Abstract: Technologies for distributed detection of security anomalies include a computing device to establish a trusted relationship with a security server. The computing device reads one or more packets of at least one of an inter-virtual network function network or an inter-virtual network function component network in response to establishing the trusted relationship and performs a security threat assessment of the one or more packets. The computing device transmits the security threat assessment to the security server.

Abstract: Provided is a cryptographic communication system including a first semiconductor device and a second semiconductor device. The first semiconductor device includes a common key generation unit that generates a common key CK(a) by using a unique code UC(a) and correction data CD(a), and an encryption unit that encrypts the common key CK(a) generated in the common key generation unit by using a public key PK(b) of the second semiconductor device. The second semiconductor device includes a secret key generation unit that generates a secret key SK(b) by using a unique code UC(b) and correction data CD(b), and a decryption unit that decrypts the common key CK(a) encrypted in the encryption unit by using the secret key SK(b).

Abstract: Exemplary methods, apparatuses, and systems perform a secure socket layer (SSL) protocol initialization and maintenance on behalf of a virtual machine (VM). When a secure virtual machine (SVM) receives a data packet sent by an application running on a VM, the SVM transmits a request message to the VM to enable the VM to perform a handshake with a destination computer to initiate an encrypted session between the VM and the computer. Once the encrypted session is active, the SVM encrypts the data packet, and transmits the encrypted data packet to the VM to perform the transmission of the encrypted data packet to the destination server.

Abstract: The disclosure relates to processing content with watermarks to generate watermarked versions. In some aspects, each version may be different. Groups of fragments may be combined to generate a unique stream by pulling fragments from two or more of the groups of fragments. Further, fragmenting may be performed before watermarking, and fragments may be pulled and watermarked upon request.

Abstract: Disclosed herein are representative embodiments of methods, apparatus, and systems for improving the functioning of IT assets in an IT infrastructure. The embodiments help secure and protect against outside cybersecurity attacks on IT assets and infrastructures, such as internet-centric attacks. Particular embodiments comprise detecting exploitable vulnerabilities of IT assets of an IT infrastructure, using the observed vulnerability data together with collected event log data to determine whether a respective vulnerability has actually been exploited for an asset, integrating change audit data and third-party threat data with the vulnerability data for exploited vulnerabilities, generating user interfaces/reports that display selected aspects of the integrated data, and/or modifying the asset to address the exploited vulnerability in response.

Abstract: This method makes it possible to validate an update file of at least one set of computer data of a piece of avionics equipment of an aircraft. The processing method is implemented within a processing system comprising a mobile terminal independent of the aircraft, an update unit integrated into the aircraft, and a database separate from the aircraft and the mobile terminal, and comprises obtaining a computed message digest, the computed message digest resulting from the application, by the update unit, of a cryptographic hash function to the update file, obtaining a reference message digest, the reference message digest being acquired by the mobile terminal by secure access to a database comprising the reference message digest, and processing the update file based on a comparison of the computed message digest with the reference message digest.

Abstract: Systems and method are provided in accordance with one or more processes that run within an operating system, in which a first process of the one or more processes is an agent that encodes instructions for obtaining an authentication token uniquely associated with the agent. The agent collects security information about a first computer system running the one or more processes according to one or more commands received from a remote security system. The collected information is transmitted to the remote security system on an encrypted communication channel between the agent and the remote security system using the authentication token. Executable instructions are received through the encrypted communication channel at the first computer from the remote server according to a security policy assigned to the agent. The received executable instructions are executed at the first computer system, thereby implementing the assigned security policy.

Abstract: There are provided apparatuses and methods for providing user information stored at an access network to a content provider, the access network for providing a user device with access to the internet, the user information relating to a user of an application module stored on the user device, the user device for requesting and receiving content from a said content provider. A request for an identifier for the user device to use when requesting content from a content provider is received at an access network, which generates and transmits an identifier to the user device. A request from the content provider for user information is received at the access network, the request comprising the generated identifier. The access network obtains user information based on the identifier and transmits, to the content provider, the obtained user information.

Abstract: Computer systems and methods are provided for distributing a data bookmark. An interface of a device that is secured in a private network receives a scope definition. The scope definition includes information that defines a scope of access to data that corresponds to data stored by one or more databases that are secured in the private network. A pointer is generated for the data bookmark. The data bookmark is generated using the pointer and the scope definition. A device that is secured in the private network stores the generated data bookmark. Information about the data bookmark, including the pointer for the data bookmark, is transmitted to at least one remote device at a remote location that is outside of the private network.

Abstract: Systems, computer products, and methods are described herein for an improved secure certificate system for identifying potential authorized and unauthorized interactions between a web browser and a website. The certificate system utilizes stored certification requirements (e.g., pinned certification requirements, third-party certification requirement system, or the like), and compares the stored certification requirements with received certification requirements. The system may notify the user or prevent the interaction between the web browser and website when the stored certification requirements do not meet the received certification requirements (e.g., a threshold requirement of certificates to validate, validated certificates, or the like). The certificate system allows the interaction between the web browser and website when the stored certification requirements meet the received certification requirements and the website is verified based on the certification requirements.

Abstract: An SSH module is executed as part of a host computing machine, where code for an secure shell (SSH) agent is integrated with code of the SSH module. Incoming and outgoing host computing machine transactions are collected using the SSH agent which transmits the collected host computing machine transactions to an SSH context agent external to the SSH module. The collected host machine transactions are transmitted to a monitoring server for anomalous transaction detection. The monitoring server returns instructions to perform an action based on an anomalous transaction detection.

Abstract: A test method of a circuit, comprising, acquiring value sets including values of a physical quantity or of logic signals, linked to the activity of a circuit to be tested when the circuit executes an operation of an operation set of distinct cryptographic operations applied to a same secret data, selecting at least two subsets of values in each value set, for each value set and each value subset, counting occurrence numbers of values of the subset, for each value set, forming all possible n-tuples associating together one of the occurrence numbers of each value subset of the value set, and computing a combined occurrence number for each n-tuple of the value set, to form an occurrence number set for the value set, and analyzing the occurrence number sets to determine the part of the secret data.

Abstract: Disclosed are various embodiments for facilitating collaboration among users for network-shared documents. A computing environment can identify that a first identifier and a second identifier were used in a communication regarding a network-shared file being accessible on various client devices. A suitable task to perform in association with at least one of the one or more client devices can be identified from the first identifier and a second identifier. The task can be performed, for instance, to control access to the network-shared file.

Abstract: An approach is described for securely and automatically handling credentials when used for accessing endpoints, and/or applications and resources on the endpoints. The approach involves selecting and injecting credentials at an endpoint by an accessor to log into the endpoint, running applications, or gaining access to resources on the endpoint, without full credential information traversing the accessor's machine.

Abstract: Devices, systems, and methods to detect malware, particularly an overlay malware that generates a fake, always-on-top, masking layer or an overlay component that attempts to steal passwords or other user credentials. A defensive module protects a victim application, particularly of an electronic device having a touch-screen. The defensive module generates a transparent or invisible always-on-top layer of its own; and periodically injects automatically-generated non-human tap events or touch-gesture events, and checks whether the injected events are indeed received, in order to determine whether an overlay malware is active.

Abstract: According to an implementation of the disclosure, a computing device may record substantially all the network traffic being transported over a first node of a network over a period of time. The computing device may receive an authenticated request from a forensics system that includes access criteria. The first computing device may determine a relevant encrypted and unencrypted portion of the network traffic based on the access criteria. Based on unencrypted portion, the computing device may recalculate an encryption key applicable to the encrypted portion. The computing device may then replicate the relevant portion and the encryption key to the forensics system for forensic analysis.

Abstract: A method is provided in which a network access system receives an initial request from a device requesting access to the network. In response to successfully authenticating the initial access request, the system causes a code to be transmitted in light emitted by one or more light fixtures within a physical space in which access to the network is to be restricted. The system receives information from the device requesting access to the network and determines whether to permit the device access to the network based on the initial request and on whether the received information is derived from the code transmitted by the one or more light fixtures, thereby indicating that the requesting device is within the physical space.

Abstract: Apparatus and methods for providing content to packet-enabled devices in a content distribution network. In one embodiment, a network architecture is disclosed which enables delivery of content to IP-enabled devices such as mobile smartphones and tablet computers using a traditional high-speed data connection. This capability allows the managed network operator to provide content services to an IP-enabled device associated with a non-data subscriber. In one variant, a cable modem is provided which is limited to only retrieve content for delivery to the devices, yet which performs no other functions/services (including provision of high-speed data services). Alternatively, a “media server” modem is utilized to enable delivery of content from the managed network to a client or user device which is also able to obtain high-speed data service from a non-managed or third party managed network via a third-party access point. Security and authentication mechanisms for the transmitted content are also disclosed.

Abstract: Certain implementations include systems and methods for combined one-time-passcode (OTP) and knowledge-based-authentication (KBA) identity authentication.

Abstract: According to an example, a performance of a predetermined action with regard to a data may be prevented. In the method, a first system call pertaining to the data may be intercepted and suspended. A determination may be made as to whether a second system call that is to be executed following execution of the first system call will result in performance of a predetermined action with regard to the data. In addition, an operation may be implemented on the first system call to prevent the performance of the predetermined action with regard to the data.