Abstract: In an authentication method, a wireless communication is established between a mobile device and a wearable device. A proximity is detected between the mobile device and the wearable device by comparing mobile device position information and wearable device position information. Access to the mobile device is granted based on a detected proximity.

Abstract: Methods and systems are provided that may be implemented in an automated manner to distribute and integrate information regarding threat indicators as they occur in real time. The provided methods and systems may be implemented to combine threat indicator characteristic information in real time with application behavior patterns, information handling system types, and/or application types; and to automatically apply the resulting intelligence together to improve malicious attack defense at the application and information handling system level at scale.

Abstract: A method and/or computer software for estimating the probability that a software weakness will be used in an exploit and/or malware and the probability that the developed exploit and/or malware will result in a compromise.

Abstract: Disclosed is a device for configuring and implementing network security for a connected network node, and for shifting the network security closer to the attack point of origin. In particular, the device may activate attack protections on different Multi-Access Edge Computing (“MEC”) devices that are physically located near or at the attack point of origin. The device may detect an attack signature based on one or more received data packets, and may provide a response with an extended header field, the attack signature, and/or other attack protection instructions. The responses may be passed to an address of a suspected attacker. MEC devices along the network path may detect and receive the responses, and implement attack protections in response. The responses may also be passed to a multicast or broadcast address that the MEC device may use to receive responses.

Abstract: A file vulnerability detection method includes: translating a binary file into an intermediate file; analyzing the intermediate file to obtain multiple functions to be tested; establishing function characteristic data of each of the functions to be tested; and comparing correlations between the function characteristic data of each of the functions to be tested and at least one pair of characteristic data with vulnerability of at least one vulnerability function and characteristic data without vulnerability of the at least one vulnerability function in a vulnerability database based on a characteristic model to determine whether each of the functions to be tested corresponding to each function characteristic data has a vulnerability, wherein the characteristic model has information representing multiple back-end binary files generated by multiple back-end platforms, wherein the characteristic data with vulnerability has the vulnerability, and the characteristic data without vulnerability does not have the vuln

Abstract: A circuit board is protected by being enclosed in a security housing that includes conductive tamper traces running along its interior surface, the conductive tamper traces being a housing portion of a tamper detection circuit. The tamper detection circuit also includes a board portion that detect tampering with the tamper detection circuit by monitoring voltages at monitor nodes along the board portion. The board portion of the tamper detection circuit is connected to the tamper traces via multiple connector pieces. The connector pieces can be held in place by board connector piece holders affixed to the board or housing connector piece holders of the housing. When tampering is detected, it can be localized based on voltages measured at multiple recesses along the housing. The tamper detection circuit can be arranged in a wheatstone bridge layout for environmental tolerance. The circuit board's functions/components can be disabled if tampering is detected.

Abstract: The disclosure herein generally relates to the field of privacy preserving in an application, and, more particularly, to enabling privacy in an application using fully homomorphic encryption. The disclosure more specifically refers to enabling a most optimal FHE for privacy preserving for the application based on a set of constraints using a disclosed set of optimization tasks. The set of optimization tasks comprise a multi objective-multi constraint optimization task and a single objective-multi constraint optimization task, that identifies an optimal FHE library, along with an associated FHE functionality and an optimal configuration of the associated FHE functionality based on the set of constraints. The identified FHE library along with the associated FHE functionality and the optimal configuration of the associated FHE functionality facilitate optimal implementation of privacy in the applications.

Abstract: Embodiments bypass Address Space Layout Randomization (ASLR) executed on a web server that implements a web function. Embodiments, from a client remote from the web server, construct a stack layout of the web function. Embodiments identify memory locations of the stack layout that are writable and read a currently stored library instruction address of a library at the identified memory locations. Embodiments then iteratively increment the currently stored library instruction address by one and overwriting the identified memory locations until a remote shell is successfully spawned or another malicious instruction is executed.

Abstract: Techniques, methods and/or apparatuses are disclosed that enable facilitation of remediation of one or more vulnerabilities detected in a web application. Through the disclosed techniques, methods and/or apparatuses, users will be able to navigate to respective web pages of the detected vulnerabilities and snap directly to the vulnerabilities within the webpages. This allows the users to immediately know the location of the vulnerability, and inline feedback can be provided on the issue, including description, severity, solution and plugin outputs.

Abstract: One example method includes packaging a containerized application into at least two images. The first image may include the main application and the second image includes a decryptor. Sensitive information associated with the application is encrypted and included in the second image. The decryptor operates separately from the main application. After the decryptor successfully completes, the main application is run. The main application may include a copier layer to copy any data decrypted by the decryptor into the main application.

Abstract: A method and apparatus for providing security visibility into a container image. The method includes generating a software list by analyzing layers forming a container image, generating a vulnerability check result based on the software list, and generating a container image content report based on the software list and the vulnerability check result.

Abstract: A two-dimensionality detection method for industrial control system attacks: collecting data; transmitting the data to a PLC and an embedded attack detection system; uploading, by the PLC, received data to an SCADA system; transmitting, by the SCADA system, the data to the embedded attack detection system after classifying and counting the data; before starting detection, directly reading, by the embedded attack detection system, the data measured by sensors; refining data association relationships and probability distribution characteristics of the sensors of normal operation to complete storage of health data model; after starting detection, in first dimensionality, comparing the data collected directly by the sensors with statistical data of the SCADA system to judge the attacked condition of the SCADA system, and in second dimensionality, comparing the characteristics of the data collected directly by the sensors and counted online with the health data model to judge the attacked condition of the sensors.

Abstract: Methods, systems, and devices for homomorphic encryption. In one implementation, the methods include inputting first data into a recurrent artificial neural network, identifying patterns of activity in the recurrent artificial neural network that are responsive to the input of the secure data, storing second data representing whether the identified patterns of activity comports with topological patterns, and statistically analyzing the second data to draw conclusions about the first data.

Abstract: Embodiments are disclosed for testing source code changes. The techniques include generating an incremental intermediate representation of a security vulnerability fix to repair an identified security vulnerability of a source code application. The techniques also include merging the incremental intermediate representation with a full intermediate representation of a previous version of the source code application. The techniques further include generating an impact graph based on the merged intermediate representation. Additionally, the techniques include performing a security vulnerability analysis on the security vulnerability fix based on the merged intermediate representation, the impact graph, and the identified security vulnerability. Further, the techniques include updating the security vulnerability analysis by removing one or more findings that are not related to the impact graph.

Abstract: A system and method for detecting and blocking bots are presented. The method includes receiving unlabeled data regarding a visitor of a web source, grouping the received unlabeled data with similar characteristics into a group of data, detecting, based on the group of data, at least one anomaly, and determining, based on the at least one detected anomaly, several visitors to be blacklisted.

Abstract: A method includes determining, by an analysis system, a system aspect of a system for a protection evaluation. The method further includes determining, by the analysis system, at least one evaluation perspective for use in performing the protection evaluation on the system aspect. The method further includes determining, by the analysis system, at least one evaluation viewpoint for use in performing the protection analysis on the system aspect. The method further includes obtaining, by the analysis system, protection data regarding the system aspect in accordance with the at least one evaluation perspective and the at least one evaluation viewpoint. The method further includes calculating, by the analysis system, a protection rating as a measure of protection maturity for the system aspect based on the protection data, the at least one evaluation perspective, the at least one evaluation viewpoint, and at least one evaluation rating metric.

Abstract: The technology disclosed relates to streamlined analysis of security posture of a cloud environment. In particular, the disclosed technology relates to a graphical query builder for generating a subject path signature, for example representing a vulnerability path in the cloud environment. A computer-implemented method includes generating a graphical user interface having configurable node elements and edge elements and, in response to user input on the graphical user interface, configuring the node elements to represent entities in a subject path signature in the cloud environment and the edge elements to represent relationships between the entities in the subject path signature. The method also includes generating a query representing the subject path signature, executing the query to qualify a set of network paths in the cloud environment as conforming to the subject path signature, and outputting query results identifying the qualified set of network paths.

Abstract: Methods and systems for continuously and quantitatively assessing the risk to data confidentiality, integrity, and availability on identified on endpoints, servers, medical devices, and “Internet of things” devices in a networked healthcare environment monitor resource requests by user applications running on the various device. A map of resource usage by each application may be generated. Based on the map and a risk model (e.g., the contents of a risk database), application events associated with risks are detected and resources vulnerable to the risk may be identified.

Abstract: A system and method for facilitating distributed peer to peer storage of data is disclosed. The method includes receiving a request from a user to securely store one or more files, encrypting the one or more files by using one or more primary encryption keys and splitting each of the encrypted one or more files into an encrypted set of data chunks. The method further includes transmitting the encrypted set of data chunks to one or more trustee devices, encrypting a metadata by using a secondary encryption key and receiving a request to securely access the one or more files. Further, the method includes obtaining the encrypted set of data chunks and the secondary encryption key from the one or more trustee devices and creating the one or more files, such that the user is provided access of the one or more files.

Abstract: A one-time password (OTP) based security scheme is described, where a provider pre-generates a number of verification codes (e.g., OTP codes) which will be valid for a predetermined interval. The provider then encodes the verification codes (e.g., by hashing each code with a time value), and stores the verification codes into a data structure. The data structure can be provided to a verification system that can use the set of pre-generated OTP codes to authenticate requests received from users having personal security tokens.