Abstract: Automated malware detection for application file packages using machine learning (e.g., trained neural network-based classifiers) is described. A particular method includes generating, at a first device, a first feature vector based on occurrences of character n-grams corresponding to a first subset of files of multiple files of an application file package. The method includes generating, at the first device, a second feature vector based on occurrences of attributes in a second subset of files of the multiple files. The method includes sending the first feature vector and the second feature vector from the first device to a second device as inputs to a file classifier. The method includes receiving, at the first device from the second device, classification data associated with the application file package based on the first feature vector and the second feature vector. The classification data indicates whether the application file package includes malware.

Abstract: A computer-implemented method, computer program product, and computing system is provided for encrypted document co-editing. In an implementation, a method may include receiving, at a first computing device, a first encrypted change set for a co-editable data object from a client, the first encrypted change set being encrypted by a first key. The method may include requesting a second key for re-encrypting the first encrypted change set. The method may include re-encrypting the first encrypted change set to generate a second encrypted change set using the second key.

Abstract: Implementations of the present disclosure include obtaining, from a trusted certificate authority (CA) by an owner of a unified blockchain domain name (UBCDN) of a blockchain instance (a UBCDN owner) in a unified blockchain network, a domain certificate of the UBCDN of the blockchain instance; signing the UBCDN of the blockchain instance; and publishing a UBCDN message of the blockchain instance. The UBCDN of the blockchain instance includes a blockchain domain name and a chain identifier of the blockchain instance. The domain certificate of the UBCDN includes the blockchain domain name, a public key of the UBCDN owner, and a digital signature of the CA on the blockchain domain name and the public key of the UBCDN owner. The UBCDN message includes the UBCDN, a digital signature of the UBCDN owner resulting from the signing the UBCDN, and the domain certificate of the UBCDN.

Abstract: A secure storage for an X.509v3 digital certificate is provided (301, 302). Ports of a first and second apparatus (101, 102) are mutually authenticated (303) by using 802.1X based authentication and 802.1AR certificates. Traffic types are divided (304, 305) by an operator-configurable selector function into user plane, control plane, synchronization plane, and management plane traffic types. For Ethernet transport a virtual port is created for each traffic type, and a different MACsec secure connectivity association is created for each virtual port. For Ethernet transport an operator-programmable security policy is maintained for each traffic type. For IP transport an IPsec security association is created for each traffic type, and an operator-programmable security policy is maintained for each security association. For IP transport, TLS support may be enabled for compatibility with network management traffic. A port is repeatedly re-authenticated by an operator-definable timer value.

Abstract: The present invention is a platform and/or agnostic method and system operable to protect data, documents, devices, communications, and transactions. Embodiments of the present invention may be operable to authenticate users and may be operable with any client system. The method and system are operable to disburse unique portions of anonymous related information amongst multiple devices. These devices disburse unique portions of anonymous information and are utilized by the solution to protect sensitive data transmissions, and to authenticate users, data, documents, device and transactions. When used for authentication, login-related information is not stored in any portion of the solution, users and devices are anonymously authenticated. The solution also permits a user to access secured portions of the client system through a semi-autonomous process and without having to reveal the user's key.

Abstract: A system and method uses any or all of information of a user and/or user's activity at a second web site, information of the user's friends or other connections at the second web site, or registration information of the user, to determine whether to allow the user to communicate with other users of a first web site, prevent the user from communicating with other users of the first web site, or monitor the user's communications and allow or prevent the user from further communication based on the monitored communications at the first web site.

Abstract: In one aspect, a method useful for preventing exploitation of a vulnerability in an interpreted code by monitoring and validating an execution of the interpreted code in a script file by an application server, includes the step of generating a mapping for an incoming network connection to a specified script file to be executed by an application server. The computerized method includes the step of inserting a hook for monitoring an application programming interface (API) call or a privileged instruction executed by the application server. The computerized method includes the step of inserting a validation code configured to validate the API call or the privileged instruction executed by the interpreted code in a script.

Abstract: System and method for software activation and further tracking of its states on an end-user computing device (computer) was developed to provide software developers a flexible and secure tool for software distribution and gathering statistics of usage of software activation. The method consists of the following logical steps: (a) obtaining an acquisition confirmation; (b) requesting for a license; (c) issuing and delivering the license to End User, the license being secured with a private key by a server, and the private key is not stored at the client; (d) verification of license on the User's computer; (e) storing the license on the User's computer; (f) periodic tracking of activation state, (g) another action with the User's license, wherein the verifying the license comprises validating, at the client associated with the application, the license received from the server without any modifications, and saving the license to the client.

Abstract: A network security system that employs space-time separated and jointly-evolving relationships to provide fast network access control, efficient real-time forensics capabilities, and enhanced protection for at-rest data in the event of a network breach. The network security system allows, in part, functionality by which the system accepts a request by a user to access the data stored in the database, identifies a sequence of security agents to participate in authenticating and protecting the access of the data by the user, generates a sequence of pseudorandom IDs and space-time varying credentials, checks at each one of the security agents a corresponding one of the credentials, determines that the user is permitted to access the data using access control logs if all the security agents accept the corresponding credentials, and varies the credentials based on a space-time relationship.

Abstract: A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.

Abstract: In one embodiment, a method includes receiving an ordered sequence of biometric inputs from a user via a biometric sensor, determining if each of the ordered sequence matches a corresponding entry stored in a table that includes a stored ordered sequence of biometric inputs corresponding to a password pattern of the user, and if so, enabling the user to access the processing system, otherwise preventing the user from accessing the processing system. Other embodiments are described and claimed.