generated additional search queries are submitted automatically on behalf of the user at a sufficient frequency to prevent high accuracy data analysis on search queries.

Abstract: A terminal unique information transmission method including: receiving, by a server, from a terminal, a terminal unique information acquisition request including a terminal unique public key certificate of the terminal; generating an encrypted terminal unique public key certificate by encrypting the terminal unique public key certificate of the terminal; checking, by the server, whether the generated encrypted terminal unique public key certificate is described in a discarded terminal information table; and transmitting, by the server, when the generated encrypted terminal unique public key certificate is not described in the discarded terminal information table, a terminal unique information of the terminal to the terminal.

Abstract: A user authenticating method is performed by a user authenticating server connectable to at least one mobile terminal and a user terminal. The user authenticating method includes: receiving access information of a network including an access identification code and an access location code from the user terminal; estimating an access location of a network based on the access location code; determining at least one mobile terminal associated with the access identification code; transmitting the estimated access location of a network to the at least one mobile terminal; and receiving a location-based access approval or access rejection determined based on the access location of a network and a location of a particular mobile terminal belonging to the at least one mobile terminal from the particular mobile terminal.

Abstract: Aspects of various embodiments are directed to the communication of wireless data. In a particular embodiment, an apparatus includes a master/wireless communication circuit and a slave circuit that carries out a secure function. The master generates session initiation commands, and the slave is responsive to these commands by generating and storing a session ID. In response to the receipt and validation of user-input data, the slave accesses and locally stores the session ID. Upon the initiation of and/or during a wireless communication process, the slave again accesses the session ID and compares the accessed session ID with the locally stored session ID, and facilitates communication based on the comparison (e.g., communication is not permitted if the comparison does not indicate a match).

Abstract: Methods and systems for malware detection techniques, which detect malware by identifying the Command and Control (C&C) communication between the malware and the remote host, and distinguish between communication transactions that carry C&C communication and transactions of innocent traffic. The fine-granularity features are examined, which are present in the transactions and are indicative of whether the transactions are exchanged with malware. A feature comprises an aggregated statistical property of one or more features of the transactions, such as average, sum median or variance, or of any suitable function or transformation of the features.

Abstract: Prior to execution of computer program instructions, the computer identifies one or more addresses in memory corresponding to the locations of one or more of the computer program instructions in the computer program. During execution of the computer program instructions, the computer identifies in the computer program another computer program instruction located in another address in the memory, and in response, the computer makes an indication that the computer program has an indicia of maliciousness.

Abstract: The process comprises a data-acquisition phase with the creation of a database of multicomponent digital signatures constituting fingerprints of identity documents, linked to a central server relocated relative to a primary database comprising variable textual data and images of reference identity documents. A relocated checking phase of identity documents at a checkpoint comprises the digitizing of an identity document to be checked, the creation of a fingerprint of the digitized document, the comparison of the latter with the fingerprint of a document from the fingerprint database indexed with the same reference number and the sending of a message according to the result of the comparison.

Abstract: A communication method in an information processing system including a group of first information processing apparatuses that transmit data and a group of second information processing apparatuses that receive the data is disclosed. The communication method includes storing data subject to being transmitted to one of the second information processing apparatuses in a data storage by associating the data with identifier information of the second information processing apparatus, and performing transmission processing to transmit the stored data to the second information processing apparatus in response to reception of a first token generated by the second information processing apparatus serving as a generating source of the first token, the first tokens indicating a transmission right to transmit the data to the second information processing apparatus and being transferred between the group of the first information processing apparatuses and between the group of the second information processing apparatuses.

Abstract: A display securely decrypts an encrypted image signal. Pixels are disposed between the display substrate and cover in a display area, and provide light to a user in response to a drive signal. Control chiplets disposed between the display substrate and cover in the display area are each connected to one or more of the plurality of pixels. Each receives a respective control signal and produce respective drive signal(s) for the connected pixel(s). A decryption chiplet is disposed between the display substrate and cover. It includes means for receiving the encrypted image signal and a decryptor for decrypting the encrypted image signal to produce a respective control signal for each of the control chiplets.

Abstract: Methods and systems for detecting and mitigating high-rate Distributed Denial of Service (DDoS) attacks are herein described. The present invention contemplates a variety of improved techniques for using a flow-based statistical collection mechanism to monitor and detect deviations in server usage data. The method further includes combining multiple anomaly algorithms in a unique way to improve the accuracy of identifying a high-rate DDoS attack. The DDoS solution includes a two-phase approach of detection and mitigation, both of which operate on a local- and a global-basis. Moreover, the anomaly algorithms can be modified or extrapolated to obtain the traffic deviation parameters and therefore, the attack probabilities.

Abstract: A content protection query module (CPQM) dynamically queries content protection items supported on the client device. The CPQM automatically identifies content protection configurations, based on the results of the queries. Using a variety of business rules and policies, the CPQM may select a content protection configuration from the configurations for packaging and providing protected content to the client device. The CPQM may instruct the client device to expect the protected content in the selected configuration, thereby enabling the client device to configure itself, as appropriate, for such configuration. The client device may include a media player that selects based on the instructions which DRM module to employ, providing the DRM module with instructions regarding where to obtain decryption keys/licenses for the content, and even instructing the DRM module which decryption mechanism to employ to decrypt the received protected content.

Abstract: Techniques for enhancing electronic privacy utilize noise to prevent third parties from determining certain information based on search queries. Users submit search queries as part of their normal activities. For a user, the search queries submitted and information regarding search results used to generate additional search queries on different, but related topics. The generated additional search queries are submitted automatically on behalf of the user at a sufficient frequency to prevent high accuracy data analysis on search queries.

Abstract: Lookaside-type communication apparatus and reception and transmission control methods make high-rate communication of a packet including encrypted data. Receive data including encrypted data are supplied to an encryption data processing part, and supplied to a security part through a second bus when the packet is received. The encrypted data becomes plain-text data in the security part, and supplied to the control part through the system bus. Transmit data including a data body including a plain-text data to be encrypted are supplied to the security part when the packet is transmitted. The plain-text data become the encrypted data in the security part, and the transmit data having the data body including the encrypted data are supplied to the encryption data processing part through the second bus. The transmit data are transmitted in the form of the packet in the transmission and reception part.

Abstract: A method is performed in a network security system implemented in a computer or electronic device that is coupled to secured online resources for detecting unauthorized accesses of those secured online resources. The method includes monitoring a user activity session. It is determined whether the user activity session is indicative of a hidden session by an attacker, where the determination includes comparing the user activity session to an average user activity session.

Abstract: The present invention relates to a system and method for providing a secure manual interaction with one or more electronic devices in a network. An authentication module generates an authentication task to a user to input data using a user interface. The data is processed and a second security module generates security tasks to be responded by the user such that the security tasks are generated in real-time by using the input data fed by the user. A verification module correlates the input data with the security tasks responded by the user in order to check the data integrity before completing the interaction.