Abstract: A method is provided. The method includes providing an authentication code onto a reference article associated with a person, determining a signature associated with the authentication code, imaging a candidate article to determine an image signature, and comparing the associated signature with the image signature to determine whether the candidate article is the reference article. A related system and imaging device are also provided.

Abstract: The present disclosure relates to implementations of computing systems. Specifically, the disclosure describes implementations of computing systems that use ternary states for implementing security systems.

Abstract: The technology disclosed presents an improved endpoint data loss prevention (DLP) solution, referred to herein as “small-footprint endpoint DLP (sf-EDLP),” which enforces security policies at endpoints by relying on previously generated sensitivity metadata, rather than by performing content sensitivity scans at the endpoints. Since content sensitivity scans are computationally intensive and time consuming, sf-EDLP leads to a significantly simpler implementation, reduced runtime computation, and a smaller memory footprint; making it suitable for computationally constrained environments such as modern mobile devices.

Abstract: Systems and methods are disclosed for simulating a phishing attack involving an email thread. An email thread of a plurality of email threads of an entity for use in a simulated phishing attack is identified. A simulation system generates a converted reply simulated phishing email to an email of the email thread. The converted reply simulated phishing email is generated to be from a user that is one of a recipient or a sender of one or more emails of the email thread and is communicated to a target user's email account, the converted reply simulated phishing email.

Abstract: A method for operating a control unit in a network of control units, including the following features: a request to change a mode of the network is received, the request is subjected to a check, which provides a check result; a communication is disseminated to the remaining control units and a response is received in each case with respect to the check result and to a status of the network known to the control unit; and the request is complied with or rejected as a function of the responses.

Abstract: Systems and methods for payload encoding and decoding are disclosed. Example apparatus disclosed herein determine encoding data corresponding to one or more frequencies to be used to encode a message into audio data. Disclosed example apparatus also generate a license file including the encoding data, the license file corresponding to the message to be encoded into the audio data, the message to be encoded into the audio data by an encoding device. Disclosed example apparatus further transmit the license file to a decoding device to enable the decoding device to decode the message from the audio data based on the license file.

Abstract: A computer-based method for combining individual hashpower of a plethora of shards that use a proof-of-work hash procedure such that each shard benefits from the hashpower from all other shards in the plethora of shards whereby a chosen set of shards having a maximal combined individual hashpower is a consensus.

Abstract: Systems, devices, media, and methods are presented for determining a level of abusive network behavior suspicion for groups of entities and for identifying suspicious entity groups. A suspiciousness metric is developed and used to evaluate a multi-view graph across multiple views where entities are associated with nodes of the graph and attributes of the entities are associated with levels of the graph.

Abstract: There is provided a method and device for data replication. The method comprises: obtaining, in a network interface card, data segments by segmenting input first data; determining, in the network interface card, fingerprints corresponding to the data segments; and comparing, in a central processing unit, the fingerprints of the data segments with existing fingerprints corresponding to processed data segments, and determining, based on a result of the comparing, whether to de-duplicate the data segments corresponding to the fingerprints, to perform the data replication.

Abstract: The provided invention is a unique method and system for generating and using a digital memorized secret, password or other form of digital user authentication by navigating a realistic virtual 3D environment with a keyboard, controller, mouse, virtual reality device or other form of virtual navigation device and selecting an ordered sequence of objects within the virtual 3D environment. The selected sequence of objects have associated character strings or other associated data which are cumulatively stored and used as the users method of user authentication in place of a traditional password, memorized secret or other form of digital user authentication. Encryption and decryption of any data within this system may be performed on both the client and server sides. Hashing and salting of the memorized secret, password or other form of digital user authentication may be performed on both the client and server sides.

Abstract: A system and method for tripartite encryption is given. In this system and method of encryption, a distributing party distributes keys, checksums and encrypted data among two receiving parties, so that the two receiving parties may authenticate each other without the distributing party's further intervention and encrypt and decrypt data among themselves.

Abstract: A system and method for an interface reading ion-selective probes through a device with an audio input with stereo output and mono microphone inline input. Using this interface, multiple probes with different voltage ranges can be handled using one output speaker line to control offset while the other controls gain on the signal from the probe. The output from the interface is read and interpreted via the microphone bidirectional input of the device with the audio port. Furthermore, by reading the microphone input, the device with the audio port auto-calibrate and auto-range fear maximum resolution for the microphone's given dynamic range by adjusting the output fix the two speaker lines, the offset and gain.

Abstract: The invention creates a single use authentication code from (1) predefined unencrypted data from at least one tax form, (2) primary keys, and (3) a secondary key generated from metadata correlated to the input of the unencrypted data, the above elements being used by a data encryption circuit having a polynomial integer encryption (PIE) engine, to generate the authentication code. The authentication code is translated into at least one symbol, using, for example, barcode technology, and applied to a tax document or form or otherwise encoded into electronic documents. (4) the IRS SENTENAL Key/Code alphanumeric characters are stored from the previous year(s), and applied in the preamble of the secure authentication transmission; and/or in the subsequent year of tax filing form(s).

Abstract: A driving support apparatus for an own vehicle includes a lane keeping assist control unit. When an interrupting vehicle enters ahead of the own vehicle in (i) a situation in which no preceding vehicle is present ahead of the own vehicle, or (ii) a situation in which a preceding vehicle is present ahead of the own vehicle, while a deviation angle formed between a direction of a traveling trajectory of the interrupting vehicle and a traveling direction of the own vehicle is larger than a threshold, the lane keeping assist control unit is configured not to perform a lane keeping assist control based on the traveling trajectory of the interrupting vehicle, and is configured to discard the traveling trajectory of the interrupting vehicle. On and after the deviation angle becomes equal to or smaller than the threshold, the lane keeping assist control unit is configured to perform the lane keeping assist control based on the traveling trajectory of the interrupting vehicle.

Abstract: A runtime attack can be detected on a big data system while processes are executed on various nodes. A behavior profile can be maintained for tasks or processes running on different nodes. The existence of a call variance in one of the traces for one of the behavior profiles can be determined. A memory variance can also be detected in one of the behavior profiles. A runtime attack has occurred when both the memory variance and the call variance are determined to exist.

Abstract: A method for biometric authentication of a user of a mobile device, and a case for performing the method is provided. The method includes, by the case, coupling the mobile device to the case, receiving from the mobile device biometric data of the user of the mobile device that was captured by the mobile device, storing the biometric data, receiving a request from the mobile device for authenticating the user of the mobile device, the request including biometric data captured by the mobile device, comparing the biometric data stored in the case and the biometric data included in the request, and sending to the mobile device a response to the request for authenticating the user of the mobile device based on a result of the comparison, wherein the response to the request is for use by the mobile device to perform an operation based on the authentication of the user.

Abstract: An information security monitoring system can import indicators of compromise (IOC) definitions in disparate formats from third-party source systems, convert them into editable security definitions in an internal system format, and provide a user interface for composing or editing these security definitions with enhancements, including complex security definitions such as those having a nested Boolean structure and/or those that reference one or more security definitions, a behavioral rule, and/or a vulnerability description. One or more whitelists can be added to handle exceptions. Each composed or modified security definition is then compiled into an executable rule. The executable rule, when evaluated, produces a result indicative of an endpoint security action needed in view of an endpoint event that meets the composed or modified security definition.

Abstract: Systems and methods to retrieve, encrypt, and transmit control area network (CAN), event data recorder (EDR), engine control unit (ECU) and onboard diagnostics (OBD) data from vehicles such as automobiles and airplanes etc. is disclosed. The invention having, but not limited to, several main parts: a first part being a microcontroller having onboard memory, a second part being a connector that interfaces with a vehicle's existing CAN, EDR, ECU and OBD data, a third part being onboard software that encrypts said data to a blockchain within a vehicle, and a fourth part being multiple, wireless transmitters that send blockchain information to a cloud network. An object of the invention is to leverage and decentralize valuable telematic, CAN, EDR, ECU and OBD vehicle data for an array of stakeholders including dealers, insurers and consumers in a secure manner through the latest cryptography software.

Abstract: Systems and methods are provided for authorizing a user to access an access-controlled environment. The system includes a system server platform that communicates with fixed PC's, servers and mobile devices (e.g., smartphones) operated by users. The systems and methods described herein enable a series of operations whereby a user attempting to access an access-controlled environment is prompted to biometrically authenticate using the user's preregistered mobile device. Biometric authentication can include capturing images of the user's biometric features, encoding the features as a biometric identifier, comparing the biometric identifier to a previously generated biometric identifier and determining liveness. In addition, the authentication system can further authorize the user and electronically grant access to the access-controlled environment.

Abstract: An intermediation method used in an intermediation system that includes an intermediation device determining a permission for application services requiring user authentication on a network, where in response to a user request, a first account used for a first service and a second account used for a second service, and a registration request for using the linking service linking the first application service and the second application service are associated with each other, when the two accounts are valid, as accounts usable in a linking service, an association between the first and second services is stored in the intermediation device, and when the user makes a request to use the linked services, that use is controlled by a query to the intermediation device regarding whether the account is associated as able to use the linking service.