Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

Abstract: Disclosed are systems and methods for counteracting unauthorized access to microphone data. An example method include storing, in a data buffer, audio data received from an audio endpoint device, installing, a software driver associated with the audio session, where the software driver prevents access to the audio data by unauthorized software applications, and receiving process identifier data from a software application requesting to access the audio data stored in the data buffer. Furthermore, the method includes determining whether the application requesting access to the audio data is an unauthorized software application and controlling the software driver to prevent access to the audio data by the determined unauthorized software application.

Abstract: A cable management system includes a cable that transmits data between information handling systems (IHSs). The cable includes a first end and a second end that is opposite the cable from the first end. A first connector is located on the first end of the cable and couples the cable to a first IHS. A second connector is located on the second end of the cable and couples the cable to a second IHS. A first communication system is located adjacent the first end of the cable. The first communication system receives and stores first IHS information about the first IHS when the first connector is coupled to the first IHS and second IHS information about the second IHS when the second connector is coupled to the second IHS. The first communication system may then provide the first and second IHS information to a management device.

Abstract: A method of accessing electronic content received by a mobile device includes: determining a current location of the mobile device; comparing the current location with a zone within which an instance of electronic content may be accessed; when the result of the comparison indicates that the mobile device is located within the zone, accessing by the mobile device the instance of electronic content and providing at least part of the instance of electronic content for display on the mobile device; determining a new current location of the mobile device while the instance of electronic content is being accessed; and checking that the new current location of the mobile device is with the zone. If the mobile device is no longer within the zone, the mobile device terminates the access to the instance of electronic content.

Abstract: The disclosed computer-implemented method for detecting potentially malicious applications may include (1) detecting a request issued by an application running on a client device to download a file from a remote device, (2) determining that the request calls an application programming interface that enables the client device to download the file from the remote device, (3) determining that a parameter passed to the application programming interface in the request has been implicated in a previous attempt to download a known malicious file, and then in response to determining that the parameter has been implicated in a previous attempt to download a known malicious file, (4) classifying the application that issued the request as potentially malicious. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method, device and system for obtaining a local domain name are provided. A Dynamic Host Configuration Protocol (DHCP) request from a User Equipment (UE) is received, in which the request carries an option for indicating returning a domain name of a local domain where the UE is located; and the domain name of the local domain where the UE is located is obtained according to the DHCP request, and the domain name of the local domain where the UE is located is carried in a DHCP reply message to be returned to the UE. A device and system for obtaining a local domain name are also provided, which solve the problem that a user is incapable of obtaining a local domain name after full authentication, so that a UE can perform fast re-authentication during a handover, thereby reducing a handover delay and improving the user experience.

Abstract: An authentication device includes circuitry that holds L (L?2) secret keys si (i=1 to L) and L public keys yi that satisfy yi=F(si) with respect to a set F of multivariate polynomials of n-th order (n?2). The circuitry also performs with a verifier, an interactive protocol for proving knowledge of (L?1) secret keys si that satisfy yi=F(si). The circuitry receives L challenges from the verifier, arbitrarily selects (L?1) challenges from the L challenges received. The circuitry also generates, by using the secret keys si, (L?1) responses respectively for the (L?1) challenges selected, and transmits the (L?1) responses generated.

Abstract: A profiling service may determine, local to a device, user profile attributes associated with a device user based on interaction of the device user with the device, based on device-local monitoring of device user interactions with the device, and may store the user profile attributes in a memory. The profiling service may be configured as an augmentation to a device operating system of the device. A profile exposure component may manage exposure of information associated with the user profile attributes to applications operating locally on the device, without exposure to the applications or to third parties of information determined as sensitive to the device user.

Abstract: A security verification method includes: starting a monitoring process and monitoring a third-party application in an active state in the monitoring process; obtaining identification information of a current interface of the third-party application; determining, according to the identification information, whether the current interface is included in a preset monitoring list; displaying a security verification interface if the current interface is included in the monitoring list, and performing security verification on a user according to interaction between the user and the security verification interface; and displaying the current interface if the security verification succeeds. In addition, the present disclosure further provides a security verification apparatus.

Abstract: According to one embodiment of the present invention, a system for accessing protected content includes a first computing device with at least one processor. The system determines one or more users associated with information required to access content of a protected document based on a set of rules. A request is generated and sent to at least one second computing device associated with the one or more determined users to retrieve and utilize the required information to access the content of the protected document. Embodiments of the present invention further include a method and computer program product for accessing protected content in substantially the same manner described above.

Abstract: A multi-rule approach for encoding rules grouped in a rule chunk is provided. The approach includes a multi-rule with a multi-rule header representing headers of the rules and, in some cases, dimensional data representing dimensional data of the rules. The approach further includes disabling dimension matching of always matching dimensions, responding to an always match rule with a match response without matching, interleaving minimum/maximum values in a range field, interleaving value/mask values in a mask field, and for a given rule of rule chunk, encoding a priority field at the end of dimension data stored for the rule in the multi-rule. Advantageously, this approach provides efficient storage of rules and enables the efficient comparison of rules to keys.

Abstract: A first installation stores key identifications with allocation to a respective user and a second installation stores secret keys which each can be found by means of a key identification. The first installation authenticates a user who logs onto the first installation via a user device, creates a temporary identifier, allocates the identifier to the user and transmits the identifier to the user device. The second installation receives a request for a secret key from the user device together with the identifier and requests a key identification from the first installation, wherein the received identifier is transmitted. The first installation determines a user allocated to the received identifier, identifies a key identification stored for the determined user and transmits the key identification to the second installation. This second installation determines a secret key based on the received key identification and transmits the secret key to the user device.

Abstract: Methods and apparatus for maintaining businesses rules in a configuration system are disclosed. The presently disclosed system allows systems to be configured using a plurality of rules that are syndicated by a plurality of different manufacturers. Each manufacturer syndicates a portion of the overall system attributes and/or configuration rule set for use by others. Configuration users, such as the sales channel, may then create additional rules and/or configure products with the most recent version of the component attributes and configuration rules, and no single entity is burdened with maintaining the entire attribute and/or rule set.

Abstract: In an embodiment, a system includes at least one core and a trusted execution environment (TEE) to conduct an identity authentication that includes a comparison of streamed video data with previously recorded image data. Responsive to establishment of a match of the streamed video data to the previously recorded image data via the comparison, the TEE is to generate an identity attestation that indicates the match. Other embodiments are described and claimed.

Abstract: In accordance with some embodiments, a protected execution environment may be defined for a graphics processing unit. This framework not only protects the workloads from malware running on the graphics processing unit but also protects those workloads from malware running on the central processing unit. In addition, the trust framework may facilitate proof of secure execution by measuring the code and data structures used to execute the workload. If a part of the trusted computing base of this framework or protected execution environment is compromised, that part can be patched remotely and the patching can be proven remotely throughout attestation in some embodiments.

Abstract: A security server transmits a specification of a first set of files and directories to a computing device for monitoring according to a security policy. Each of the files or directories in the first set is associated with the operating system of the computing device or associated with an application running on the computing device. The server securely receiving data collected at the remote computing device, which includes metadata for the files and directories and content signatures computed for each file. The server compares the received metadata and content signatures for each file or directory against corresponding baseline metadata and baseline content signatures. The baseline metadata and baseline content signatures are stored at the security server. When there is a mismatch between the received metadata and corresponding baseline metadata or a mismatch between a received content signature and a corresponding baseline content signature, the server performs a remedial action.

Abstract: Methods and apparatus for the automated creation of targeted or focused content extractions and/or compilations (e.g., highlight reels). In one embodiment, the extractions or compilations are created for use in a content delivery network. In one variant, incoming live feeds are recorded. Time-stamped metadata from sources (either internal or external) able to identify moments and events of interest is used to parse or select portions of the live feeds to generate clips related thereto. Those clips are then sent to users (including optionally their mobile devices) for viewing. In some embodiments, a recommendation engine is used to select clips matching interests of a particular user or group of users. Varied sources of metadata may be used, and networked resources may be utilized to in the implementation of internal “excitement” monitoring systems.

Abstract: An approach is provided for establishing one or more communication sessions in a cloud computing environment and maintaining the establishment of the one or more communication sessions while managing system resource and power resource consumption. The approach involves causing, at least in part, an establishment of one or more communication sessions between at least one device and one or more other devices, wherein the communication sessions convey, at least in part, one or more notification messages. The approach also involves processing and/or facilitating a processing of device resource information, device capability information, network resource information, or a combination thereof to determine one or more parameters for generating one or more heartbeat signals to maintain the one or more communication sessions.

Abstract: A smartphone into which an application is installed includes a first and second authentication processing unit. The first authentication processing unit is configured to determine whether or not a current activation time of the application is past expiration time; permits authentication if the current activation time is not past the expiration time; and denies authentication if the current activation time is past the expiration time.

Abstract: A method of authenticating communication between a first and second device over an insecure communications network, in which the first device authenticates the second device using a communications protocol including a first communications phase through a first communications channel over the insecure communications network to establish a secure mode of communications between the first and second device, followed by a second communications phase of receiving information from the second device over a second communications channel, such as an empirical channel, and enabling a comparison between the information received from the second device with information generated by the first device thereby enabling authentication of the second device in the event of the information from both devices is consistent.