Abstract: Cryptocurrency based malware and ransomware detection systems and methods are disclosed herein. An example method includes analyzing a plurality of malware or ransomware attacks to determine cryptocurrency payment address of malware or ransomware attacks, building a malware or ransomware attack database with the cryptocurrency payment addresses of the plurality of malware or ransomware attacks, identifying a proposed cryptocurrency transaction that includes an address that is included in the malware or ransomware attack database, and denying the proposed cryptocurrency transaction.

Abstract: Methods, systems, and devices for user authentication are described. A first device may generate a keypair at a secure module. The keypair includes a public key and a private key that is stored at the secure module. The first device may authenticate the first device and a user of the first device with an identity management platform and may generate a header at an authentication client based on the authenticating. The header may be generated in accordance with an application-layer protocol for demonstrating proof-of-possession (DPoD). The first device may collect device signals and sign the header with the private key and the device signals based on a web client invoking the authentication client via a loopback interface and the authentication client accessing the secure module. The first device may transmit the signed header to a server of the identity management platform via the web client.

Abstract: Provided is a method for providing Registration Data Access Protocol (“RDAP”) responses. The method includes obtaining, at a RDAP client over a network, a RDAP query for RDAP data from a user; providing, by the RDAP client, the RDAP query and a cryptographic credential to a RDAP server, wherein the RDAP server communicates with one or more thick RDAP servers to provide respective thick RDAP answers to the RDAP query, wherein at least one the respective thick RDAP answers are encrypted using a symmetric or asymmetric cryptographic key associated with the cryptographic credential of the RDAP client; obtaining a consolidated thick RDAP answer to the RDAP query from the RDAP server; decrypting the consolidated thick RDAP answer using a symmetric or asymmetric cryptographic key associated with the cryptographic credential; and providing the thick RDAP answer that is decrypted to the user.

Abstract: The disclosure describes techniques for automatically pairing multiple source devices to a sink device in response to a single source device being paired to the source device. For instance, in response to a single source device being manually paired with wireless earbuds, the techniques may automatically pair other source devices that are associated with a common user account. In addition, this disclosure describes techniques for configuring a sink device to periodically broadcast advertisement messages indicating a current state of the sink device, which enables source devices that receive the advertisement message to determine whether to establish a connection with the sink device based on a current state of the sink device.

Abstract: A computing device includes at least one processor configured to determine a retrieved secret share from each of at least two secret share storage devices or media that are retrieved from at least two of a plurality of shareholders. The at least one processor is also configured to determine whether each respective retrieved secret share is one of the plurality of secret shares that were generated based on whether the respective hash of the respective retrieved secret share matches any hash in the list of hashes of the plurality of secret shares within the metadata. The at least one processor is also configured to, in response to determining that each retrieved secret share is among the plurality of secret shares that were generated, attempt to reconstitute a secret using retrieved secret shares from the at least two secret share storage devices or media.

Abstract: The present disclosure aims to provide a backdoor inspection device, a user device, a system, a method, and a non-transitory computer-readable medium that can increase trustability of software as to whether or not there is a backdoor in the software. A system according to the present disclosure includes: a plurality of backdoor inspection devices; a plurality of databases; and a user device, in which the backdoor inspection device includes: a backdoor presuming means for performing backdoor inspection on a prescribed software installed in a counterpart device that communicates with the user device and presumes whether or not there is a backdoor in the prescribed software; a certificate issuance means for issuing a backdoor inspection certificate including a result of the backdoor inspection, the database includes: a registration means for registering the backdoor inspection certificate; and a transmission means for transmitting the backdoor inspection certificate.

Abstract: Whether a connected drive is an unauthorized drive or not can be judged before it becomes possible for the connected drive to access a memory for a storage controller. When a storage device is connected, an information processing apparatus forms a first communication channel via a first interface incapable of accessing a built-in memory even when the communication connection is established; and a second communication channel via a second interface capable of accessing the built-in memory when the communication connection is established.

Abstract: The disclosure relates to a System, Method, Storage medium and Equipment for Mobile Network Access. The system includes: a first certificate authority node located in a block chain network, configured to authorize a first authentication certificate indicating an identity of the first network authentication service node to the first network authentication service node, authorize a first UE certificate indicating an identity of user equipment to the user equipment of the first operator, and store first UE certificate revocation information and a first CA certificate indicating an identity of the first certificate authority node to a block chain, and a first network authentication service node, configured to obtain the first UE certificate revocation information and the first CA certificate from the block chain, perform mutual identity authentication with the user equipment when receiving a first access authentication message, make the user equipment access a mobile network when completing the authentication.

Abstract: Systems, computer program products, and methods are described herein for identification and verification of brute force attacks using hash signature segmentation and behavior clustering analysis. The present invention is configured to receive a plurality of access attempts and an associated plurality of hash values; determine a failure request load based on the plurality of access attempts; determine whether the failure request load meets a failure threshold, wherein, in an instance where the failure request load meets the failure threshold, separating the plurality of access attempts associated with the failure request load into a plurality of hash clusters; generate a behavior cluster for each hash cluster based on shared behavior data of the plurality of access attempts; and determine, based on the behavior cluster for each hash cluster, a likelihood of misappropriation for each access attempt of the plurality of access attempts.

Abstract: The present disclosure provides a virtual key sharing system, including: a first terminal, configured to: acquire share permission information inputted by a user, generate a touch button according to the share permission information, enable a near field communication (NFC) module in response to acquiring a touch signal indicating that the user touches the touch button, and determine whether a second terminal exists by polling through an NFC signal of the NFC module, and in response to determining that the second terminal exists, transmit an information feedback instruction to the second terminal; the second terminal, configured to transmit information for authorization to the first terminal in response to receiving an information feedback instruction; and a vehicle manufacturer server, configured to receive the information for authorization transmitted by the first terminal, to generate an authorization credential according to the information for authorization.

Abstract: Systems and methods for protecting user data received by, stored on, and/or requested by third-party computing devices include a data entry computing system on a first network node. A data entry computing system can include a processing circuit that can identify user-entered data as sensitive user data, generate a content encryption key (CEK), generate encrypted user data by encrypting the sensitive user data with the CEK, tag the encrypted user data and the CEK with a tag readable by a database server on a network node different than the data entry computing system, the tag comprising information indicative of the encrypted user data, and transmit the encrypted user data to the database server, wherein the database server excludes a private key of a key manager on a network node different than the data entry computing system.

Abstract: A method for inter-hospital identity authentication and electronic medical record transfer of patients is provided. Based on a blockchain technology, a patient achieves secure and efficient inter-hospital transfer authentication, and a new hospital accesses an electronic medical record with authorization of the patient, thus achieving reliable electronic medical record access controls. In each hospital, the patient, a medical server, and a doctor achieve efficient tripartite authentication and negotiation of session keys, and communicate based on the session keys. By introducing an elliptic curve to encrypt key parameters in an authentication process, a security of the entire authentication process is improved, and a computational pressure on a wireless device is reduced. In the authentication and the electronic medical record, the patient uses dynamic anonymity policies to protect privacy.

Abstract: In order to efficiently perform security inspection, an inspection support apparatus includes a reception processing section configured to receive information related to a plurality of activity histories for security inspections performed by a plurality of inspection apparatuses, a specifying section configured to specify a conforming activity history meeting a predetermined correlation condition, from the plurality of activity histories, and a generating section configured to generate information related to the conforming activity history.

Abstract: A request to search a database field in a database table for a query value may be received. The query value may be hashed with a designated hash function and a designated hash key to produce a designated keyed-hash value. A row in the database table may be identified based on the designated keyed-hash value. The identified row may include a keyed-hash field value that matches the designated keyed-hash value. The identified row may include an encrypted field value generated by encrypting an unencrypted field value matching the query value. One or more data values associated with the identified row may be transmitted in response to the request.

Abstract: A computer processing device for data processing is disclosed. The device is configured to determine a trust level associated with a data requestor, determine a data category associated with one or more data elements wherein each data category has an associated ranking, construct a set of data elements for the data requestor from the one or more data elements based on the determined ranking associated with each data category and the determined trust level associated with the data requestor.

Abstract: Methods, systems, and apparatus, including a method for preventing fraud. In some aspects, a method includes: receiving, from multiple client devices, a measurement data element that includes a respective group member key and a group identifier for a given conversion as a result of displaying a digital component. Each client device uses a threshold encryption scheme to generate, based at least on network data that includes one or more of impression data or conversion data for the conversion, a group key that defines a secret for encrypting the network data and generate, based on data related to the application, the respective group member key that includes a respective share of the secret. In response to determining that at least the threshold number of measurement data elements having the same group identifier have been received, the network data is decrypted using the group member keys in the received measurement data elements.

Abstract: A method for extending connectivity from a core network to remote mobile networks includes: installing a security gateway between the core network and wireless broadband base stations located at a periphery of the core network; creating a virtual layer 2 (data link) overlay network interconnecting the broadband base stations; activating a local layer 3 (network) protocol between the security gateway and the core network; activating a sensor protocol between the security gateway and each remote mobile network, the sensor protocol being configured to use broadband communication through the broadband base stations when at least one broadband base station is in range of the remote mobile network, and otherwise use satellite communication; and providing each remote mobile network with a remote layer 3 protocol that uses the broadband communication until disconnected from the broadband base stations, and then uses the satellite communication until reconnected to one of the broadband base stations.

Abstract: A deduplication system (100) includes encryption apparatuses (400), a conversion key generation apparatus (500), a tag conversion apparatus (600), and a match determination apparatus (700). The encryption apparatuses (400) each generate encryption tag (ETag) using an encryption key (ek) and plaintext (M). The conversion key generation apparatus (500) generates a conversion key (ck) using the encryption key (ek) and a conversion key generation key (tk). The tag conversion apparatus (600) converts an encryption tag (ETag) for which the same plaintext (M) has been used into an encryption tag (T) that takes the same value regardless of a value of the encryption key (ek) used for the encryption tag (ETag) by applying the conversion key (ck) to the encryption tag (ETag). The match determination apparatus (700) determines whether the values of two encryption tags (T) match.

Abstract: Aspects of the subject disclosure may include, for example, obtaining, from a user device, a master-slave agreement and a first network configuration for a federated blockchain network, transmitting to a cloud service provider (CSP) node the first network configuration, generating first credentials, and transmitting the first credentials to the CSP node. The CSP node configures a first group of blockchain nodes according to the first network configuration and the first credentials. Further embodiments include transmitting the first credentials to a public server that sends it to a public blockchain node and an indication to generate a portion of the federated blockchain network. The public blockchain node configures a second group of blockchain nodes according to a second network configuration based on a public blockchain smart contract. The federated blockchain network comprises the first group of blockchain nodes and the second group of blockchain nodes. Other embodiments are disclosed.

Abstract: Methods and apparatuses for data communication and cybersecurity are provided to handle the PKI over constrained devices with application over PAN/LP-WAN and other similar devices and networks. This significantly improves the security capabilities of such devices in terms of identity verification, encrypted communication, and device life-cycle management. The apparatus may authenticate a party of a data communication session using a micro certificate within a micro public key infrastructure that provides transport or application layer security. The micro public key infrastructure may be the combination of communication protocol, micro certificates, and a management platform. The apparatus may establish the data communication session using the micro certificate. The apparatus may perform secured data communication over the data communication session.