Abstract: A device may load a process under test into virtual memory associated with the device. The virtual memory may include a plurality of memory pages. The device may insert a malware inspection element and a memory tracking element into the process under test and may provide a notification of an event associated with the process under test to a memory tracking element. The device may identify, using the memory tracking element, one or more memory pages of the plurality of memory pages. The one or more memory pages may be assigned to, and used by, the process under test. The device may generate, based on identifying the one or more memory pages, a memory map, associated with the process under test, that may include information identifying the one or more memory pages as being assigned to, and used by, the process under test.

Abstract: Provided is a process that includes: obtaining a first request by a first program associated with a first sub-partition of a first partition of a tamper-evident data store of a decentralized computing platform to read data stored in either (i) a second sub-partition of the first partition of the tamper-evident data store of the decentralized computing platform, or (ii) a second partition of the tamper-evident data store of the decentralized computing platform; determining with a subset of peer computing nodes of a set of peer computing nodes that the first program is authorized to read from the second sub-partition or the second partition; and in response to the determination, causing the requested data to be read from the second sub-partition or the second partition.

Abstract: Embedding of digital incentive tokens within a digital image can occur cryptographically using a public key in some embodiments. An encrypted digital incentive token may be embedded within a digital image, including a variety of encrypted information. The digital image with the embedded digital incentive token may be sent to users via delivery mechanisms such as direct webpage embedding, email, text message, and social media sharing. An image recipient may be able to view the image and also take additional action including gaining access to the embedded digital incentive token. Digital incentive tokens can be embedded by altering image metadata so that the image itself is not changed in some embodiments, but data associated with the image is changed to identify the token. Pixel data can be altered to reflect a token for an image. Digital incentive tokens can also be tracked through different platforms to determine usage.

Abstract: The instruction code including an instruction code stored in the area where the encrypted instruction code is stored in a non-rewritable format is authenticated using a specific key which is specific to the core where the instruction code is executed or an authenticated key by a specific key to perform an encryption processing for the input and output data between the core and the outside.

Abstract: The disclosed enhanced document creation and parsing systems deal with enhanced documents that allow for the presentation of document content in a preferred visual manner, while ensuring that the document content can be captured accurately by an automated parser with nothing being discarded or misrepresented. The enhanced document creation system may create an enhanced document by encoding document content in accordance with a defined schema, optionally encrypting the resulting structured data into an encrypted byte string, and embedding the encrypted byte string as non-visible metadata in a rendered document. The resulting enhanced document can be completely and accurately parsed by an enhanced document parsing system that is capable of extracting, decrypting and decoding the embedded document metadata.

Abstract: The present disclosure relates to security risk warning system that a recipient may acknowledge and act accordingly. Security insights may be provided explicitly in a security insight panel that may clearly identify vulnerabilities specific to a particular authenticable communication. This may limit risk that a recipient would ignore or not understand the risk. Security insights may be provided for a combination of indicated source, recipients, and content, such as links, text, attachments, and images. Security insights may be provided on site, such as on or proximate to the reviewed portions of the authenticable communication.

Abstract: Technologies related to generating and continuously maintaining a record of data processing activities are described herein, where the processing record is generated on behalf of an enterprise that operates an enterprise computing system. The processing record includes numerous fields related to the processing of data by the enterprise computing system, and such fields are automatically generated based upon information pertaining to the enterprise computing system that is acquired from several different sources.

Abstract: There is described a neural network system implemented by one or more computers for determining graph similarity. The neural network system comprises one or more neural networks configured to process an input graph to generate a node state representation vector for each node of the input graph and an edge representation vector for each edge of the input graph; and process the node state representation vectors and the edge representation vectors to generate a vector representation of the input graph. The neural network system further comprises one or more processors configured to: receive a first graph; receive a second graph; generate a vector representation of the first graph; generate a vector representation of the second graph; determine a similarity score for the first graph and the second graph based upon the vector representations of the first graph and the second graph.

Abstract: A system includes an ingestion component configured to receive a request from an entity for content related to a content item and a user identity. The request has a content identifier representative of the content item and a token. A request processing component of the system is configured to access a database associated with the system and identify the content item and the user identity using the content identifier and the token, wherein the database has information associating the token with the user identity and associating the content identifier with the content item. In response to identification of the content item and the user identity, the request processing component directs a recommendation engine associated with the system to identify the content related to the content item and the user identity. Information identifying the content related to the content item and the user identity is then transmitted back to the entity.

Abstract: The technology disclosed herein provides a proof-of-work key wrapping system for verifying device capabilities. An example method may include: accessing a wrapped key and a cryptographic attribute for the wrapped key from an encrypted memory region, wherein the wrapped key encodes a cryptographic key; deriving, by a processing device, the cryptographic key in view of the wrapped key and the cryptographic attribute, wherein the deriving consumes computing resources for a duration of time; using the cryptographic key to access program data; and executing, by the processing device, the program data, wherein the executed program data evaluates a condition related to the duration of time.

Abstract: An approach for establishing a priority ranking for endpoints in a network. This can be useful when triaging endpoints after an endpoint becomes compromised. Ensuring that the most critical and vulnerable endpoints are triaged first can help maintain network stability and mitigate damage to endpoints in the network after an endpoint is compromised. The present technology involves determining a criticality ranking and a secondary value for a first endpoint in a datacenter. The criticality ranking and secondary value can be combined to form priority ranking for the first endpoint which can then be compared to a priority ranking for a second endpoint to determine if the first endpoint or the second endpoint should be triaged first.

Abstract: A method for performing a matrix multiplication operation being secure against side-channel attacks according to one embodiment, which is performed by a computing device comprising one or more processors and a memory storing one or more programs to be executed by the one or more processors, includes shuffling an order of execution of multiplication operations between elements of a first matrix and elements of a second matrix for a matrix multiplication operation between the first matrix and the second matrix; and performing the matrix multiplication operation based on the shuffled order of execution.

Abstract: Aspects of the present disclosure are presented for an AI system featuring specially designed AI hardware that incorporates security features to provide iron clad trust and security to run AI applications/solution models. Presented herein are various security features for AI processing, including: a trust and integrity verifier of data during operation of an AI solution model; identity and trust establishment between an entity and the AI solution model; secure isolation for a virtual AI multilane system; a real-time attack detection and prevention mechanism; and built in detection mechanisms related to rogue security attack elements insertion during manufacturing. Aspects also include security to implement an AI network interconnecting multiple user devices in an AI environment.

Abstract: A system for an interactive political platform includes a computing device configured to produce a user signature, identify a political alignment as a function of the user signature, wherein identifying a political agreement further comprises receiving an ethical set, identifying the political alignment as a function of the ethical set and the user signature using an alignment machine-learning model, determine a representative index as a function of the user political alignment, wherein determining the representative index further comprises receiving a bureaucratic indicator, and determining the representative index as a function of the bureaucratic indicator, and transmit a notification to a user as a function of the representative index.

Abstract: Techniques for exporting remote cryptographic keys are provided. In one technique, a proxy server receives, from a secure enclave of a client device, a request for a cryptographic key. The request includes a key name for the cryptographic key. In response to receiving the request, the proxy server sends the request to a cryptographic device that stores the cryptographic key. The cryptographic device encrypts the cryptographic key based on an encryption key to generate a wrapped key. The proxy server receives the wrapped key from the cryptographic device and sends the wrapped key to the secure enclave of the client device.

Abstract: A mobile device securely communicates with an electronic device within an automobile. The mobile device transmits encrypted spatial state information and the electronic device provides commands to the automobile in response. Spatial state information may include location, motion, or the like. Commands to the automobile may include door unlock commands, remote start commands, horn honk commands, or the like.

Abstract: Provided are techniques for securely processing secret values in application configurations. A configuration file for an application is retrieved from a first repository, where the configuration file stores a configuration value and a link to a secret value in a second repository. The secret value is retrieved from the second repository using the link. The configuration value is hashed to output a hashed configuration value and the secret value is hashed to output a hashed secret value. The hashed configuration value is signed, with a private key, to output a hashed and signed configuration value, and the hashed secret value is signed, with the private key, to output a hashed and signed secret value. The configuration value, the secret value, the hashed and signed configuration value, and the hashed and signed secret value are stored in a release file. The application is executed using the release file.

Abstract: A system for providing a query processing service based on personal-information protection, includes: a client terminal configured to allow a user to input and send query content for solving a problem; a relaying and processing server configured to extract and process personal information contained in the query content received from the client terminal, transmit processed query content the processed personal information to a cloud service server, and transmit an answer to a query received from the cloud service server to the client terminal; and the cloud service server configured to generate the answer to the query by analyzing the processed query content received from the relaying and processing server, and transmit the answer to the query to the relaying and processing server.

Abstract: A virtual environment system for validating executable data using authorized hash outputs is provided. In particular, the system may generate a virtual environment using a virtual environment device, where the virtual environment is logically and/or physically separated from other devices and/or environments within the network. The system may then open a specified set of executable data within the virtual environment and perform a set of commands or processes with respect to the executable data. If the system determines that the executable data is safe to run, the system may generate a hash output of the executable data and store the hash output in a database of approved executable data. In this way, the system may securely generate a repository of authorized hashes such that the system may ensure that only safely executable code is processed by the computing systems within the network environment.

Abstract: A system and method includes a blockchain operation stack which may control access to reading and writing operations for a blockchain. The blockchain operation stack may include a credential authority layer that may control permissions for profiles maintained by the credential authority layer. When the permissions are granted by the credential authority layer, a presentation layer may generate a display that may include information on the blockchain structure. Integrity outputs stored in a successor block may verify that a predecessor block has been rewritten and is valid. The presentation layer may provide tools to facilitate write layer operations to rewrite and append to the blockchain.