Abstract: Securing a network device by forecasting an attack event using a recurrent neural network. In one embodiment, a method may include collecting event sequences of events that occurred on multiple network devices, generating training sequences, validation sequences, and test sequences from the event sequences, training a recurrent neural network using the training sequences, the validation sequences, and the test sequences, collecting an event sequence of the most recent events that occurred on a target network device, forecasting, using the recurrent neural network and based on the event sequence of the most recent events that occurred on the target network device, the next event that will occur on the target network device, and in response to the forecasted next event being an attack event, performing a security action to prevent harm to the target network device from the attack event.

Abstract: Techniques are provided for using tokenization in conjunction with “behind-the-wall” JWT authentication. “Behind-the-wall” JWT authentication refers to JWT authentication techniques in which the JWT stays exclusively within the private network that is controlled by the web application provider. Because the JWT stays within the private network, the security risk posed by posting the JWT in a client cookie is avoided. However, because JWT is used behind-the-wall to authenticate a user with the services requested by the user, the authentication-related overhead is significantly reduced.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for updating data in blockchain are provided. One of the methods includes: obtaining one or more requests for updating a plurality of pieces of data in one or more blockchains and updating the plurality of pieces of data in the one or more blockchains.

Abstract: Requests submitted to a computer system are evaluated for compliance with policy to ensure data security. Plaintext and associated data are used as inputs into a cipher to produce ciphertext. Whether a result of decrypting the ciphertext can be provided in response to a request is determined based at least in part on evaluation of a policy that itself is based at least in part on the associated data. Other policies include automatic rotation of keys to prevent keys from being used in enough operations to enable cryptographic attacks intended to determine the keys.

Abstract: A process selects a public key from a plurality of public keys provided by a message recipient that is to receive an encrypted message. The process establishes an input alphabet for a finite-state machine. The process further constructs the finite-state machine and a language over the input alphabet such that the finite-state machine accepts the language, where the language includes language elements. The process encrypts a language element of the language using the selected public key to provide an encrypted language element. The process electronically transmits the encrypted language element and a specification of the finite-state machine to the message recipient for securely identifying the selected public key to the message recipient. The process encrypts a message using the selected public key to provide the encrypted message. The process also electronically transmits the encrypted message to the message recipient.

Abstract: A system and method for automatically analyzing an object for malware is described. Operating one or more virtual machines, the system and method provide an analysis environment variation framework to provide a more robust analysis of an object for malware. The multi-application, multi-plugin processing framework is configured within a virtual machine, where the framework generates a plurality of processes for analyzing the object for malware and each of plurality of processes is configured with a different application and plug-in combination selected based in part on a type of object being analyzed.

Abstract: A system and method to establish and maintain access between a secured network and a remote client device communicating with different security protocols. Once the system and method verify that the remote client device had the requisite credentials to access the secured network domain, the system and method are delegated to fetch a service ticket to one or more dedicated servers on behalf of remote client device. The system and method receives a service ticket from the dedicated server and forwards the service ticket to the remote client device to use the service.

Abstract: A processor is coupled to a hierarchical memory structure which includes a plurality of levels of cache memories that hierarchically cache data that is read by the processor from a main memory. The processor is integrated within a computer terminal. The processor performs operations that include generating a hierarchical cache latency signature vector by repeating for each of a plurality of buffer sizes, the following: 1) allocating in the main memory a buffer having the buffer size; 2) measuring elapsed time for the processor to read data from buffer addresses that include upper and lower boundaries of the buffer; and 3) storing the elapsed time and the buffer size as an associated set in the hierarchical cache latency signature vector. The operations further include communicating through a network interface circuit a computer identification message containing computer terminal identification information generated based on the hierarchical cache latency signature vector.