Abstract: In one embodiment, a method comprises: tracking, by a first security agent executed within a user network device, a plurality of wireless data networks that are available for connection by the user network device for secure communications with a second network device in a secure peer-to-peer data network, and maintaining a history of each of the wireless data networks; determining for each of the wireless data networks, by the first security agent, a corresponding risk assessment that identifies a corresponding risk in encountering a cyber threat on the corresponding wireless data network; and supplying, to a second security agent executed within the user network device, a recommendation for connecting to a wireless data link identified as avoiding the cyber threat during the secure communications, wherein the user network device has a two-way trusted relationship with the second network device in the secure peer-to-peer data network.

Abstract: A system and method to transform a block of data is disclosed. A block of original data is retrieved from a data store, block of original data including a N number of words, each word including one or more bits of data. A multiplier matrix is provided, the multiplier matrix having N×N words, a plurality of sub matrices arranged diagonally within the N×N matrix, with each of the sub matrix arranged as a binomial matrix. All the words in the multiplier matrix not part of the sub matrix are set to zero. Each of the sub matrix is represented as a product of a plurality of lower factorized matrix, a plurality of upper factorized matrix and a shift matrix. The block of original data is multiplied with the multiplier matrix to generate a transformed block of original data with N number of words.

Abstract: A method and data processing system are provided for detecting a malicious component in a data processing system. The malicious component may be of any type, such as a hardware trojan, malware, or ransomware. In the method, a plurality of counters is used to count events in the data processing system during operation, where each event has a counter associated therewith. A machine learning model is trained a normal pattern of behavior of the data processing system using the event counts. After training, an operation of the data processing system is monitored using the machine learning model. Current occurrences of events in the data processing system are compared to the normal pattern of behavior. If a different pattern of behavior is detected, an indication, such as a flag, of the different pattern of behavior is provided.

Abstract: A method, apparatus and product for assessing security threats from lateral movements and mitigation thereof. The method comprising statically analyzing the network to determine for each asset of a list of assets in a network, potential network lateral movements therefrom to other assets; dynamically analyzing the network to validate each potential network lateral movement identified by the static analysis; generating a graph of network lateral movements, wherein the graph comprises nodes and directed edges, wherein a node of the graph represents an asset of the list of assets, wherein a direct edge of the graph connecting a source node to a target node represents a validated network lateral movement from a source asset, represented by the source node, to a target asset, represented by the target node; and utilizing the graph of network lateral movements to assess security risk to the network.

Abstract: Techniques are provided for ad-hoc authenticated group discovery and data sharing in a mesh network. A group of devices is created without leaving a security gap due to the open communication needed to establish the discovery of the devices forming the group. The group can be authenticated autonomously following network discovery of the devices. Instead of requiring global pre-assigned keys for authentication, the devices in the group are authenticated with signatures and certificate passing thereby providing strong security. The efficiency of data sharing between the devices of the network, such as a mesh network, can also be increased. One or more devices may act as a bridge device between devices of a same group that are not in direct wireless communication with each other to reduce re-broadcasts within the mesh network.

Abstract: Disclosed is a method and system for verifying a regex sanitizer and a validator. The method comprises verifying of at least one of a regex sanitizer and a validator by applying the regex sanitizer and a validator over multiple predefined tainted inputs. An output obtained after applying at least one of the regex sanitizer is checked for one of a tainted output or a non-tainted output. The at least one of the regex sanitizer and validator may be qualified as a valid regex sanitizer and validator based upon the checking. The valid regex sanitizer may be tagged with a validation signature. The valid regex sanitizer is used for checking the tainted input in the user's input.

Abstract: An artificial intelligence calculation semiconductor device is provided. The artificial intelligence calculation semiconductor device comprising: a control unit; and a MAC (Multiply and Accumulator) calculator which executes a homomorphic encryption calculation through the control unit, wherein the MAC calculator includes an NTT (Numeric Theoretic Transform)/INTT (Inverse NTT) circuit which generates cipher texts by performing a homomorphic multiplication calculation through transformation or inverse transformation of data, a cipher text multiplier which executes a multiplication calculation between the cipher texts, a cipher text adder/subtractor which executes addition and/or subtraction calculations between the cipher texts, and a rotator which performs a cyclic shift of a slot of the cipher texts.

Abstract: A method of securely processing data in a third party cloud environment is provided. Third party computer executable code is executed in a secure portion of the third party cloud environment. An external data request for external data to be received from an external data provider is then processed whereby the external data request comprises at least a portion of the secure data. The third party cloud environment determines whether to authorise the first external data request, and if the request is so authorised the request is sent to the external data provider and the external data is received from the external data provider.

Abstract: A remote software development infrastructure can include multiple cross-continent datacenters with a variety of remote devices to choose from in the datacenters. A user can select a remote device and access the remote device via a local machine. The infrastructure can stream a video feed of the display of the remote device to the local machine. The user can run a browser on the remote device to test a website, including for example, testing accessing the website and its features via the browser running on the remote device. URL requests to the user's website are received from the local machine and injected into the browser running on the remote device. The browser running on the remote device issues the URL requests. Restricted URL requests can be modified via a browser extension and replaced with a non-restricted URL pointing to the same communication endpoint as the restricted URL.

Abstract: A method including determining aggregate amounts of VPN data communicated by VPN servers with a host device during sample durations of time within a reference period; determining difference amounts indicating differences in the aggregate amounts of VPN data communicated by VPN servers with the host device during successive sample durations of time; determining average aggregate amounts of VPN data communicated by VPN servers with the host device based at least in part on averaging the difference amounts; determining a largest average aggregate amount, from among the average aggregate amounts, as an average threshold level; and selectively adjusting an amount of VPN data communicated by VPN servers with the host device based at least in part on a result of comparing the average threshold level with an observed average aggregate amount of VPN data communicated by VPN servers with the host device. Various other aspects are contemplated.

Abstract: An identity provider of a cloud computing service provides authentication for on-premise applications that is subject to a legacy authentication protocol that differs from the cloud-based network authentication protocol used by the identity provider. The identity provider generates a security ticket for use to gain access to the on-premise application. The security ticket is embedded in a security token associated with a cloud-based network authentication protocol. A client application seeking access to the on-premise application extracts the embedded security ticket from the security token which is then used to access the on-premise application via a legacy authentication protocol.

Abstract: A system having one or more processors. The one or more processors receive data having a request for transferring ownership of a portion of a security from a first user computing system. A portion of the data is signed by a signer with a group signature having an extension. The one or more processors further receive a request to link an identity of the signer and open the identity of the signer. The one or more processors provide to a regulator information corresponding to the group signature and a signature of a transferee being linked to the group signature. The one or more processors generate signing ability of a second user computing system associated with an identifier of the transferee. Generating the signing ability of the second user computing system to use the group signature transfers the ownership of the portion of the security.

Abstract: Systems and methods are provided for the classification of identified security vulnerabilities in software applications, and their triage based on automated decision-tree triage and/or machine learning. The disclosed system may generate a report listing detected potential vulnerability issues, and automatically determine whether the potential vulnerability issues are exploitable using automated triage policies containing decision trees or by extracting vulnerability features from the report and processing the extracted vulnerability features using machine learning models.

Abstract: In one embodiment, a method by an apparatus of a Border Gateway Protocol (BGP) network includes accessing an attestation token for the apparatus. The method further includes encoding the attestation token in a BGP signaling message. The method further includes sending the BGP signaling message with the encoded attestation token to a second apparatus of the BGP network.

Abstract: An example operation may include one or more of receiving, by a certificate issuer node, an asset certification request from an asset producer node over a blockchain, endorsing, by the certificate issuer node, an asset certificate in response to detection of the asset certificate issued to the asset producer node by another certificate issuer node, and recording a signature of the certificate issuer node into an asset producer node certification record on the blockchain.

Abstract: A system and method for security risk identification in a secure software lifecycle. A knowledge database has a plurality of security elements which are identified for a particular software application depending on software environment and prioritized in a task list. Code vulnerabilities are identified using code scanners, with security requirements updated based on identified vulnerabilities, lack of vulnerabilities for weaknesses covered by a code scanner, potential weaknesses not adequately covered by code scanners, and software environment changes.

Abstract: An anonymous authentication service for an invulnerable secret key authentication and encryption token distribution service. Applications place a small code segment within their communications protocol, thereby allowing network participants the full benefit of perfectly secure authenticated and encrypted message traffic without concern for third party key management. This is the world's first participant-managed, independent-trust secure messaging key distribution capability.

Abstract: The technology discloses a method applied by a policy manager to a cloud-based security system that unifies functions of access control and traffic inspection, threat detection and activity contextualization on inspectable and non-inspectable traffic, with a data manager coupled to the policy manager storing a superset of fields used to specify security policies across the cloud-based unified functions, including common fields shared by two or more of the functions.

Abstract: The present techniques may provide improved processing and functionality of performance of the 128-bit AES Algorithm, which may provide improved power consumption. For example, in an embodiment, an encryption and decryption apparatus may comprise memory storing a current state matrix of an encryption or decryption process and a plurality of multiplexers configured to receive from the memory current elements of the state matrix stored in the memory, perform a cyclic shift on the received elements of the state matrix, and transmit the shifted elements to the memory for storage as a new state matrix.

Abstract: Disclosed herein are systems and methods for device authentication or pairing. In an aspect, a wearable display system comprises a display, an image capture device configured to capture images of a companion device, a computer-readable storage medium configured to store the images of the companion device, and a processor in communication with the image capture device and the storage medium. The processor can be programmed with executable instructions to receive a first image of a first optical pattern displayed by the companion device captured by the image capture device, wherein the first optical pattern is generated by the companion device based on first shared data, extract first data from the first optical pattern in the received first image, authenticate the companion device based on the first data extracted from the first optical pattern, and notify a user of the wearable display system that the companion device is authenticated.