Abstract: Systems and methods include aggregating network access to tenant spaces distributed among multi-tenant structures with each multi-tenant structure having a network access configuration to access a network architecture. Embodiments of the present disclosure relate to identifying the network access configuration for the multi-tenant structure. The network access configuration provides the multi-tenant structure access to the network architecture so that each tenant space has access to the network architecture. Network access parameters are determined in real-time that each tenant space network device is to have access to execute as provided by a central network aggregation control system that determines the network access for each tenant space network device. The network access parameters regulate access that each tenant space network device has to the network architecture.

Abstract: Systems, methods, articles of manufacture for authentication of payment cards. A server may assign, in a database, an expected card identifier to a contactless card, the contactless card associated with an account. The server may receive, from a client device, a request comprising a uniform resource locator (URL), a parameter of the URL comprising a card identifier, wherein the URL is transmitted by the contactless card to the client device. The server may extract the card identifier from the URL and compare the extracted card identifier to the expected card identifier in the database. The server may determine, based on the comparison, that the extracted card identifier matches the expected card identifier. The server may authenticate the request based on the extracted card identifier matching the expected card identifier, and transmit, to the client device, an indication specifying that the request was authenticated.

Abstract: A location verification system and method of verifying a location of an entity are disclosed. The method includes receiving, using at least a processor, user data related to an entity, wherein the user data includes location data, generating, using the at least a processor, a user profile as a function of the user data, verifying, using the at least a processor, the location data of the user profile, receiving, using the at least a processor, a unique identifier of at least a location identifying component, wherein the unique identifier is associated with the location data of the user profile and verifying, using the at least a processor, a location of the entity by comparing geolocation data of a user device and the location data associated with the unique identifier.

Abstract: A method and system for detecting domain name system (DNS) recursive cyber-attacks are presented. The system includes learning a plurality of baselines of at least rates and rate invariants of DNS features; monitoring DNS traffic directed to and from a DNS resolver, wherein the DNS resolver is communicatively connected between at least one client and at least one name server; analyzing the monitored DNS traffic using at least one detection function to detect an anomaly based in part on at least one baseline of the plurality of learnt baselines; and upon detection of at least one anomaly, performing at least one mitigation action to filter out incoming DNS queries to a domain name under attack.

Abstract: Some examples relate generally to computer architecture software for information security and, in some more particular aspects, to machine learning based on changes in snapshot metadata for anomaly and ransomware detection in a file system.

Abstract: Examples of scheduled and on-demand volume encryption suspension are described. A management service can identify multi-volume encryption rules for local volumes of a client device including the operating system volume as well as non-operating-system volumes. The encryption rules can be transmitted to the client device. Volume encryption samples for the client device can be received, and a console user interface can be generated to indicate compliance status information for the multi-volume encryption rules for local volumes of a client device.

Abstract: Methods, computer-readable media, software, and apparatuses may calculate and inform a consumer of company privacy scores corresponding to companies with which the consumer has a corresponding account, or for a company associated with a web site that a consumer may visit. A consumer privacy score may also be determined, based on the company privacy scores. The company privacy scores may be based on a calculation including elements of a privacy practice of the corresponding company and elements of a privacy policy of the corresponding company.

Abstract: Methods and systems can protect information shown on a screen of a device. A user associated with the device can be authenticated, e.g., using photo identification of the user. In response to authenticating the user, data can be displayed on the device. A camera associated with the device can be automatically activated to take one or more images in response to a triggering event, a predetermined time interval, or randomly generated time intervals. An enhanced privacy environment is detected by analyzing the one or more images to identify that there are more than a threshold number of faces or people in the picture, or by identifying that the user is not in the picture based on a comparison of the picture to the photo identification of the user. In response to detecting the enhanced privacy environment, a privacy mode is enabled. The privacy mode can include various security measures such as concealing sensitive content or providing various security notifications.

Abstract: The present disclosure provides a system and a method of fileless malware detection, and the method of the fileless malware detection includes steps as follows. The execution of the writable section in the memory is intercepted; the executable code corresponding to the execution is extracted from the writable section; whether the executable code is malicious is analyzed.

Abstract: Various methods and systems are provided for autonomous orchestration of secrets renewal and distribution. A secrets management service (“SMS”) can be utilized to store, renew and distribute secrets in a distributed computing environment. The secrets are initially deployed, after which, SMS can automatically renew the secrets according to a specified rollover policy, and polling agents can fetch updates from SMS. In various embodiments, SMS can autonomously rollover client certificates for authentication of users who access a security critical service, autonomously rollover storage account keys, track delivery of updated secrets to secrets recipients, deliver secrets using a secure blob, and/or facilitate autonomous rollover using secrets staging. In some embodiments, a service is pinned to the path where the service's secrets are stored. In this manner, secrets can be automatically renewed without any manual orchestration and/or the need to redeploy services.

Abstract: Techniques for managing access control policies are described herein. According to one embodiment, access control policies (ACPs) and access control rules (ACRs) are downloaded from a management server to a network access device (NAD) over the Internet, where the network access device is one of a plurality of network access devices managed by the management server over the Internet. In response to a request from a network client device for entering a network, a device type of the network client device is detected and an ACP identifier is determined based on the device type using the ACRs An ACP is selected from the ACPs based on the ACP identifier and enforced against the network client device. At least the selected ACP is reported to the management server to distribute the selected ACP to other network access devices.

Abstract: A computing system includes a memory device, a persistent storage device, and a processor. The persistent storage device includes a filesystem having filesystem objects and a protection system stored thereon. The protection system includes a filesystem minifilter driver and a protection service. The minifilter driver intercepts an input/output (I/O) event directed to a target filesystem object and extracts system event metadata from the I/O event. The system event metadata includes an identifier of the target filesystem object. The system event metadata is transmitted to the protection service and recorded in a record file. A backup copy of the target filesystem object created. The I/O event is released after recordation of the system event metadata and creation of the backup copy, thereby enabling the I/O event to be performed on the target filesystem object. During a system restore operation, the target filesystem object is replaced with the backup copy.

Abstract: A system and method for securely defensing against a collusion attack under Internet of Vehicles (IoV) are provided. The present disclosure can repair a vulnerability, of a reputation system in the IoV, that the IOC attackers can manipulate a traffic-related message aggregation model (TMAM) by increasing their own reputation scores in an inside-and-outside collusion (IOC) manner. In addition, the present disclosure can detect IOC attacks quickly to improve the security of the IoV; can eliminate suspicious providers recursively and provide a reputation fluctuation association rule, to avoid overload of the TMAM; and can deprive IOC attackers of the opportunity to improve their reputation scores and ensure credible information in the IoV, to ensure the fairness and availability of the TMAM without the interference from the IOC attackers.

Abstract: Introduced here are approaches to authenticating unknown persons based on variations in the spatial properties and directionality of blood flow through vessels over time. At a high level, these approaches rely on monitoring vascular dynamics to recognize unknown persons. For example, an authentication platform may examine digital images of an anatomical region to establish how a property of the vasculature within the anatomical region changed as a result of deformation. Examples of properties include the position, size, volume, and pressure of vessels included in the vasculature, as well as the velocity and acceleration of blood flowing through the vasculature.

Abstract: Systems and methods provide techniques for illumination-based user authentication. In one embodiments, a method includes at least operations configured to receive a user authentication request for a computing device, and in response to receiving the user authentication request, cause a display device of the computing device to display a display pattern during a first time period; determine, based on image sensor data received from an image sensor device of the computing device, a responsive facial state during the first time period; determine a responsive correlation score for the display pattern and the responsive facial state, wherein the reflective correlation score is an estimated likelihood that that the responsive facial state indicates an authenticated end-user observing the display pattern; and determine whether to grant the user authentication request based on one or more authentication indicators, wherein the one or more authentication indicators comprise the responsive correlation score.

Abstract: Composite biometric authentication is provided to multiple users that share a financial account. The users can enroll the account for composite biometric authentication. The enrollment can include recording multiple biometrics of each user and storing them as a composite to use in authenticating user requests to authorize transactions involving the shared financial account. A unique combination of biometrics can be generated including a biometric of the multiple biometrics of each of the users and stored such that the unique combination must be provided to authenticate a future user request. To proceed with a transaction, a user of the multiple users initiates the transaction and provides their part of the unique combination. The other users provide their part of the unique combination by providing the specific biometric of the multiple biometrics they have previously provided. The transaction proceeds when all shares of the unique combination are provided and authenticated.

Abstract: Systems, methods, and computer-readable media are provided for an efficient roaming management method using a single association identifier token for associating with different access points. In one aspect of the present disclosure, a network controller includes memory having computer-readable instructions stored therein and one or more processors. The one or more processors are configured to execute the computer-readable instructions to receive a request from an endpoint to connect to a first access point; generate association identification token (e.g., PMK and PMKID) for the endpoint to connect to the first access point; and distribute the association identification token to a second access point prior to the endpoint attempting to connect to the second access point, the association identification token being used by the second access point to validate a subsequent request by the endpoint to connect to the second access point.

Abstract: Systems and techniques for an adaptive authentication system are described herein. In an example, an adaptive authentication system is adapted to receive a request at a first entity from a second entity for secure data of a user, where the second entity is remote from the first entity. The adaptive authentication system may be further adapted to transmit a prompt to a user device associated with the user for authentication of the user and authentication of the request. The adaptive authentication system may be further adapted to receive a response to the prompt and authenticate the user and the request based on the response. The adaptive authentication system may be further adapted to transmit the secure data of the user to the second entity.

Abstract: Network equipment (16A) is configured for use in a wireless communication network. The network equipment (16A) is configured to detect one or more conditions under which non-access stratum (NAS) keys (26A) that protect NAS communication between the network equipment (16A) and a wireless device (12) are to be refreshed. Responsive to detecting the one or more conditions, the network equipment (16A) is configured to derive, from a base key (24A) on which the NAS keys (26A) were derived, a new base key (24B) on which fresh NAS keys (26B) are to be derived. The network equipment (16A) is also configured to activate the new base key (24B).

Abstract: A database platform receives an object identifier from a client in association with a database session. The client is associated with a customer account of the database platform, and the database session is associated with the client. The customer account includes multiple disjoint account-level namespaces, each of which represents a distinct context for resolution of object identifiers, such that matching object identifiers in different account-level namespaces in the customer account do not collide with respect to object-identifier resolution. The database platform determines that the object identifier does not specify an account-level namespace, and responsively resolves the object identifier with reference to a current account-level namespace of the database session by identifying an object corresponding to the object identifier in the customer account.