Abstract: In an example embodiment, a combination of machine learning and rule-based techniques are used to automatically detect social engineering attacks in a computer system. More particularly, three phases of detection are utilized on communications in a thread or stream of communications: attack contextualization, intention classification, and security policy violation detection. Each phase of detection causes a score to be generated that is reflective of the degree of danger in the thread or stream of communications, and these scores may then be combined into a single global social engineering attack score, which then may be used to determined appropriate actions to deal with the attack if it transgresses a threshold.

Abstract: A compliance monitor measures metrics regarding one or more managed devices in a network. The compliance monitor generates a log based on the information detected by the measurement trackers and to transmit a report based on the generated log to a recipient. The compliance monitor also initiates one or more security actions based on the one or more measurement trackers indicating that a measured metric exceeds an associated threshold measurement value.

Abstract: A method of tokenizing sensitive data from a terminal device includes receiving, a connection request comprising a hardware serial number associated with a terminal device and validating the hardware serial number associated with the terminal device. The method includes sending a command to a terminal device that causes the terminal device to display a prompt for sensitive data associated with a user interacting with the terminal device and receiving an encrypted data packet from the terminal device. The encrypted data packet includes the sensitive data. The method includes sending the encrypted data packet to a gateway system for tokenization, receiving a token that represents the sensitive data, and providing the token to the terminal device.

Abstract: Existing data residency compliance techniques suffer from inherent drawbacks to discover the spread of data, understanding the data residency regulations and semantics behind them and most importantly placement of data in cloud datacenters such that it is data residency compliant. Embodiments herein provide a method and system for optimizing placement of data to a cloud datacenter complying data residency regulations. The system selects one serving cloud datacenter for a user center. The selection considers three conflicting objectives such as minimum data placement cost, provide good quality of service (i.e. latency) and to comply with data residency regulations. The system essentially covers data residency compliance problem in three phases namely, violation detection, decision support and recommendation. Herein, the system trades-offs latency with data placement cost.

Abstract: The present invention relates to a cryptographic protocol, and a system for implementing said protocol, for providing overt ledger secured key escrow access to encrypted data. The invention uses a plurality of trustee systems, each holding a secret share of a secret, to validate requests for the secret from authorised third parties. When a valid request is made, each trustee system publishes its secret share to a ledger. The secret shares can be combined to reveal the encryption key only by the authorised third party. Requests for the encryption key, and the responses by the trustee systems, can be accessed by the owner of the encryption key to identify the requesting third party and to have proof that the key has been revealed to the third party.

Abstract: A wearable device enables access to VPN endpoint devices for secure data communication and privacy for a computing device. The wearable device stores VPN configuration information for a user, which includes the user's VPN credentials for each of one or more remote VPN endpoint devices. When the wearable device is in close proximity to a computing device and is being worn by a user that is authenticated to at least one of the wearable device and the computing device, the wearable device communicates the configuration information to the computing device. The computing device can then use this VPN configuration information to establish a VPN connection to a VPN endpoint device.

Abstract: A computing system for securely managing access to resources of a computing device receives an input at a secure login of a user interface. The computing system compares the input to a plurality of stored security measures and activates one of an operating system or a configuration of a false desktop system. A user interface of the false desktop system shares characteristics with a user interface of an operating system and restricts access to specified files, data stores, applications, networking functions, and/or ports associated with the computing system. When configured, the false desktop system or the operating system is enabled based on the location of the computing system. When configured, the false desktop system deletes files, data stores, and applications of the operating system.

Abstract: The present technology pertains to a link service that can create, maintain, and service links to objects on behalf of a content management system or other services. The link service can share administration of links with other services when desired or can even allow other services to issue the link and manage the object that is the subject of the link while providing other functions to support the link. Additionally, link service can interface with a file system that can support links as actors in the file system, whereby greater control and flexibility in supporting links is provided. Link service can also accommodate servicing and management of links issued by legacy services, where the legacy services have unique link logic that should still be utilized to maintain a consistent user experience.

Abstract: Before or after a first-type authentication has been completed, disclosed devices, systems, and methods may conduct a second-type authentication to authenticate a user such that the user can log into a secure device and/or access secure content. An example system may cause a wearable device to activate a biosensor, which extends along a full internal circumference of the wearable device when worn, to detect at least a first sEMG signal on the user's skin responsive to the user performing a first gesture. The system may also generate or receive a first user signature based on the first sEMG signal and determine whether the first user signature matches stored authentication training data. In response to determining that there is a match, the system may complete the second-type authentication to authenticate the user.

Abstract: Domain Name System (DNS) security using process information is provided. An application accessing an internet service using a domain name is determined. Process information associated with the application along with an associated DNS query to identify an IP address associated with the domain name are identified. The process information and the associated DNS query to a DNS security service are sent. An action based on a response from the DNS security service is performed.

Abstract: The analysis unit 6 generates one or more pairs of a start point fact which is a fact representing possibility of attack in a device that is a start point and an end point fact which is a fact representing possibility of attack in a device that is an end point. The analysis unit 6 analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact, and generates an attack graph from a node corresponding to the start point fact to a node corresponding to the end point fact, in a case where it is possible to derive the end point fact from the start point fact.

Abstract: Systems and methods can enable select virtual session capabilities on a user device configured to access a virtual session, which is an instance of a virtual machine. The user device can receive and forward to a gateway sever, a request to launch a virtual session. Based on the virtual session launch request, the gateway server can obtain a compliance profile determined from operational data. The gateway can permit user device access a virtual session hosted on a virtual machine (“VM”) server. The VM server can use the compliance profile and security data from the user device to determine a risk profile of the user device. The virtual session can be configured at the VM server based on the risk profile so as to allow access to a subset of available applications and functions within the applications for the virtual session.

Abstract: The present disclosure invention relates to a method for the anonymized transmission of sensor data of a vehicle to a vehicle-external receiving unit, to an anonymizing system, and to a receiving unit, the method including the following steps: determining the sensor data at a measurement location at a measurement time, determining a traffic density in an environment of the measurement location, determining an anonymized time and/or an anonymized location, calculating an anonymization probability of the vehicle, which results from the traffic density and the anonymized time and/or location, determining whether the anonymization probability meets a predetermined anonymization condition, and if the anonymization condition is met, transmitting the sensor data to the external receiving unit, the anonymized time being indicated as a measurement time indication and/or the anonymized location being indicated as a measurement location indication.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, to verify whether an interaction with a particular content displayed on a content platform is an interaction by an actual human user. A request to generate a click verification token can be received from a first application executing on a client device. The request can include data for a first set of parameters for a first interaction and a first message authentication code (MAC) set. If the first MAC set matches a second MAC set, which is generated using some of the data included in the request, the click verification token can be generated. The click verification token can be provided to the first application, which in turn can provide this token to a content verification system. The content verification can use this token to verify whether the first interaction is an actual human user interaction.

Abstract: Systems, computer program products, and methods are described herein for the convergent distribution of electronic digital certificates. The present invention may be configured to generate electronic digital certificates associated with artifacts, store the electronic digital certificates on a distributed ledger, and record, on the distributed ledger, interests of the users in the electronic digital certificates. The present invention may be configured to receive a request from at least one user of the group of users to combine ownership of the electronic digital certificates. The present invention may be configured to generate, based on the request and based on the electronic digital certificates, a combined electronic digital certificate. The present invention may be configured to store the combined electronic digital certificate on the distributed ledger.

Abstract: Examples described herein provide a computer-implemented method that includes receiving a list of objects with anomaly detection results associated therewith. The method further includes generating a resource graph, wherein the resource graph comprises at least two nodes, each of the at least two nodes being associated with one of the objects. The method further includes determining a relationship between the at least two nodes. The method further includes assigning an anomaly score to at least one of the objects. The method further includes calculating for at least one of the nodes, an overall anomaly score for the at least one of the nodes based on the anomaly score for the at least one of the objects and based on the anomaly score for another node related to the at least one of the nodes.

Abstract: Systems, computer program products, and methods are described herein for the divergent distribution of electronic digital certificates. The present invention may be configured to generate an electronic digital certificate associated with an artifact, store the electronic digital certificate on a distributed ledger, and record, on the distributed ledger, an interest of the user in the electronic digital certificate. The present invention may be configured to receive a request from the user to divide ownership of the electronic digital certificate amongst a group of users. The present invention may be configured to determine shares in the electronic digital certificate by determining for each user of the group of users a share of the shares. The present invention may be configured to record, on the distributed ledger and based on the shares, interests of the group of users in the electronic digital certificate.

Abstract: [Object] To provide a novel and improved communication system and communication device that make it possible to reduce an amount of time from when communication with an external device is completed to when communication data corresponding to a communication result is output to another device. [Solution] Provided is a communication system including: a communication device configured to transmit a selection solution that is selected depending on a result of first communication with an external device; and a control device configured to receive the selection solution from the communication device through second communication between the communication device and a communication partner that is different from the external device serving as a communication partner in the first communication.

Abstract: The present disclosure generally relates to managing access to credentials. In some examples, an electronic device authorizes release of credentials for use in an operation for which authorization is required. In some examples, an electronic device causes display of one or more steps to be taken to enable an input device for user input. In some examples, an electronic device disambiguates between commands to change the account that is actively logged-in on the device and commands to cause credentials to be released from the secure element.

Abstract: Aspects of the disclosure relate to identity protection in event processing. A computing platform may modify a first distributed ledger to include user PII. The computing platform may generate an internal token representative of an identity for the user and an external token that may be used to process an event between the user and a counter party without exposing any user identity. The computing platform may send the external token to a counter party system. The computing platform may receive, from the counter party system, event processing information. The computing platform may store the event processing information and the external token in a second distributed ledger. The computing platform may receive a request for the event processing information, and may identify the internal/external tokens using the first distributed ledger. The computing platform may identify, using the external token, the event processing information stored on the second distributed ledger.