Abstract: The present disclosure generally relates to web page analysis, and more particularly to a classification system for web pages. The classification system may classify a web page as malicious based upon one or more signatures generated for the web page. For example, the classification system may compare one or more signatures generated for a first web page to one or more signatures generated for a second web page, where the first web page and the second web page are the same web page at different times or different web pages. Based upon a similarity of the signatures, the classification system may output whether the first web page is malicious. For another example, the classification system may include a classification model that is trained based upon one or more signatures for one or more classified web pages. The classification model may output whether the web page is malicious.

Abstract: The proposed authentication method is based on a secret convention between the service and the user. This convention is defined on the basis of a random choice of elementary algorithmic blocks from a collection of elementary algorithmic blocks during the enrolment phase of the user. During authentication, the user uses the convention by applying it to a challenge presented by the service in order to determine a response. The algorithmic blocks are chosen such that they can be memorised by the user. As a result of the diversity of these bricks and the combinatorics behind the conventions, the number of possible conventions is very high, making it virtually impossible for an attacker to guess the convention.

Abstract: A first node on the blockchain storage system node may include data from other blocks on the blockchain used for blockchain verification and an additional node which may include an analysis element. The analysis element may include computer executable code for receiving data added to the blockchain, determining a risk score for the data added to the blockchain based on past performance and in response to the risk score being over a threshold, alerting members of blockchain of the risk score.

Abstract: A system and method for connected vehicle cybersecurity. The method includes creating a normal behavior model based on a first set of data, the first set of data including at least one first event with respect to at least one connected vehicle, wherein the first set of data is collected from a plurality of data sources; detecting an anomaly based on the normal behavior model and a second set of data, the second set of data including a second event with respect to the at least one connected vehicle, wherein each of the first set of data and the second set of data includes vehicle data related to operation of the at least one connected vehicle, wherein each event represents a communication with the at least one connected vehicle; determining, based on the detected anomaly, at least one mitigation action; and causing implementation of the at least one mitigation action.

Abstract: Provided herein are systems, methods and computer readable media for consumer monitor and tracking. An example method may include receiving client device ID and client device profile data, comparing client device ID and client device profile data to a plurality of known client device versions, generating an updated known client device version in an instance in which the client device ID correlates to at least one of the plurality of known client device versions and the client device profile data does not correlate to the at least one of the plurality of known client device versions and generating a new known client device version in an instance in which the client device ID does not correlate to at least one of the plurality of known client device versions.

Abstract: A secure cloud-based privileged access management (CBPAM) service manages on-premise resources. While enrolling an on-premise authentication domain admin group, a secured cloud-based shadow administrating group (SCBSAG) is created; a SCBSAG security identification includes at least part of the enrollee's security identification. The SCBSAG belongs to a clean CBPAM authentication domain which may be secured by defense in depth controls such as time limits on authentication or authorization, password avoidance, least privilege, one-way syncing, and one-way trust. Management via the configured SCBSAG may be fostered by emptying the on-premise admin group, although a break glass account may be kept. CBPAM services direct administrative actions toward on-premise resources through SCBSAGs for cloud tenants, providing secure management control as a service, with broader geographic scope and lower maintenance burdens and costs than privileged access management approaches that are not cloud-based.

Abstract: A system and method for generating encryption keys on multiple devices, without transferring the keys. At least one sender memristor is set using at least one sender setting value. At least one sender reading value is applied to the at least one sender memristor to generate at least one sender output value. A string of characters is determined from the at least one output value based on a sender table. Data is encrypted with the string of characters. The encrypted data is transmitted to a receiver through a first channel. The at least one sender setting value or the at least one sender reading value or both is transmitted to the receiver through a second channel different from the first channel. The at least one sender setting value or the at least one sender reading value or both is applied to at least one receiver memristor to generate at least one receiver output value. A receiver table is used to determine the string of characters from the at least one receiver output value.

Abstract: A system and method for connected vehicle cybersecurity. The method includes creating a normal behavior model based on a first set of data, the first set of data including at least one first event with respect to at least one connected vehicle, wherein the first set of data is collected from a plurality of data sources; detecting an anomaly based on the normal behavior model and a second set of data, the second set of data including a second event with respect to the at least one connected vehicle, wherein each of the first set of data and the second set of data includes vehicle data related to operation of the at least one connected vehicle, wherein each event represents a communication with the at least one connected vehicle; determining, based on the detected anomaly, at least one mitigation action; and causing implementation of the at least one mitigation action.

Abstract: A method and system of rendering security events in execution of a software application in a communication network. The method comprises receiving, at a memory of the server computing device, a waiver parameter specification identifying at least one waiver parameter in association with at least one recipient client device of the plurality of client computing devices, the at least one waiver parameter based at least in part on an expected security event in the software application execution; during concurrent execution, in a processor of the server computing device, of object code of the software application, generating at least one waiver task automaton that monitors for the at least one waiver parameter; and generating, based on the monitoring, at a client interface of the at least one recipient communication device, a waiver notification interface in accordance with concurrent execution.

Abstract: A method for performing a safe guard detection of unexpected operations launched by an operator for a manufacturing execution system (MED system) is based on a first database containing a set of operations, a set of operators, calendar information for a shift and calendar information for the equipment of the MES-system. The MES-systems further has a second database containing a login history of carried out logins of the operator. The detection of a malicious operation is carried out as to whether the operation complies with a set of rules defining allowed operations or with a learning module, in which specific roles of operators are contained and whether an operation complies with a specific role. In case of non-compliance, the operation is stored as an entry in an event trace file for generating alerts.

Abstract: An identity provider (IdP) service interoperates with a Virtual Private Network (VPN) client. The IdP service receives a login request originating from the VPN client to establish a VPN tunnel between the VPN client and a VPN host, the login request indicating a user of the VPN client. The IdP service provides a response to the login request. The response includes at least both first information including an indication that the user of the VPN client is an authorized user and second information including an indication of a VPN policy for the VPN tunnel, the VPN policy including a VPN client policy to be utilized during the VPN tunnel by the VPN client and a VPN host policy to be utilized during the VPN tunnel by the VPN host.

Abstract: A wireless communication system includes an external provider subsystem and an electronic network subsystem in operable communication with the external provider subsystem. The electronic network subsystem is configured to provide a first microservice and a second microservice different from the first microservice. The wireless communication system further includes an in-home subsystem (i) separate from the external provider subsystem, (ii) in operable communication with the electronic network subsystem, and (iii) including a first micronet and a second micronet different from the first micronet. The first micronet is configured to operably interact with the first microservice, and the second micronet is configured to operably interact with the second microservice. The wireless communication system further includes at least one electronic device configured to operably connect with one of the first micronet and the second micronet.

Abstract: The present technology pertains to a system, method, and non-transitory computer-readable medium for orchestrating policies across multiple networking domains. The technology can receive, at a provider domain from a consumer domain, a data request; receive, at the provider domain from the consumer domain, at least one access policy for the consumer domain; translate, at the provider domain, the at least one access policy for the consumer domain into at least one translated access policy understood by the provider domain; apply, at the provider domain, the at least one translated access policy understood by the provider domain to the data request; and send, at the provider domain to the consumer domain, a response to the data request.

Abstract: An information handling system improves removal of steganography data embedded in a graphics file by processing graphics files stored in a file system or transmitted through a network by processing the graphics files in a steganalyzer. The steganalyzer converts the body segment of the graphics file into binary code, and then compresses the binary code into a graphics file. This process results in the removal of any potential malicious code. The body segment location can be determined by parsing the portable network graphics file to determine a location of a pre-fix graphics file signature and a post-fix graphics file signature, with the graphics files signatures being specific to a particular type of graphics file.

Abstract: In accordance with embodiments, methods for the recovery of security credentials of a Bluetooth mesh network are disclosed. A computing device of the Bluetooth mesh network receives user login information, and generates a network key of the Bluetooth mesh network based on the user login information. The computing device generates an application key of a first node to be provisioned based on user login information. A device key is generated using the unicast address of the first node and part of user credentials. The current sequence number is recovered by one of the four techniques depending on the characteristics of the network. The unicast addresses of the nodes are assumed to be sequential and later validated by sending messages. IV index is recovered using processes defined in the Bluetooth mesh standard. After recovery of the above parameters, the mesh network can operate normally using the aforementioned computing device.

Abstract: It is presented method for providing access to a lock for provision of a service. The method is performed in a lock manager and comprises the steps of: receiving a request for access to the lock, the request being based on the service consumer ordering a service requiring access to a physical space which is secured by the lock; sending a first consumer request to a service consumer device, asking whether to grant access to the lock for a service provider agent to provide the service; receiving a first positive consumer response from the service consumer device, indicating that the service consumer allows the service provider agent to access the physical space secured by the lock; generating a temporary credential for the service provider agent; providing the temporary credential to the service provider agent; and configuring the lock to accept the temporary credential.

Abstract: A method in one embodiment comprises receiving a plurality of requests for data records from a plurality of clients. The data is in a plurality of data systems of a global namespace, and the plurality of data systems are in a plurality of locations. The method also comprises determining whether a given client is allowed access to one or more of the data records based on one or more of a plurality of data access policies, retrieving the data records from at least one of the data systems based on a determination that the given client is allowed access to the data records, and providing the data records to the given client. Retrieving the data records comprises determining a location for the data records, and generating a channel to the location through which the data records are retrieved.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: A method is disclosed in which one or more pieces of first authentication information are obtained. The one or more pieces of first authentication information represent at least one piece of unique information associated with a user and/or an electronic device of the user. A trust level is determined based, at least in part, on the one or more pieces of first authentication information. The trust level value is indicative of a level of trust in the one or more pieces of first authentication information. An according apparatus, computer program, and system are also disclosed.

Abstract: Techniques are disclosed relating to a method that includes maintaining first and second databases within respective first and second security zones, having respective first and second sets of security rules. The first set of security rules defines restrictions for storing data objects within the first security zone, and the second set of security rules defines restrictions for storing data objects within the second security zone. The method further includes performing a first scan of the first database to determine whether data objects stored in the first database comply with the first set of security rules, and performing a second scan of the second database to determine whether data objects stored in the second database comply with the second set of security rules. The method also includes conveying results of the first and second scans to a repository zone. Results are conveyed without conveying the data objects.