Abstract: Methods and apparatus to a login methodology. A method includes selecting a library of images stored in the computer device, setting nicknames for the selected library, uploading the selected library of images to the server, and generating a login account. A network includes a server including at least a processor and a memory, a computer device linked to the server, the computer device including at least a processor and a memory, the memory including at least an operating system and a login process, the login process including selecting a library of images stored in the computer device, setting nicknames for the selected library, uploading the selected library of images to the server and generating a login account.

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

Abstract: A computerized method is described for authenticating access to a subscription-based service to detect an attempted cyber-attack. More specifically, a request is received for a subscription for analysis of objects, which are supplied by a customer to a malware detection system. A customer identifier is assigned to the customer initiating the request for the subscription and a sensor associated with the customer is identified and an identifier of the sensor is associated with the customer identifier. Then, service policy level information pertaining to the subscription is associated with the identifier of the sensor, where the service policy level information includes a set of subscription attributes including object analysis restrictions.

Abstract: A system and method for quantile-based assessment and handling of digital events in a digital threat mitigation platform includes receiving, via an application programming interface (API), a request from a subscriber to assess a threat of a digital event, computing, using one or more threat scoring machine learning models, a digital threat inference based on one or more corpora of feature vectors associated with the digital event, wherein the digital threat inference includes an uncalibrated digital threat score, retrieving, from a database, a T-Digest data structure of historical digital threat scores of the subscriber, computing, using the T-Digest data structure of historical digital threat scores, a percentile-based threat score based on the uncalibrated digital threat score computed for the digital event, and executing an automated disposal decision computed for the digital event based on at least the percentile-based threat score satisfying automated decisioning instructions of the digital threat mitiga

Abstract: Provided are a computer program product, system, and method for managing access to tape cartridges at a tape archival service provider. A determination is made as to whether a non-volatile memory of the tape cartridge stores a key encryption key comprising an encrypted user encryption key associated with a user. In response to determining that the non-volatile memory of the tape cartridge stores the key encryption key, the key encryption key is decrypted to produce the user encryption key. The user encryption key, resulting from the decrypting, is provided to an encryption engine of the tape drive to encrypt plain-text data read from the tape medium in the tape cartridge with the user encryption key to return to a read request.

Abstract: The present invention discloses a watermark embedding method based on service invocation data, comprising obtaining service invocation data, and preprocessing the invocation data, then, obtaining the key data through screening the preprocessed invocation data based on relevant weights, then, adding timestamps to the key data to obtain enhanced data, after that, selecting the contribution degree of the enhanced data to obtain high-quality data, and encoding the high-quality data to generate encoded data, then, constructing a data watermark embedding model by employing the encoded data, and inputting the service invocation data to be embedded into the data watermark embedding model, and thus the embedding results can be output. This method can not only improve the accuracy of watermark embedding for service invocation data, but also provides good interpretability, making it directly applicable to watermark embedding systems.

Abstract: A system and method detect a row hammer attack on the memory media device and generates a hardware interrupt based on the detection of the row hammer attack. This row hammer interrupt is communicated to an operating system of a host computing device, which in turn performs an interrupt service routine including generating a command to perform a row hammer mitigation operation. This command is provided to the memory controller which performs the row hammer mitigation operation in response to the command such as activating victim row(s) of the memory media device or throttling data traffic to the memory media device.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for enhanced secure resource transmissions based on image capture via a resource processing terminal device. The invention provides a secure platform for transformation and structuring of resource data at a resource instrument device, and authentication of resource data, prior to initiation of a resource activity at the resource processing terminal device. Specifically, the invention is structured to construct an authorized credential element for processing of a resource activity at a first time interval prior to initiation of the resource activity. The invention is structured to execute a first resource processing activity at a subsequent time interval using the first authorized credential element, upon determining that the authorized credential element is compatible with the activity, and that the authorized credential element is pre-authenticated.

Abstract: Disclosed herein is a system architecture that structures commodity heterogeneous interconnected computing platforms around universal object abstractions, which are fundamental system abstractions and building blocks that provides practical and provable end-to-end guarantees of security, correctness, and timeliness for the platform.

Abstract: Systems and techniques for security content delivery based on tagged personas are described herein. User data may be obtained for a user of a network file system. Attributes may be extracted from the user data to establish a user persona. Event data may be obtained for a security event experienced by the network file system. The security event may be associated with the user. A set of available remediation content items may be identified using the event data. A content item may be selected from the set of remediation content items using the user persona. A transmission medium may be determined for transmission of the content item to the user using the user persona. The content item may be transmitted to the user via the transmission medium.

Abstract: According to an example embodiment, a technique for data acquisition is provided, comprising: receiving, from an intermediate apparatus, a trusted aggregate data object comprising aggregate data object that comprises aggregate data comprising a respective trusted source data object for one or more data source apparatuses mapped to the intermediate apparatus and an intermediate apparatus quote that is descriptive of one or more aspects of a configuration of the intermediate apparatus upon production of the aggregate data, and an intermediate apparatus signature comprising a digital signature derived based on the aggregate data object using a first key assigned to the intermediate apparatus; and verifying, based at least in part on information received in the trusted aggregate data object, integrity of data included in the trusted aggregate data object and integrity of the intermediate apparatus.

Abstract: A method of multi-factor authentication, the method comprising computer executed steps, the steps comprising: from a computer of a cloud service, receiving data identifying a user logged-in to the cloud service after being successfully authenticated using a first authentication factor, communicating with a client device of the logged-in user, for receiving a second authentication factor from the logged-in user, determining whether the second authentication factor received from the logged-in user is valid, based on a result of the determining, determining a first user-permission policy for the logged-in user, and communicating the determined first user-permission policy to the computer of the cloud service, for the cloud service to base a restriction of usage of the cloud service by the logged-in user on.

Abstract: A system determines, in a graph which represents a system of components: vulnerability nodes representing known vulnerabilities to the system, including exposed and non-exposed vulnerability nodes associated with an exploitation likelihood; and dependency nodes representing components in the system, including direct and indirect dependency nodes associated with an exposure factor indicating an amount of degradation based on exploitation of an associated vulnerability. The system calculates, across all non-exposed vulnerability nodes and all direct dependency nodes, a score which indicates an attack volume based on at least: a respective second likelihood associated with a non-exposed vulnerability node; an exposure factor associated with a dependency node which represents a component directly degraded based on exploitation of a vulnerability; and a loss of utility of the component.

Abstract: Disclosure are techniques for allocating aggregation devices in a lawful intercept system. In an embodiment, a method includes maintaining a list of point of interception aggregation (PAG) functions in a network function repository function (NRF) of a cellular network upon instantiation of the PAG functions; receiving a lawful intercept (LI) request; querying the NRF to determine a respective PAG function; and associating a point of interception (POI) function with the respective PAG function.

Abstract: One or more first servers can implement an example method including storing, at a memory accessible by the first one or more servers, a primary email address for a user. The method further includes detecting a request, from a client device associated with the user, to access a network resource hosted at a second one or more servers, wherein the network resource is associated with an online service. The method also includes automatically generating a secondary email address for the user that is unique to the online service; and transmitting the secondary email address to the second one or more servers such that the online service receives the secondary email address for the user without receiving the primary email address for the user, thereby enabling the online service to transmit emails to the user despite not receiving the primary email address for the user.

Abstract: A system for providing updatable secure content resource. A content server may pay a content resource on the content author for an access by a requester. The content server receives a session request call from the requester prior to accessing the content resource. In response to the session request, the content server generates a session for the requester. The content server generates a payload that includes a location identifying the content resource on the content author and embeds the embedded cryptographic content. The content server transmits the generated payload to the requester. A resource server may receive an authentication access request in response to the embedded cryptographic content. In response to authenticating the authentication access request, the resource server provides the access to the requester.

Abstract: The invention is related to security systems and methods for proactively informing a user about an artifact associated with a clickable object on a user interface with which the user is interacting, where such information is provided to the user prior to selection of the clickable object. The information includes a safety assessment of the clickable object, details about the underlying artifact, such as the contents of an archive file, and general information helpful in assisting the user with making a decision as to whether to select the clickable object.

Abstract: Embodiments of the present disclosure provide a method, a system and a non-transitory computer-readable medium to securely pass a message. The method includes executing, by a processing device, a floating persistent volumes service (FPVS) to allocate and attach persistent volume (PV) to a first node in a mesh network to pass a payload in the PV to the first node; and sending a first message to the first node to inform the first node to read data from the payload in the PV.

Abstract: An information processing apparatus includes: an acquisition unit configured to acquire learning data containing a plurality of items, the learning data being assigned a first level and a second level whose threat level is higher than the first level; a first feature value detection unit configured to detect a first feature value of a specific character string from learning data belonging to the first level; a second feature value detection unit configured to detect a second feature value of the specific character string from learning data belonging to the second level; a difference detection unit configured to detect a difference between the first and second feature values; and a selection unit configured to select, when there is the difference, learning data of an item to which the specific character string belongs.

Abstract: An integrated method for uploading data on a blockchain comprising: receiving an editable text data or an editable form data by the data source computer device; determining whether a file update time of the editable text data or the editable form data is later than a last change time stored by the service server and corresponding to the data by the data source computer device; sending the data to the service server when the data source computer device determined that the file update time is later than the last change time by the data source computer device; executing a corresponding service that is able to access data of a blockchain and upload the data to the blockchain according to the data from the data source computer device by the service server. Therefore, the data can be efficiently and quickly uploaded to the blockchain.