Abstract: Plugins are authenticated for purposes of accessing and using application program interfaces (APIs) of a management service of a virtualized computing environment. In an authentication process, each plugin is associated with a session ticket that is unique to the plugin. The session ticket may be in the form of a single-use token that has a finite duration, and which may be used by the plugin to establish a session with the APIs of the management service. Because of the single-use and finite duration constraints of the token, the plugin is unable to use the token for other sessions and other plugins are also unable to use the same token to conduct their own sessions with the management service.

Abstract: A technique is described for protecting file data from malicious programs, in particularly, by decrypting data that has been maliciously encrypted by software such as ransomware. The described technique generates a copy of a first block of a plurality of files stored on a computing device, and also intercepts request(s) from a process executing on the computing device to obtain certain types of random data and system entropy, which are recorded. When the system detects that the plurality of files have been encrypted by a malicious program, the described system determines a cryptographic key determined based on the generated copies of the first blocks of the plurality of files and on the recorded random data, and uses that key to decrypt the plurality of files.

Abstract: This disclosure relates to method and system for managing security vulnerability in a host computer system. In an embodiment, the method may include receiving reputation data with respect to external network traffic data and receiving intrusion data with respect to host system data. The intrusion data may be generated by the host computer system based on the external network traffic data. The method may further include generating a plurality of test cases based on the reputation data and the intrusion data. The test cases, upon simulation, may provide information with respect to security vulnerability in the host computer system. The method may further include determining a set of implementable topologies for the host computer system, based on a simulation of each of the plurality of test cases, using a first artificial neural network (ANN) model to manage the security vulnerability.

Abstract: An acquiring unit acquires a packet indicating flow information that is output by a network device at a predetermined sampling rate, and a determining unit determines as abnormal, for each of predetermined traffic patterns, when a sampling error rate is equal to or lower than a predetermined upper limit value and the number of packets acquired in a predetermined count period preceding from a current time or an average value of the number of packets per unit time is equal to or higher than a predetermined detection threshold.

Abstract: A method, an apparatus, a system, and a computer program product for handling security threats in a network data processing system. A computer system determines a connection type for a connection in response to detecting the connection between a target resource in the network data processing system and a requestor. The computer system redirects the connection to a virtual resource in place of the target resource when the connection type is a threat connection, wherein the requestor originating the connection to the target resource is unable to perceive a redirection of the connection to the virtual resource. The computer system records information in the connection redirected to the virtual resource to form recorded information. The computer system adjusts a security policy for handling connections in the network data processing system using the recorded information, wherein the security threats in the network data processing system are decreased using the security policy.

Abstract: A method, computer system, and a computer program product for restricting and anonymizing a graphical user interface for a remote access session is provided. The present invention may include determining a plurality of appropriate permissions for the graphical user interface of a client computer for fixing a problem. The present invention may also include determining a plurality of restricted graphical user interface panels associated with the graphical user interface, wherein the determined plurality of restricted graphical user interface panels includes a minimum access level for the third party to fix the problem.

Abstract: Implementations of the present disclosure include obtaining, from a trusted certificate authority (CA) by an owner of a unified blockchain domain name (UBCDN) of a blockchain instance (a UBCDN owner) in a unified blockchain network, a domain certificate of the UBCDN of the blockchain instance; signing the UBCDN of the blockchain instance; and publishing a UBCDN message of the blockchain instance. The UBCDN of the blockchain instance includes a blockchain domain name and a chain identifier of the blockchain instance. The domain certificate of the UBCDN includes the blockchain domain name, a public key of the UBCDN owner, and a digital signature of the CA on the blockchain domain name and the public key of the UBCDN owner. The UBCDN message includes the UBCDN, a digital signature of the UBCDN owner resulting from the signing the UBCDN, and the domain certificate of the UBCDN.

Abstract: Early-warning decision method, node and system are provided in the present disclosure. The method includes obtaining a flow analysis result of a portion of service requests that are targeted at a same server; calculating a flow of all the service requests that are targeted at the server based on a flow indicated by the flow analysis result and a weight of a current distributed node, the weight being a weight or proportion of all the service requests targeted at the server that accounts for the flow indicated by the flow analysis result that is obtained by the current distributed node; comparing a flow of all the service requests that are targeted at the server with an abnormal flow threshold; and determining whether to send an instruction for performing subsequent processing on the server based on a comparison result.

Abstract: A method implemented on an electronic computing device for authenticating a user includes receiving authentication information from the user. The authentication information is processed to generate a transformed authentication value, such that the received authentication information is unrecognizable from the transformed authentication value. A reference authentication value is obtained. The reference authentication value is unrecognizable from the received authentication information. The transformed authentication value is compared with the reference authentication value. When the transformed authentication value matches the reference authentication value, the user is authenticated.

Abstract: The invention relates generally to monitoring and managing network components, such as monitoring the network components to determine the vulnerabilities of the network components, implementing remediation plans for the vulnerabilities, instituting remediation exceptions for the vulnerabilities, and taking consequence actions for the vulnerabilities. When implementing the remediation plan, at least a portion of the network component may be frozen such that a user cannot operate at least a portion of the network component until the vulnerability is remediated. After implementing the remediation plan, monitoring of the network components and the remediation plan continues in order to identify triggers. If a trigger is identified, the consequence action may be implemented, which may prevent operation of the network components by disconnecting or blocking them from the network, uninstalling the network component, deactivating or powering down the network component.

Abstract: A computing device includes a memory and one or more processors coupled to the memory.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for verifiable-claim issuance. One of the methods includes: receiving, from a first entity, a request for creating a verifiable claim (VC) for a decentralized identifier (DID) associated with a second entity; obtaining, in response to receiving the request, a digital signature associated with the first entity; and generating the VC based on the received request and the obtained digital signature.

Abstract: Techniques are described herein that are capable of increasing security of a password-protected resource based on publicly available data. For instance, password generation models may be extracted from passwords (e.g., encrypted versions of the passwords) that are generated by users. A user password (e.g., encrypted version of the user password) may be received to be utilized to access a designated password-protected resource from a user of a computing device. Publicly available data regarding the user may be obtained. The password generation models may be applied using the publicly available data to generate sample passwords. The sample passwords may be compared to the user password to determine that the user password and each of one or more of the sample passwords include at least one common element. An alternative password may be recommended for use by the user in lieu of the user password.

Abstract: The invention relates to a computer-implemented system and method for automatic collection, analysis and reporting of data relating to a cybersecurity threat. The method may comprise the steps of: presenting an interface through which an executable can be configured and automatically generated; transmitting the executable to a client to enable the client to execute the executable on client systems to automatically collect forensic data; receiving from the client an encrypted data package that includes the forensic data; using a forensic toolset to automatically analyze the forensic data; presenting an option to select one or more of at least two types of output reports designed for different types of readers; inputting the analysis files into an automatic report generator to automatically generate the types of output reports selected by the client; and sending the output reports selected by the client to the client.

Abstract: Systems, methods, and software can be used to secure storage of personally identifiable information. In some aspects, a method includes receiving, by at least one hardware processor, a request to store a data record, wherein the data record comprises personally identifiable information for a person; dividing, by the at least one hardware processor, the data record into at least two data entries, each of the at least two data entry comprising a respective portion of the personally identifiable information; selecting, by the at least one hardware processor, a database cell for each of the at least two data entries to store the respective portion of the personally identifiable information, wherein the database cells for different data entries are in different database tables, different database rows, or different database columns; and storing, by the at least one hardware processor, the at least two data entries in the selected database cells.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a remote server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the remote server, the electronic device credentials. The method further includes a step of registering, by the remote server, the electronic device. The method further includes a step of transmitting, from the remote server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A method of configuring a client device at a customer premises is provided. An electronic message is received from a vendor of a client device with customer premise equipment (CPE) at the customer premises or a portable communication device. The electronic message provides configuration information for the client device. The configuration information includes a password and an access name of a service for use in configuring the client device via communications with a remote configuration server. The service is made available at the customer premises via the CPE or the communication device so that the client device automatically pairs to the service and is authenticated with the password to the configuration server via Internet connectivity capability of the CPE or portable communication device so that the client device may be configured. The client device has firmware preprogramed to automatically and securely access the service, when detected, at the customer premises.

Abstract: Disclosed herein are methods, systems, and processes for provisioning and deploying deception computing systems with dynamic and flexible personalities. A network connection is received from a source Internet Protocol (IP) address at a honeypot. In response to receiving the network connection, a personality state table is accessed and a determination is made as to whether a personality that corresponds to the source IP address exists in the personality state table. If the personality exists, the personality is designated to the source IP address. If the personality does not exist, an attack characteristic of the network connection is determined and an alternate personality that is substantially similar to the attack characteristic is designated to the source IP address.

Abstract: An information authentication method, an apparatus, a storage medium and a virtual reality device are provided. The method includes obtaining to-be-authenticated information in the virtual reality scenario. The method further includes sending the to-be-authenticated information to an authentication device in a reality scenario, wherein the authentication device is used for performing authentication on the to-be-authenticated information. The method further includes receiving, in the virtual reality scenario, an authentication result sent by the authentication device, wherein the authentication result indicates that the to-be-authenticated information is authenticated successfully or fails to be authenticated.

Abstract: The vulnerability of network devices may be predicted by performing a survival analysis on big data. A prediction algorithm may be built by considering historical data from heterogeneous data sources. The operating state of the network devices on a network may be predicted. The services potentially affected by a predicted outage may be determined and displayed. Alternatively or in addition, the number of clients potentially affected by a predicted outage may be determined and displayed.