Abstract: Systems, methods and apparatus for enabling access to secure data. A first module is arranged to generate a limited use passcode and make the passcode available to a user. A second module and a third module are arranged to communicate whereby to enable detection of the third module being in proximity to the second module. A fourth module is arranged to receive a passcode via user input. The apparatus is arranged to enable access to secure data in dependence on the fourth module receiving a valid passcode generated by the first module and the third module being in proximity to the second module.

Abstract: Techniques for tamper detection of a memory module having non-volatile memory devices resident on a printed circuit board (PCB) by circuitry of a controller also resident on the PCB. Examples include determining resistance values of a character pattern sprayed on a side of a cover facing the non-volatile memory devices using conductive ink following first and second boots of the memory module and asserting a bit of a register to indicate tampering of the memory modules based on a comparison of the resistance values. Tamper policy actions may be initiated based on detection of tampering.

Abstract: The use of browser context in detecting malware is disclosed. A client device requests content from a remote server. Data received by the client device from the remote server is transmitted to an external scanner for analysis by the external scanner. The external scanner is configured to use a browser executed in an instrumented virtual machine environment to analyze the data provided by the client device. The client device is configured to request the content from the remote server using a browser extension configured to retrieve data and provide the retrieved data to the external scanner without rendering the retrieved data.

Abstract: A memory system includes a first memory and a second memory that share common addresses received from a memory controller, wherein the first memory includes a first scrambling circuit suitable for scrambling a common address to generate a first scrambled address designating a word line to be activated in the first memory, and the second memory includes a second scrambling circuit suitable for scrambling the common address to generate a second scrambled address designating a word line to be activated in the second memory, and the first scrambling circuit and the second scrambling circuit perform a scrambling operation in such a manner that neighboring word lines, adjacent to a word line selected by a first common address, are selected a most in one memory among the first memory and the second memory by a second common address other than the first common address.

Abstract: Aspects of the present disclosure are operable to protect against malicious objects, such as JavaScript code, which may be encountered, downloaded, or otherwise accessed from a content source by a computing system. In an example, antivirus software implementing aspects disclosed herein may be capable of detecting malicious objects in real-time. Aspects of the present disclosure aim to reduce the amount of time used to detect malicious code while maintaining detection accuracy, as detection delays and/or a high false positive rate may result in a negative user experience. Among other benefits, the systems and methods disclosed herein are operable to identify malicious objects encountered by a computing system while maintaining a high detection rate, a low false positive rate, and a high scanning speed.

Abstract: A method to participate in a blockchain-implemented token distribution process is disclosed. The token distribution process divides an initial quantity of tokens at an input address associated with an input node into a plurality of sub-quantities and uses a mixer node to distribute the sub-quantities to multiple output addresses associated with respective output nodes using a blockchain. The token distribution process utilizes a hierarchical token distribution scheme to recruit the mixer node. The hierarchical token distribution scheme involves a first commitment channel (Ui ? Uij) for a first transaction between the upstream node and a recruited mixer node (Uij), and for each of the plurality of downstream nodes, a second commitment channel (Uij ? Uijk) for a second transaction between the mixer node and a selected downstream node, wherein an unlocking script for the first transaction is derived from an unlocking script for any one of the second transactions.

Abstract: A method of determining a response of a radio frequency wireless communication system to an adversarial attack is provided. Adversarial signals from an adversarial node are transmitted to confuse a target neural network of the communication system. An accuracy of classification of the incoming signals by the target neural network is determined.

Abstract: The exemplary embodiments are related to a device, a system, and a method for implementing a mechanism that is configured to prevent the unauthorized execution of software. A user device is configured to execute a feature access function corresponding to an application feature included in an application. The feature access function is configured to receive one of a plurality of values each time the application is launched. During operation, the feature access function receives a value and determines whether a condition is satisfied. When the condition is satisfied, the value is returned which indicates that execution of the application feature is permitted.

Abstract: A regularization unit standardizes similar expressions across a plurality of URIs in access logs of requests made to a plurality of web servers, thereby changing the URIs into regularized URIs. A calculation unit calculates, among the access logs that are from the same source, the relative frequency of certain access logs to all access logs, the certain access logs corresponding to requests made to different destinations for the same regularized URI and also corresponding to certain response codes. If the largest of all the relative frequencies calculated for the regularized URIs is at least a certain threshold, a determination unit determines the regularized URIs to be scanning targets.

Abstract: Authentication systems and methods can selectively authenticate a request to access a resource data store storing access rights associated with a user device. The systems and methods can scalably execute challenges workflows as part of the authentication process. For example, a request to access one or more access rights stored in the data store can be received from the user device. The user device can be authenticated using challenge workflows selected based on a device identifier of the user device. The selected challenge workflows can be executed to determine whether or not to grant access to the access rights stored in the resource data store.

Abstract: A system for leveraging a tokening system to authenticate a traveler while maintaining anonymity of the traveler is provided. The system may include a secure central server configured to store identification data associated with a plurality of users. The system may also include a mobile token application for providing a token identifier representing a user's identification data. The mobile token application may be activated by the central server on a mobile device of the user registered with the central server and stored in a secure storage on the mobile device of the user. The system may also include a travel service provider. The travel service provider may be configured to enable reserving a travel reservation file. The travel service provider may be enabled to retrieve a token identifier from the user's mobile device as representing the identification of the user and verify the token identifier with the central server.

Abstract: A method of bot detection in a computer network leverages a machine learning system. The machine learning system receives a fingerprint derived at a server, the server having extracted a set of transport layer security parameters received from a client and processed the set parameters into the fingerprint. Based at least in part on the fingerprint, the learning system determines whether the client is likely to be a bot as opposed to a human user. The system generates and returns to the server as score having a first value when the fingerprint is determined to be associated with a good client, and having a second value when the fingerprint is determined to be associated with a bot. Based on the score received from the machine learning system, the server takes a configured action with respect to the client.

Abstract: Systems and methods for authenticating access to multiple data stores substantially in real-time are disclosed. The system may include a server coupled to a network, a client device in communication with the server via the network and a plurality of data stores. The server may authenticate access to the data stores and forward information from those stores to the client device. An exemplary authentication method may include receipt of a request for access to data. Information concerning access to that data is stored and associated with an identifier assigned to a client device. If the identifier is found to correspond to the stored information during a future request for access to the store, access to that store is granted.

Abstract: A method for authentication of chat bots includes determining that a first chat bot is authenticated, by a server, for first session communication at a first chat session with a first chat application instance. The first chat session is hosted by a first chat service. The method includes determining authentication intent to authenticate, with the server, a second chat bot for a second session communication at a second chat session with a second chat application instance. The second chat session is hosted by a second chat service, where the first chat bot and the second chat bot simulate respective chat application instances. The method also includes providing authentication credentials, via the first chat session, to authenticate the second chat bot with the server for the second session communication.

Abstract: Computer assets within a defined network are identified using scanning services respectively connected to each of a plurality of network zones within the defined network. A plurality of interne protocol (IP) addresses within the particular one of the network zones are identified by a particular scanning service contained within the particular one of the network zones. The particular scanning service collects information associated with each of the plurality of IP addresses and infers, using the collected information, additional information about the plurality of IP addresses. The particular scanning service validates the additional information and presents analytics based upon the collected information and the additional information. Firewalls contained within the particular one of the network zones are configured to allow access by the particular scanning service.

Abstract: A network device may decrypt a record received from a source device and associated with an encrypted session. The network device may process the decrypted record. The network device may encrypt the record to generate an encrypted payload. The network device may store an entry in a retransmission mapping that includes a decryption key used to decrypt the record and an encryption key used to encrypt the record. The network device may transmit the encrypted payload in a first TCP packet toward the destination device. The network device may receive retransmitted data and may determine, based on the record entry, that the retransmitted data is associated with the record. The network device may decrypt, using the decryption key, the retransmitted data and may re-encrypt, using the encryption key, the decrypted record. The network device may transmit, toward the destination device, the encrypted payload in a second TCP packet.

Abstract: Disclosed herein are systems and method for inspecting archived slices for malware. In one exemplary aspect, the method comprises identifying a first slice in a plurality of slices in a backup archive, wherein the first slice is an image of user data at a first time. The method comprises scanning the first slice of the plurality of slices in the backup archive and detecting at least one infected file in the first slice. The method comprises identifying a block of the first slice that corresponds to the at least one infected file. The method comprises mounting, to a disk, a second slice of the plurality of slices. The method comprises tracking the block and determining that the at least one infected file exists on the second slice and removing the infected file from the second slice by generating a respective cured slice of the second slice.

Abstract: Disclosed herein are enhancements for operating a web application firewall to reduce load. In one implementation, a method of operating a content server for a web application comprising running a web accelerator with a plurality of threads on the content server. The method further provides receiving a request for content which will be provided to a web application, filtering the request and determining that the content will be requested from a second server. After determining that the content will be requested from a second server, reviewing the request with a web application firewall operating at a network layer 7, forwarding the request, receiving the content, and providing the content. Further, the web application firewall is controlled by a plurality of sets of rules, which can be updated without restarting the web accelerator.

Abstract: Various systems, mediums, and methods herein describe aspects of an authentication system. The system may receive a request from a user device to authenticate a user. The system may determine a route travelled by the user. The route can be determined based at least on data retrieved from the user device of the user. The system may determine one or more objects viewable along the route. At least one image of the one or more objects can be selected. The system may communicate the at least one image and at least one other image to the user device to be displayed on the user device. The system may receive a selection of the at least one image by the user through a display of the user device. The authentication of the user can be based, at least in part, on the user selection of the at least one image.

Abstract: A non-transitory computer readable medium includes instructions that when executed by a processor, cause the processor to detect an attempt to record content being displayed on a display, cause, in response to detecting the attempt, an obstruction to be displayed on the display to block viewing of the content on the display, and remove the obstruction on the display to allow viewing of the content on the display when one or more conditions are met.