Abstract: An embodiment includes a main compute node that detects the physical presence of a first user and subsequently loads a profile for the first user. The main compute node may detect the first user's presence based on detecting a first compute node corresponding to the first user. For example, the main compute node may be a desktop computer that detects the presence of the first user's Smart phone, which is nearby the first user. The main compute node may unload the first user's profile when the main compute node no longer detects the first user's presence. Upon detecting a second user's presence, the main computer may load a profile for the second user. The profile may include cookies and/or other identifiers for the second user. The profile may facilitate the second user's navigation of a computing environment (e.g. web pages). Other embodiments are addressed herein.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for transforming representations of network activity data. A data structure that represents communication events between computing devices of one or more networks is received. The data structure is analyzed and a set of potential attack paths represented in the data structure is determined. A score is assigned to each potential attack path in the set of potential attack paths. Potential attack paths that have scores that do not meet a predetermined threshold are removed from the set of potential attack paths. Potential attack paths that remain in the set of potential attack paths are ranked, based on each score assigned to each potential attack path, and the data structure that includes a ranked set of potential attack paths is provided.

Abstract: In general, an indication is received through a user interface of an intention of a potential rider to use an autonomous vehicle. In response to the receipt of the indication, a hailing request is sent by a signaling mode to at least one autonomous vehicle that can receive the hailing request directly in accordance with the signaling mode.

Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

Abstract: A block chain may be used to certify the existence, integrity, and/or ownership of a file or communication. The present disclosure describes receiving a plurality of data units; hashing the plurality of data units to provide a plurality of hashes, individual hashes being unique cryptographic identifiers of corresponding data units such that an individual hash verifiably relates to a corresponding data unit and the individual hashes cannot be used by themselves to obtain corresponding data units; temporarily storing the hashes; generating a first cryptographic structure based on the plurality of hashes; publishing the first cryptographic structure on the block chain; providing proofs associated with individual ones of the plurality of data units that allow independent verification that the data units are certified; and verifying certification of data units based on roots of reconstructed cryptographic structures.

Abstract: A client device for decrypting and decoding media assets through a secure data path. The client device includes a host core and global memory in a common execution environment and a secure core and restricted memory in a secure execution environment. The secure core generates a license challenge only in the context of the secure execution environment and processes a license challenge response that includes a media content decryption key only in the context of the secure execution environment. The secure core decrypts a protected media asset using the media content decryption key only in the context of the secure execution environment such that the decryption key and decrypted media asset will not be in global memory thereby protecting the media asset from unauthorized access.

Abstract: In an example, a system and method for outbreak pathology inference are described. In certain computational ecosystems, malware programs and other malicious objects may infect a machine, and then attempt to infect additional machines that are “networked” to the first machine. In some cases, the network may be a physical or logical network, such as an enterprise network. However, “social networking” may also connect one machine to another, because users may share files or data with one another over social networks. In that case, client devices may be equipped with a telemetry engine to gather and report data about the machine, while a system management server receives reported telemetry. The system management server may use both logical networks and social networks to infer potential outbreak paths and behaviors of malware.

Abstract: Techniques for clipboard monitoring are disclosed. In one embodiment, the techniques may be realized as a method including identifying text that has been copied from an application to a clipboard; copying the identified text to a cache separate from the clipboard; replacing the identified text in the clipboard with a delayed clipboard object; in response to a reference call from the delayed clipboard object, analyzing the copied text for sensitive data; and in response to determining that the copied text includes sensitive data, providing a response to the reference call from the delayed clipboard object that does not include the copied text.

Abstract: A system and method for mitigating the effects of malicious internet traffic, including DDOS attacks and email bombs, by utilizing a DNS Traffic Analyzer and Firewall to analyze network traffic intended for a DNS server and preventing some network traffic from accessing the DNS server.

Abstract: A method and system is provided for detecting malicious files on a virtual machine in a distributed network. An example method includes, receiving, by a thin client operating on the virtual machine, data relating to characteristics of computing resources of servers in the distributed network with each server being able to scan files to detect malicious files. The method for includes obtaining a on the virtual machine, identifying and selecting, using the data relating to characteristics of the computing resources, one of the servers to perform the scan of the file on the virtual machine, and transmitting to the selected server the file for scanning.

Abstract: An approach is provided for key management for data encryption. A key management platform receives a request from at least one client for one or more private keys for decrypting one or more datasets. The one or more private keys are encrypted in at least one key repository associated with at least one server. The key management platform also causes, at least in part, an authentication of the request using one or more secure credentials of the at least one client, the at least one server, or a combination thereof. The key management platform further causes, at least in part, an authorization of the at least one client to determine whether the at least one client is authorized to access the one or more private keys based on the authentication. The key management platform further causes, at least in part, a decryption of the one or more private keys using at least one master key based on the authorization.

Abstract: A system and method for dynamically scanning one or more features on a Website. The system allows detecting of stored scripting errors, where an attack or injection occurs on a page or feature that results in executing malicious code by another page or feature. The system uses stored test identities and allows testing reuse.

Abstract: Provided is a method of providing an integrate cloud storage service through a home gateway communicating with smart devices through a first network formed by the home gateway and communicating with cloud storages through a communication network. The method may include obtaining information on cloud storage accounts associated with a smart device, as cloud storage account information, upon generation of a predetermined event associated with the smart device, generating an integrated cloud storage list based on information on folders and data of cloud storages accessible by the cloud storage account information, and providing the generated integrated cloud storage list to the smart device.

Abstract: In one embodiment, first content is served by an application server to a client computer through an Internet service provider network. The first content includes a link to second content on a third-party server. A token request is sent from the third-party server to the application server in response to selection of the link by the client computer. A token is provided to the third-party server by the application server in response to the token request. The token is configured to authorize data flow at a bandwidth for the second content by the Internet service provider network to the client computer. The data flow is authorized based on an agreement for the bandwidth between an operator of the application server and an operator of the Internet service provider network.

Abstract: A method, apparatus, and computer program product are disclosed for self-service design, scheduling, and delivery of user-defined reports regarding promotions. The method includes receiving, from a user device, a report type and report delivery information. Based on the report type, relevant data regarding the one or more promotions is collected, using which a report is generated. The method then outputs the generated report based on the report delivery information. Optionally, analytical insights, such as trends within the data, sample size, suitability of control data, and indications of statistical significance, are generated and included in the report. A corresponding apparatus and computer program product are also provided.

Abstract: A method for managing application containers, comprising: assigning a first application to a master container in a memory of a system; assigning a second application to a slave container in the memory; using a processor, assigning the master and slave containers to a container group by: delegating access to container meta-data of the slave container by a container run-time of the slave container or by the first application to a container meta-data accessor of the master container via a class loader of the master container; and, delegating interaction between the container run-time of the slave container and a container management channel of the slave container to a container management channel of the master container via the class loader of the master container; and, accessing the first and second applications via the container group.

Abstract: A processing device comprises a processor coupled to a memory and is configured to obtain data relating to communications initiated by host devices of a computer network of an enterprise, and to process the data to identify external domains contacted by the host devices. A graph inference algorithm is applied to analyze contacts of the host devices with the external domains in order to characterize one or more of the external domains as suspicious domains. The host devices are configured to counteract malware infection from the suspicious domains. The graph inference algorithm in some embodiments comprises a belief propagation algorithm, which may be initiated with one or more seeds corresponding to respective known suspicious domains or to respective ones of the external domains determined to be associated with command and control behavior. The processing device may be implemented in the computer network or an associated network security system.

Abstract: A method for a distributed computing system managing vertically partitioned data includes receiving a query for a first row of data, where a first column of the first row of data is stored in a first data server and a second column of the first row of data is stored a second data server. The method translates the query for the first row of data into two queries, wherein a first translated query is for the first column of the first row of data and a second translated query is for the second column of the first row of data. The method sends the first translated query to the first data server and the second translated query to the second data server. Responsive to receiving the first column and the second column of the first row of data, the method sends the first column and the second column of the first row of data.

Abstract: A method, apparatus, and computer program for improving security in connection with online transactions are provided. A security application configured to monitor received text messages of a short message service is executed in an apparatus. The security application is arranged to have prioritized access to process the received text messages before other applications executed in the apparatus, to identify from contents of a received text message whether or not the received text message includes a transaction authentication message and, upon detecting that the received text message includes the transaction authentication message, prevent the processing of the transaction authentication message by the other applications and carry out user interfacing related to the transaction authentication message within a secured environment provided by the security application.

Abstract: Technologies are generally described for providing rapid data encryption and decryption for secure communication over an open channel with plausible deniability. In some examples, a single bit of information may be encoded by many alternative combinations of bits thus providing high security as well as enabling a single ciphertext to encrypt several different plaintexts of the same length simultaneously. The ability to encrypt several different plaintexts of the same length simultaneously may allow plausible deniability of messages. Encryption speed may be enhanced through accumulation of useful bit sets with desired properties in advance for later use. When the need arises, several plaintexts of the same size may be encrypted into a single ciphertext using accumulated bit combinations corresponding to different secret keys.