Abstract: In one embodiment, a malware analysis method includes receiving a file on a virtual machine (VM). The VM includes, a web debugging proxy, a system resource monitor, and a file analysis tool. The method also includes performing, with the file analysis tool, a static analysis on the file. The static analysis includes determining a set of file properties of the file, and storing the determined file properties in a repository. The method further includes performing, with the web debugging proxy and the system resource monitor, a dynamic analysis on the file, the dynamic analysis. The dynamic analysis includes running the file on the VM, determining, with the web debugging proxy, web traffic of the virtual machine, determining, with the system resource monitor, executed commands and modifications to system resources of the VM originating from the file, and storing the determined traffic and executed commands in the repository.

Abstract: The disclosure is directed towards the real-time detection and mitigation of security threats to a domain name system (DNS) for a communication network. A graph-theoretic method is applied to detect compromised DNS assets (e.g., DNS servers and web servers that DNS servers map domain names to). A graph is generated from domain name resolution (DNR) transactions. The nodes of the graph represent the DNS assets and edges between the nodes represent the DNR transactions. The graph is analyzed to detect features that signal compromised assets. The detection of such features serves to act as a binary classifier for the represented assets. The binary classifier acts to classify each node as non-compromised or compromised. The analysis is guided by supervised and/or unsupervised machine learning methods. Once the assets are classified, DNR transactions are analyzed in real-time. If the transaction involves a compromised asset, an intervention is performed that mitigates the threat.

Abstract: An electronic device performs techniques related to implementing biometric authentication, including providing user interfaces for: providing indications of error conditions during biometric authentication, providing indications about the biometric sensor during biometric authentication, orienting the device to enroll a biometric feature, and providing an indication of the location of the biometric sensor to correct a detected error condition.

Abstract: A method for evaluating the risk of data leakage in an application includes the steps of: extracting a DEX (Dalvik Executable) file and a so (Shared Object) file by decompressing an APK file of a mobile application; extracting DEX code information from the DEX file by parsing the DEX file; translating a content of the so file into IR (Intermediate Representation); extracting IR code information from the translated IR; generating a call-reference structure between the DEX file and the so file by processing the extracted DEX code information and the extracted IR code information; and outputting weakness information according to a risk designated in advance based on the generated call-reference structure. Accordingly, it is possible to extend the call-reference coverage of an android application.

Abstract: A security platform architecture is described herein. The security platform architecture includes multiple layers and utilizes a combination of encryption and other security features to generate a secure environment.

Abstract: A method performed at a first electronic device includes: (i) storing a privacy table that comprises random numbers at the first electronic device, (ii) transmitting the privacy table to a second electronic device over an encrypted channel, (iii) receiving a first message for transmission to the second electronic device, (iv) generating a map based on the privacy table, (v) generating a primary key based on the map and the privacy table, and (vi) encrypting the first message using the primary key to form an encrypted first message. The method also includes (vii) transmitting the map and the encrypted first message to the second electronic device, thereby enabling the second electronic device to decrypt the encrypted first message by recreating the primary key based on the map and the privacy table and decrypting the encrypted first message using the recreated primary key.

Abstract: This application provides a method for issuing a digital certificate performed by a digital certificate issuing center that includes a public-private key generation module and an authentication module. The method includes: receiving a public-private key request from a node in a blockchain network; generating a public key and a private key of the node by using the public-private key generation module, and transmitting the public and private keys to the node; receiving the public key of the node and registration information of the node, and authenticating the registration information by using the authentication module; and generating, in accordance with a determination that the authentication succeeds, a digital certificate of the node by using the authentication module, and transmitting the digital certificate to the node. The embodiments of this application can improve the probative value of an issued digital certificate, thereby improving the security of data exchange in a blockchain network.

Abstract: In some implementations, a terminal device may receive, from a mobile device associated with a user, first information identifying a first facial depth map of the user generated by the mobile device. The terminal device may generate a second facial depth map of the user. The first facial depth map may be generated before the second facial depth map. The terminal device may determine whether the user is authenticated to perform an exchange based on whether the first information identifying the first facial depth map corresponds to second information identifying the second facial depth map. The terminal device may transmit, to the mobile device and based on determining that the user is authenticated, a message indicating that the user is authenticated. The terminal device may receive, from the mobile device, exchange information identifying a credential for performing the exchange.

Abstract: Described is a secure, electronic, submission process providing and enabling applicants to initiate requests to desirous requestors seeking such submissions based on authenticated and trusted identities and/or credentials or which could be authenticated securely through other defined processes. SafeCase is an innovative process for convenience, ease and security in application submissions for anyone and everyone through an electronic interface that has been built innovatively on the strong foundations of Identity Management, giving irrevocable and irrefutable trust on the Identity and/or credentials and/or the purpose that an applicant is applying for or wishes to achieve. SafeCase is an end-to-end secure and transparent interface, wherein the applicant (i.e. the Candidate) utilizes his/her Authenticated Credential(s) or Identity(ies) to submit an application. The applicant remains updated in real time on the status of the submitted application till its final disposal.

Abstract: A method for preventing a hardware wallet from being maliciously paired, comprising: a hardware wallet waiting to receive a connection request; when a connection request is received, determining whether a first terminal sending the connection request has been paired and connected; if so, waiting to receive an instruction of the first terminal; and when receiving a pairing transfer instruction sent by the first terminal, clearing terminal information stored in a whitelist of the hardware wallet. By means of the present technical solution, a hardware wallet can achieve pairing transfer only by means of the authorization of a previously paired terminal, thereby improving the security of the hardware wallet.

Abstract: Disclosed is a multi-signature security account control system. The present invention comprises a multi-signature security account in which at least three participating accounts have management authority, wherein the participating accounts are a first participating account corresponding to a user terminal, a second participating account corresponding to an HSM management server, and a third participating account corresponding to an exchange server, and the HSM management server may control the authority of the multi-signature security account to be controlled by using signature information provided from at least two of the participating accounts.

Abstract: A computing device includes a system that authenticates a user of the computing device. A first sensor obtains a first representation of a physical characteristic of the user that is compared to a registered representation of the physical characteristic of the user. A first level of access to the computing device is enabled based on the first representation of the physical characteristic matching the second representation of the physical characteristic. A second sensor obtains a first representation of a liveness characteristic of the user that indicates that the user is alive. The first representation of the liveness characteristic is compared to a registered representation of the liveness characteristic of the user. A second level of access to the computing device is enabled based on the first representation of the liveness characteristic of the user matching the second representation of the liveness characteristic of the user.

Abstract: A method and device (1) for transferring electronic information between a lesser trusted network (7) and a trusted network (8) is disclosed. The method comprises the steps of: receiving original electronic information from a lesser trusted network (7) in a first electrical zone (2); permitting the original electronic information to be transferred between the first electrical zone (2) and the second electrical zone (4) in one direction only; verifying the original electronic information for at least one predetermined characteristic within the second electrical zone (4) so as to provide a verifier output status and verified electronic information; forwarding the verified electronic information to a third electrical zone (3).

Abstract: Aspects of the present disclosure address systems, methods, and devices for enabling secure communication between electronic control units (ECUs) in a vehicle. The system may include a first and second ECU from a plurality of ECUs in the vehicle. The first ECU is to enable secure communication between the plurality of ECUs by performing operations that include provisioning the second ECU with authentication data for authenticating messages exchanged with a third ECU and provisioning the third ECU with a set of security keys to enable the third ECU to securely exchange messages with the second ECU. The second ECU receives, from the third ECU, a secure message that is cryptographically signed using a security key from the set of security keys provisioned to the third ECU, and the second ECU authenticates the secure message by comparing the authentication data with an authentication signal.

Abstract: A security system detects and attributes anomalous activity in a network. The system logs user network activity, which can include ports used, IP addresses, commands typed, etc., and may detect anomalous activity by comparing users to find similar users, sorting similar users into cohorts, and comparing new user activity to logged behavior of the cohort. The comparison can include a divergence calculation. Origins of user activity can also be used to determine anomalous network activity. The hostname, username, IP address, and timestamp can be used to calculate aggregate scores and convoluted scores. The system extracts features from the logged anomalous network activity, and determines whether the activity is attributable to an actor profile by comparing the extracted features and attributes associated with the actor profile based upon previous activity attributed to the actor.

Abstract: Intelligent impedance injection modules (IIM)s are currently being used for line balancing and overcoming local disturbances on High Voltage (HV) transmission lines of an HV power grid. These distributed IIMs are connected and/or coupled to the HV transmission lines and operate with a pseudo ground at the voltage of the HV transmission line. In order to operate effectively, the IIMs need to communicate with other distributed IIMs across the three phases of the HV grid and also communicate with local intelligent centers LINCs that connect to and synchronize operations across each group of the distributed IIMs in a local region of the HV power grid. Systems and methods are presented for effective and secure sub-cyclic speed communication to and from the distributed IIMs, distributed IIMs to LINCs and substations to enable coordinated actions. Further the distributed IIMs and LINCs receive GPS signals and use the GPS clock for synchronizing operations.

Abstract: A communication apparatus accepts an input of a passphrase by a user operation, sets an authentication scheme based on a passphrase length of the passphrase, and performs wireless connection with a partner apparatus using the set authentication scheme, wherein (i) in a case where the passphrase length is within a predetermined range, an authentication scheme of any of WPA (Wi-Fi Protected Access), WPA2, and WPA3, or a combination of at least two of WPA, WPA2, or WPA3, is set, and (ii) otherwise, an authentication scheme of WPA3 is set.

Abstract: Described are methods and systems for using policies to comply with a person's request for data pertaining to the person, pursuant to applicable data privacy laws. A policy is retrieved responsive to receiving a query that includes data to identify records that store data pertaining to the person. The policy indicates first and second database objects, and respective first and second sets of fields, which store data that pertains to persons. The policy is applied. Applying the policy includes retrieving, as first values, data stored in the first set of fields of a first record associated with the data in the query, and retrieving, as second values, data stored in the second set of fields of a second record associated with the first record. The first and second values, and the names of the fields from which they were retrieved, are stored in a document.

Abstract: A network verification system obtains configuration data of a plurality of network devices, where a data model of the configuration data is described by using a general data modeling language independent of the network devices; and the network verification system verifies data links between the plurality of network devices based on the configuration data of the plurality of network devices and a topology structure between the plurality of network devices. The network verification system verifies the data links between the plurality of network devices based on the topology structure between the plurality of network devices and the configuration data described by using the general data modeling language independent of the network devices. This helps improve scalability of the network verification system and avoids relatively poor scalability of network simulation software that occurs when conventional network simulation software provides a template for configuration data of each type of network device.

Abstract: A method including receiving, by a second user device, an authentication message indicating that the second user device is to authenticate a first user device with a service provider that provides a service to the first user device; determining, by the second user device, one or more authentication factors associated with authenticating the first user device with the service provider; encrypting, by the second user device, the one or more authentication factors based at least in part on utilizing an encryption key associated with a trusted device included in the first user device; and transmitting, by the second user device, one or more encrypted authentication factors to enable authentication of the first user device with the service provider is disclosed. Various other aspects are contemplated.