Abstract: The disclosed computer-implemented method for preventing decentralized malware attacks may include (i) receiving, by a computing device, node data from a group of nodes over a network, (ii) training a machine learning model by shuffling the node data to generate a set of outputs utilized for predicting malicious data, (iii) calculating a statistical deviation for each output in the set of outputs from an aggregated output for the set of outputs, and (iv) identifying, based on the statistical deviation, an anomalous output in the set of outputs that is associated with one or more of the malicious nodes, the one or more malicious nodes hosting the malicious data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Techniques for providing access to scope-delimited sensitive data are disclosed. A user provides sensitive data to a first party associated with a payment service provider. The first party stores the sensitive data with the payment service provider, and the payment service provider provides the first party merchant with an encoding of the payment data. The first party provides a purchasing opportunity to the user for goods offered by a third party also associated with the payment service provider. The first party transmits a sensitive data grant request to the payment service provider. In response, the payment service provides a scope-delimited encoding of the sensitive data. The first party provides the scope-delimited encoding of the payment data to the third party. The third party merchant creates a transaction using the scope-delimited encoding of the sensitive data. At some time later, access to the scope-delimited encoding of the sensitive data is revoked.

Abstract: There is provided an information processing apparatus, an information processing method, a program, an information processing system, and a communication apparatus that are capable of enhancing authentication safety, the information processing apparatus including: a communication section configured to receive authentication information and a processing request from a first communication apparatus; an authentication information generation section configured to generate authentication information on the basis of first key information associated with a second communication apparatus; and a processing control section configured to control execution of a process corresponding to the processing request on the basis of the authentication information received by the communication section and the authentication information generated by the authentication information generation section.

Abstract: This disclosure describes techniques implemented partly by a service provider to monitor a cloud-based service by generating and placing canary records in storage locations along with real records to identify improper access events of the records or other data. The service provider may detect an access event where records in a storage location were accessed, and determine whether a canary record was accessed. If a canary record was accessed, the service provider may determine that the access event was potentially performed by a malicious entity because authorized users generally may not have reason to access a canary record when utilizing their cloud-based service. The service provider may generate canary records that are difficult to identify by a malicious entity, and may position canary records in the storage locations to help ensure that the canary records are accessed by a malicious entity during an improper access event.

Abstract: Some embodiments of the present specification relate to an apparatus for preventing the manipulation of exercise data, the apparatus comprising: a sensor installed in a driving unit of an exercise equipment or at a position close to the driving unit, to sense vibration associated with the exercise of a user; a storage unit for recording and storing a reference value for determining whether exercise data has been manipulated, according to an operational feature of the exercise equipment; an exercise data determining unit for determining whether the exercise data of the user has been manipulated, by comparing a vibration measurement value of the exercise equipment measured by the sensor with the reference value when driving of the exercise equipment is identified; and a control unit for performing control to receive exercise equipment information from which the user may determine a unique feature of the exercise equipment to which the user logs on, extract the reference value corresponding to the exercise equip

Abstract: A classification device constructs tree structure data in which attribute information relating to a single communication or multiple communications serves as a terminal node, from a series of communications with a single communication destination or multiple communication destinations that take place when software is executed, calculates attribute information on a higher node on the basis of attribute information on the terminal node, and classifies the software by specifying the type of the software on the basis of attribute information on the highest node.

Abstract: An apparatus and method for a reliable quantum signature. The method using the apparatus for a reliable quantum signature includes preparing a quantum signature by sharing a first secret key and a first Bell state with a signer's terminal device and by sharing a second secret key and a second Bell state with a verifier's terminal device; signing, by the signer's terminal device, a message with the quantum signature using a first encoding value, the first secret key, and the first Bell state; verifying, by the apparatus, the quantum signature of the message using the first encoding value, the first secret key, and the first Bell state; and finally verifying, by the apparatus, the quantum signature of the message using the verifier's terminal device, a second encoding value, a third encoding value, the second secret key, and the second Bell state.

Abstract: Various embodiments of the present technology may comprise methods and apparatus for a password-protected integrated circuit. According to various aspects of the present invention, the password-protected integrated circuit may comprise a cryptosystem that is encoded with a password seed and used to authenticate control data prior to being transmitted to a sensor and/or a sensor control circuit, wherein the sensor and/or sensor control circuit responds to authenticated control data.

Abstract: In a fraud-detection method for use in an in-vehicle network system including a plurality of electronic control units (ECUs) that exchange messages on a plurality of networks, a plurality of fraud-detection ECUs each connected to a different one of the networks, and a gateway device, a fraud-detection ECU determines whether a message transmitted on a network connected to the fraud-detection ECU is malicious by using rule information stored in a memory. The gateway device receives updated rule information transmitted to a first network among the networks, selects a second network different from the first network, and transfers the updated rule information only to the second network. A fraud-detection ECU connected to the second network acquires the updated rule information and updates the rule information stored therein by using the updated rule information.

Abstract: Aspects of the present disclosure involve systems, methods, computer program products, and the like, for collaboration conferencing with multiple participants over a communications network, and more specifically for a conferencing controller in the network configured to control certain aspects of establishing a collaboration conference. In one particular embodiment, the user of the network may access the control system application to provide one or more conferencing parameters or settings the user wishes to be present during a collaboration conference session. The parameters may then be established by the control system and associated with the conferencing session involving the user. In one embodiment, such information may be associated with the identification token. In yet a further embodiment, a user to the collaboration control system may subscribe to receive a notification when another user of the system accesses a portion of a collaboration of the system.

Abstract: As described, embodiments presented herein provide techniques for detecting malware on computing devices connected to a local network segment by observing the traffic flows of such devices and generating signatures characterizing such traffic flows. Doing so allows instances of malware to be detected on a variety of devices which can be connected to a computing network, but which lack the capability of directly detecting and preventing malware applications from infecting such devices.

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core configured to obtain, from a timestamp, a truncated timestamp comprising a first number of least significant bits of the timestamp and not comprising at least one most significant bit of the timestamp, to derive a hash value based at least in part on the timestamp, a payload and a secret value, and to compile a first message comprising the truncated timestamp, the payload and, at least in part, the hash value, and a transmitter configured to be directed by the at least one processing core, to transmit the first message toward a recipient.

Abstract: Generating a set of attempted external contacts associated with a malware sample is disclosed. A malware sample is executed, in an accelerated computing environment. In the accelerated computing environment, a guest time is advanced more quickly than a time by which a host time is advanced. A set of one or more attempted external contacts generated by the executing malware sample is recorded. The set of attempted external contacts is provided as output.

Abstract: A method includes receiving registration information regarding a telematics unit and a control system for each equipment piece in a plurality of equipment pieces; receiving a seed from a control system via a telematics unit for a particular equipment piece in the plurality of equipment pieces responsive to reception of a telematics session request by the control system for the particular equipment piece of the plurality of equipment pieces; authenticating the telematics unit and the control system for the particular equipment piece based on information included with the seed and the registration information; generating an encrypted key responsive to the authentication; and providing the encrypted key to the control system via the telematics unit to establish a proprietary data communication channel from the control system to the processing circuit via the telematics unit for the particular equipment piece.

Abstract: The present invention relates to a method for controlling the identity of a user (U), comprising the following steps implemented by an identity-controlling device (3): reading, in a public database (4), confidentiality-protected data if any previously generated by an identity-attesting device (1) from an identity element of a user (U) and at least one random datum specific to the user (U); verifying (120) heed of a condition relating to the confidentiality-protected data found in the public database (4); performing predetermined processing for the user (U) only if the condition is heeded. The public database is of blockchain type and the confidentiality-protected data generated by the identity-attesting device (1) are associated in the public database (4) with first transaction data indicating that the identity-attesting device (1) has transferred a predetermined amount of electronic currency to a recipient.

Abstract: A system, apparatus, method, and machine readable medium are described for implementing a composite authenticator. For example, an apparatus in accordance with one embodiment comprises: an authenticator for authenticating a user of the apparatus with a relying party, the authenticator comprising a plurality of authentication components; and component authentication logic to attest to the model and/or integrity of at least one authentication component to one or more of the other authentication components prior to allowing the authentication components to form the authenticator.

Abstract: The invention provides a method and system for safely switching between product mode and development mode of a terminal, aiming at addressing the problem in the prior art that the terminal in a testing development version may be accidentally circulated into the market and cause hidden safety risk. According to the invention, different Certificate Authorities (CAs) are configured for the terminal at different stages; by storing the public-private key pairs of the certificates issued by different CAs in different secure storage media, only if the secure storage medium corresponding to the current CA state of the terminal is verified to be valid, the flags of the terminal can be successfully rewritten; a safe switching between different CA states of the terminal is realized. It is ensured that the terminal in the testing development stage cannot be used normally, thereby improving the safety of the terminal device.

Abstract: A method for managing personal data of a user of a user device is provided. The user device is adapted to have installed thereon an application (APP). The APP is configured to require access to the personal data when running on the user device. The method comprises creating a certification for the APP, the certification being based on a corresponding statement providing information regarding the relationship between the APP and personal data; associating the certification to the APP for certifying the APP; allowing the user to provide user-defined policies about exploiting the user personal data; checking whether the user-defined policies provided by the user are compatible with requirements of the APP defined in the corresponding statement. If the user-defined policies are compatible with the requirements of the APP defined in the statement, the method executes operations when the APP running on the user device requires to access personal data.

Abstract: To reliably protect users or systems from a program prepared by a malicious developer. Provided is a processing system configured to process a program transmitted from outside through a wired or wireless network. The processing system includes: a reception module configured to receive the program; an addition module configured to add to the program a gate component that restricts a process of attacking a user or the system; and an alteration module configured to alter, in the program, a code having a certain keyword or syntax to change a destination to be referred to by the code having the keyword or syntax to the gate component.

Abstract: Embodiments of the present application disclose a method and system for identifying whether an application is genuine by means of digital watermarks, which can conveniently determine whether an application is genuine.