Abstract: Disclosed herein are enhancements for operating a web application firewall to reduce load. In one implementation, a method of operating a content server for a web application comprising running a web accelerator with a plurality of threads on the content server. The method further provides receiving a request for content which will be provided to a web application, filtering the request and determining that the content will be requested from a second server. After determining that the content will be requested from a second server, reviewing the request with a web application firewall operating at a network layer 7, forwarding the request, receiving the content, and providing the content. Further, the web application firewall is controlled by a plurality of sets of rules, which can be updated without restarting the web accelerator.

Abstract: Various systems, mediums, and methods herein describe aspects of an authentication system. The system may receive a request from a user device to authenticate a user. The system may determine a route travelled by the user. The route can be determined based at least on data retrieved from the user device of the user. The system may determine one or more objects viewable along the route. At least one image of the one or more objects can be selected. The system may communicate the at least one image and at least one other image to the user device to be displayed on the user device. The system may receive a selection of the at least one image by the user through a display of the user device. The authentication of the user can be based, at least in part, on the user selection of the at least one image.

Abstract: A non-transitory computer readable medium includes instructions that when executed by a processor, cause the processor to detect an attempt to record content being displayed on a display, cause, in response to detecting the attempt, an obstruction to be displayed on the display to block viewing of the content on the display, and remove the obstruction on the display to allow viewing of the content on the display when one or more conditions are met.

Abstract: Examples include configuration of a memory controller for copy-on-write with a resource controller. Some examples include, in response to a determination to take a snapshot of memory accessible to a first component, a resource controller configuring a memory controller to treat location IDs, mapped to initial memory locations of the accessible memory, as copy-on-write for the first component and not for a second component independent of the resource controller after the configuring.

Abstract: Systems and methods are provided for a detection and defense system relating to a network connection sharing application. For example, the system can simulate a request for a network password using a conventional application that shares this information. The application may be implemented on, for example, a mobile device or a virtual machine (VM). In some embodiments, the mobile device/VM attempts to establish a network connection to an access point (AP) using the shared password over a tunnel established between the AP and mobile device/VM. If the mobile device/VM can connect to the AP, an assumption may be made that the user credentials have been leaked and a potential security risk exists. An alert can be sent to a network administrator of the communication network (e.g., to perform an action, etc.). The action may include, for example, changing the password, removing access from one or more users, and the like.

Abstract: The systems, methods and apparatuses described herein provide a computing device that is configured to attest itself to a communication partner. In one aspect, the computing device may comprise a communication port configured to receive an attestation request from the communication partner, and an application-specific integrated circuit (ASIC). The ASIC may be configured to receive the attestation request, which may include a nonce. The ASIC may be further configured to generate a verification value, capture data representing a state of computation of the ASIC when the verification value is being generated, and send the verification value and captured data to the communication port to be transmitted back to the communication partner. The verification value may be a computation result of a predefined function taking the nonce as an initial value. In another aspect, the communication partner may be configured to attest the computing device using speed of computation attestation.

Abstract: Disclosed is a method and apparatus for modulus refresh, where the method for modulus refresh of a ciphertext in homomorphic encryption includes receiving a first ciphertext corresponding to a first modulus, generating a second ciphertext by performing a blind rotation on the first ciphertext, and generating a target ciphertext corresponding to a second modulus greater than the first modulus based on the first ciphertext and the second ciphertext.

Abstract: A communication network employing a method and system for secure access from a security device at a local network location to a remote network location are disclosed. At the security device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote network location, the security software obtaining a personal identification number (PIN) of a user, and the UID of the security device. The PIN, the UID and the private security software are forwarded to the remote network location for generating a credential code, including encrypting the credential code. At the security device, the credential code is obtained from the remote network location, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote network location are retrieved.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving user input indicating a first user selection of a first form of biometric authentication from a plurality of forms of biometric authentication, providing a first interface for display on a user device, the first interface corresponding to the first form, receiving first biometric data, the first biometric data being provided using the first interface, and selectively enabling communication between the user device and a back-end system based on the first biometric data.

Abstract: A modified measured boot approach is utilized for establishing a secure communication link between two devices. Each device may execute a respective boot process until the device reaches the stage responsible for establishing the communication link with the other device. Each device may exchange its respective self-signed certificate and extend its certificate chain with the self-signed certificate received from the other device. Each device can then generate a new pair of keys based on its extended certificate chain that includes the identity of the other device, and exchange the public key of the new key pair with the other device. A secure link can be established using the public key of the other device as a based key for a key exchange protocol. A central management entity can attest the measurements of the boot stages for each device using the corresponding public key.

Abstract: Disclosed herein are systems and methods for categorizing an application on a computing device including gathering a set of attributes of an application. The set of attributes of the application includes at least one of: a number of files in an application package of the application; a number of executable files in the application package; numbers and types of permissions being requested; a number of classes in the executable files in the application package; and a number of methods in the executable files in the application package. sending the gathered set of attributes to a trained classification model. The application is classified, using the classification model, based on the gathered set of attributes by generating one or more probabilities of the application belonging to respective one or more categories of applications. A category of the application is determined based on the generated one or more probabilities.

Abstract: Methods, software, products and systems of an identity authentication and verification system which provide one or more users to verify by electronic and non-electronic means the identity of a person with whom a user is interacting.

Abstract: The present disclosure is directed to preventing computer data from being usurped and exploited by individuals or organizations with nefarious intent. Methods and systems consistent with the present disclosure may store keys and keying data for each of a plurality of connections in separate memory locations. These memory locations may store data that maps a virtual address to a physical memory address associated with storing information relating to a secure connection. These separate memory locations may have a unique instance for each individual communication connection session, for example each transport layer security (TLS) connection may be assigned memory via logical addresses that are mapped to one or more physical memory addresses on a per-core basis. Such architectures decouple actual physical addresses that are used in conventional architectures that assign a single large continuous physical memory partition that may be accessed via commands that access physical memory addresses directly.

Abstract: Methods and systems for providing security and verifying a human user and/or an authorized user are described. A system may include a processor and a non-transitory, processor-readable storage medium. The non-transitory, processor-readable storage medium may include one or more programming instructions that, when executed, cause the processor to receive a request to access a secured resource, provide a verification challenge to a user via a user interface, receive at least one input from the user in response to the verification challenge, and determine that the at least one input corresponds to at least one parameter indicative of a human user. The verification challenge may include a game.

Abstract: Systems and methods for authenticating access to multiple data stores substantially in real-time are disclosed. The system may include a server coupled to a network, a client device in communication with the server via the network and a plurality of data stores. The server may authenticate access to the data stores and forward information from those stores to the client device. An exemplary authentication method may include receipt of a request for access to data. Information concerning access to that data is stored and associated with an identifier assigned to a client device. If the identifier is found to correspond to the stored information during a future request for access to the store, access to that store is granted.

Abstract: Systems and methods are provided for authenticating a user in connection with a network transaction by the user, based on a biometric combination for the user. One exemplary method includes receiving an authorization request for a network transaction by a user where the authorization request includes biometric data representing at least first and second biometrics of the user. The method also includes converting the biometric data to a personal identification number (PIN) specific to the biometric data, where the first biometric is converted to a first character of the PIN and the second biometric is converted to a second character of the PIN. The method further includes appending the PIN to the authorization request and transmitting the authorization request to an issuer, thereby permitting the issuer to approve or decline the network transaction based, at least in part, on the PIN included in the authorization request.

Abstract: Methods, systems, and computer-readable storage media for determining an initial distribution based on a set of survey boundaries and historical O-data, the historical O-data being generated through execution of a computer-implemented service, the historical distribution including a first set of parameter ranges and a second set of parameter ranges defining a set of range cells, adjusting one or more parameters ranges of at least one of the first set of parameter ranges and the second set of parameter ranges, determining an adjusted distribution defining a range space for a computer-based survey, receiving X-data from a set of users participating in the computer-based survey, the X-data including responses of users in the set of users provided to the computer-based survey, providing a set of X-data to O-data range vector correlations, and executing analytics of the computer-implemented service based on the set of X-data to O-data range vector correlations.

Abstract: A controller emulator, coupled to an interface that exposes the controller emulator to inputs from external sources, provides one or more control signals to a process simulator and a deep learning process. In response, the process simulator simulates response data that is provided to the deep learning processor. The deep learning processor generates expected response data and expected behavioral pattern data for the one or more control signals, as well as actual behavioral pattern data for the simulated response data. A comparison of at least one of the simulated response data to the expected response data and the actual behavioral pattern data to the expected behavioral pattern data is performed to determine whether anomalous activity is detected. As a result of detecting anomalous activity, one or more operations are performed to address the anomalous activity.

Abstract: A method and system for limiting the amount of screentime available to a child device based on the activity of a user of the child device. A parent device is used to specify activity threshold(s) and associate them with an amount of screentime. A wearable activity sensor provides activity data that is converted to a screentime value. An available screentime value is decremented as screentime is used on the child device. When the available screentime value reaches zero, access to functions or apps on the child device is disabled.

Abstract: Techniques are provided for tracking a virus footprint in data copies. Data copies can be made in a variety of ways, like with snapshots, backups, replications, and simple copies. As copies of files that have not been scanned since they were last modified are made, these copies can be kept track of, and associated with the original file. When the original file is later scanned and found to be clean or infected, this information can be propagated through the copies.