Abstract: A non-computerized method for detection of malware is described. First, an object for analysis is received. Thereafter, the content from the object is extracted and the extracted content is arranged into one or more basic blocks. Each basic block including at least a portion of the content. The object fingerprint is based on an analysis of the one or more basic blocks. Thereafter, the object fingerprint is generated based on an analysis of the one or more basic blocks. Lastly, the object fingerprint is compared to one or more malware family fingerprints to determine if the object is potentially malicious and may be associated with an advanced malware.

Abstract: A system can include a processor; memory operatively coupled to the processor; an input; an output; and one or more modules stored in the memory that include instructions executable by the processor to instruct the system to receive information, via the input, that includes information associated with a target; parse the information; access a profile; and build a link based at least in part on the information and at least in part on the profile.

Abstract: A device, system, and method to provide access to a storage device based on biometric verification. A computing device includes a wireless transceiver configured to communicate wirelessly with a data network, a user interface configured to receive a user input to access data from a storage device in communication with the data network, and a biometric characteristic reader configured to receive user characteristic data to verify a user's identity. The computing device is configured to access the data from the storage device via the wireless transceiver and the data network based on verification of the user's identity.

Abstract: An exemplary virtual reality media content access control system (“system”) selectively provides access to virtual reality media content for experiencing by a user of a media player client device (“client device”). In certain examples, the system detects a request from the client device to access an immersive virtual reality world that includes a virtual object assigned an access permissions profile, determines an access key and a device key associated with the request, validates the access key and the device key associated with the request, determines metadata associated with the access key, and selectively provides, based on the access permissions profile for the virtual object and on at least one of the device key associated with the request and the metadata associated with the access key, access to the virtual object for experiencing by the user of the client device as part of the immersive virtual reality world.

Abstract: There is disclosed an NFC device comprising an NFC communication unit and a memory unit; the NFC device being arranged to receive, through the NFC communication unit, a device identifier of a computing device and to store said device identifier in the memory unit; the NFC device further being arranged to send, upon or after storing said device identifier, at least one software installation key through the NFC communication unit to the computing device. Furthermore, a corresponding software installation method, software uninstallation method, computer program and article of manufacture are disclosed.

Abstract: In accordance with the teachings of the present disclosure, a method is provided for reducing the chances of shoulder surfing. The method may include determining an approximate angle of orientation of a mobile device and selecting one of first or second input key layouts, based upon the approximate angle of orientation. The first input key layout may be a standard layout of alphanumeric characters and the second input key layout may be a disordered layout of the alphanumeric characters. The method may also include displaying the selected one of the first or second input key layouts at a graphical user interface of the mobile device and receiving an input of sensitive information at the graphical user interface.

Abstract: A method of providing key information from a sender to one or more receivers, the method comprising: obtaining initial key information comprising a plurality of units that assume respective values; forming encoded key information from the initial key information, wherein the encoded key information comprises a plurality of encoded units that correspond to respective units of the initial key information, wherein said forming comprises, for each unit of the initial key information, selecting an encoding from a plurality of invertible encodings associated with said unit and encoding said value assumed by said unit with said selected encoding to form the corresponding encoded unit; and providing the encoded key information to said one or more receivers.

Abstract: In response to a request to transmit a message from a sender to a recipient, risk values including low and high values are assigned to a content risk rating via comparing content of the message to content risk criteria, to a sender risk rating as a function of a sender identity, to a recipient risk rating as a function of a recipient identity, and to a dissemination reach rating of the message as a function of association to a security level of a message distribution channel. A total message risk score is determined from the content disclosure risk rating, sender risk rating, recipient risk rating and dissemination reach rating values. The message is transmitted from the sender to the recipient or if the total message risk score meets a high risk threshold value; otherwise, a mitigation action is applied to the message.

Abstract: The present disclosure includes systems and techniques relating to information flow and hardware security for digital devices and microprocessor systems. In general, in one implementation, a technique includes: receiving a hardware design specifying an implementation for information flow in a hardware configuration; receiving one or more labels annotating the hardware design; receiving a security property specifying a restriction relating to the one or more labels for implementing a secure information flow in the hardware configuration; designating each of the one or more labels to a corresponding security level in accordance with the specified restriction; and automatically assigning a respective value to each of the one or more labels in the hardware design, wherein each respective value is determined in accordance with the corresponding security level designated for each of the one or more labels.

Abstract: The disclosed computer-implemented method for reducing infection risk of computing systems may include (i) determining a distance between a computing system that is connected to a local network and an additional computing system that is not connected to the local network but is connected to the computing system via a series of connected devices, (ii) detecting that the additional computing system is infected with malware, (iii) calculating an infection probability for the computing system that is based at least in part on the distance between the computing system and the additional computing system that is infected, and (iv) performing a security action on the computing system that reduces a risk of infection of the computing system in response to the infection probability for the computing system meeting a predetermined threshold for infection probability. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A network monitoring “sensor” is built on initial startup by checking the integrity of the bootstrap system and, if it passes, downloading information from which it builds the full system including an encrypted and an unencrypted portion. Later, the sensor sends hashes of files, configurations, and other local information to a data center, which compares the hashes to hashes of known-good versions. If they match, the data center returns information (e.g., a key) that the sensor can use to access the encrypted storage. If they don't, the data center returns information to help remediate the problem, a command to restore some or all of the sensor's programming and data, or a command to wipe the encrypted storage. The encrypted storage stores algorithms and other data for processing information captured from a network, plus the captured/processed data itself.

Abstract: Systems, methods, apparatus, and articles of manufacture to facilitate configuration and naming of a multimedia playback device on a local playback network are disclosed. An example method includes identifying and analyzing local network topology to identify playback device(s) connected to the network at location(s). The example method includes analyzing a playback device to be added and comparing the playback device to be added to the playback device(s) already connected to the network. The example method includes displaying available option(s) to name the playback device to be added based on the analysis of the network, the already connected playback device(s) and the playback device to be added to the network. The example method includes naming the playback device to be added based on a selected available option.

Abstract: The present application provides an information processing method and an electronic apparatus that can automatically adjust the electronic apparatus to an information inaccessible state, thus the information security is enhanced. The method includes the steps of when a current state of the electronic apparatus is an information accessible state, obtaining an information of at least one parameter for determining whether it is necessary to adjust the current state from the information accessible state to an information inaccessible state or not; determining whether the at least one parameter meets a first preset condition or not to obtain a first determination result; when the first determination result is YES, adjusting the current state of the electronic apparatus to the information inaccessible state.

Abstract: A method, system, and manufacture for authorizing an untrusted client device for access on a content management system. The content management system receives a request from an untrusted client device to access content on the content management system. The content management system sends an authentication key to the untrusted client device. The content management system then receives the authentication key from a trusted client device. Based on the matching authentication key, the content management system transmits data to the untrusted client device in accordance with any additional instructions that the trusted client device may have sent.

Abstract: Disclosed herein is a technique for migrating data between a first device and a second device via a private wireless network hosted by the first device. According to some embodiments, the private wireless network is established based on a code generated by the first device. The second device derives wireless network parameters associated with the private wireless network and connects to the private wireless network. In turn, the data migration can commence when a connection between the first device and the second device has been established.

Abstract: Disclosed is a system and method for performing a semantic operation on a social network. In an embodiment, the method comprises receiving a social network user context associated with a user of the social network; generating, through a semantic operation, an interest network based on the user context information; and filtering, ranking or augmenting, using at least one processor executing stored program instructions, a retrieval of information related to the social network based on the interest network; wherein the interest network comprises concepts represented by a data structure associated with the concepts in the interest network. In another embodiment, the method further comprises representing the interest network as an interest graph. In yet another embodiment, the semantic operation is a synthesis operation or retrieval operation performed on a knowledge representation.

Abstract: Active memory for managing network telemetry information, or other types of information stored as objects, has objects partially-serialized to allow greater amounts of information to store in a memory of a given size with slightly increased retrieval times. Storing additional information in an active memory provides an overall increase in network security platform responsiveness by allowing a greater amount of information to be accessible from the active memory instead of archive.

Abstract: Methods and apparatus are disclosed to identify media using hash keys. An example disclosed method includes generating a hash key based on first samples of media. In the disclosed example method, the first samples corresponds to a portion of the media sampled in a buffer of a computing device. The example method also includes applying a blurring function to the hash key to generate a blurred hash key. The example method also includes generating first confirmation data based on second samples of the media. The example method also includes storing the blurred hash key in association with the first confirmation data and first reference data in a memory separate from the buffer of the sampled media. In the example methods, the reference data identifies the portion of the media.

Abstract: A device, system, and method for streaming data over a data network based on biometric verification. A computing device includes a wireless transceiver configured to communicate wirelessly with a data network, a user interface configured to receive a user input to stream data between a streaming device and the computing device in communication with the data network, and a biometric characteristic reader configured to receive user characteristic data to verify a user's identity. The computing device is configured to stream the data between the streaming device and the computing device via the wireless transceiver and the data network based on verification of the user's identity.

Abstract: The present invention relates to a system and method for facilitating access to secure network sites, such as sites providing secure financial information. An active software agent is utilized to fetch passwords and user identifiers from a user computing system and to use the passwords and identifiers to extract required information from the secure site. The password sites and identifiers are encrypted and an encryption key is stored at a network mode remote from the user's computer and is fetched in order to enable the passwords and identifiers to be decrypted so that the active agent can use them to obtain the required information.