Abstract: Embodiments presented herein describe a method for processing streams of data of one or more networked computer systems. According to one embodiment of the present disclosure, an ordered stream of normalized vectors corresponding to information security data obtained from one or more sensors monitoring a computer network is received. A neuro-linguistic model of the information security data is generated by clustering the ordered stream of vectors and assigning a letter to each cluster, outputting an ordered sequence of letters based on a mapping of the ordered stream of normalized vectors to the clusters, building a dictionary of words from of the ordered output of letters, outputting an ordered stream of words based on the ordered output of letters, and generating a plurality of phrases based on the ordered output of words.

Abstract: Systems and methods for leveraging smart glasses for identifying vulnerabilities in application source code is provided. The smart glasses may be configured to scan the code from a user interface (“UI”) linked to an internal development platform and project the scanned code on a display of the smart glasses. Using deep learning, the smart glasses may be enabled to identify one or more vulnerabilities within the scanned application source code. The smart glasses may link a vulnerability classification code for each identified vulnerability. The smart glasses may generate a vulnerability report file including the scanned application source code, each identified vulnerability and its linked vulnerability classification code and transfer the vulnerability report file to a source code repository within the internal development platform. The scanned application source code may be matched to the original application source code and further separate the marched original application source code for assessment.

Abstract: Fairness and output authenticity for secure distributed machine learning is provided by way of an encrypted output of a garbled circuit which is simultaneously provided to a garbler and an evaluator by an output discloser. Related systems, methods and articles of manufacture are also disclosed.

Abstract: A system and method detects and handles replay attacks using counters maintained for each of several different periods for various values of IP addresses and browser description attributes encountered.

Abstract: A method for storing a file containing personal data comprises obtaining a temporary anonymous identifier (AnonID.m) of a person, which temporary anonymous identifier (AnonID.m) is dependent on a token (FileID.m) of the file; extracting personal data items from the file associated with the person; for each personal data item, generating a locator (Loc.m.n), which allows the personal data item to be reinstated into the file, and an item-specific anonymous identifier (AnonID.m.n) of the person, wherein the item-specific anonymous identifier is generated by applying a predefined one-way function to a combination of the temporary anonymous identifier (AnonID.m) and an identifier (n) of the personal data item; storing each personal data item together with the locator and the item-specific anonymous identifier in a first memory; and storing an anonymized version of the file without the personal data items in a second memory.

Abstract: A method comprising: receiving raw data related to one or more network nodes, wherein dissimilar data types are aligned as input events; filtering one or more of the input events by using an adjustable threshold that is based on a filtering score, wherein the filtering score is an estimate of the likelihood that the input event is followed by a security related detection; processing only input events passed through the filtering by an enrichment process; and analysing the data received from the enrichment process for generating a security related decision.

Abstract: A privacy-enhancing system, method, and non-transitory computer-readable medium for securely identifying an individual over time without retaining sensitive biometric data. In one embodiment, the system includes a local identity server including an electronic processor, a communication interface, and a memory. The electronic processor is configured to initiate a personalization of a partner-specific identification vehicle that identifies the individual based at least in part on an individual global unique identifier associated with the individual, receive a request for a service from the individual via the communication interface, receive consent and registration information from the individual via the communication interface, generate an identity confirmation that confirms an identity of the individual, and output the identity confirmation via the communication interface.

Abstract: The present document relates to an electronic device, a method for providing personal information using same, and a computer-readable recording medium for recording same, wherein the electronic device may include a communication circuit, a storage, a display, and a processor. According to various embodiments, the processor may be configured to generate a smart contract comprising information on categories of personal information to be provided to an external user, information about the external user, and information about a de-identification level of the personal information to be provided; transfer the smart contract to a block chain; receive a request for provision of personal information from the block chain; process personal information of a user on the basis of the smart contract; and transfer the processed personal information to the block chain. Other various embodiments are possible.

Abstract: An information processing device includes: a processor; and a memory including at least one set of instructions that, when executed by the processor, causes the processor to perform operations. The operations include: obtaining incident information about an incident of a cyberattack that occurred in a vehicle; obtaining first vehicle information about a state of a first vehicle; storing, in the memory, the incident information and the first vehicle information; determining a risk level of a vehicle function of the first vehicle, based on a degree of matching between the incident information and the first vehicle information stored in the memory, the vehicle function of the first vehicle being one among one or more vehicle functions of the first vehicle; generating a function restriction command for restricting the vehicle function, when the risk level is higher than a first criterion; and outputting the function restriction command.

Abstract: A method for transmitting data in a computer network is provided, which comprises, at a first node of the network: receiving a computing puzzle from a puzzle server node of the network distinct from the first node; determining a solution to the puzzle for transmitting a message to a second node of the network distinct from the puzzle server node; and transmitting data to the second node, wherein the transmitted data comprises a message and the determined solution to the puzzle.

Abstract: The present invention discloses system and method to perform automated red teaming in organizational network replacing conventional orchestration and playbooks. The method includes obtaining input data and exit criterion for an organization from data sources. Further, the method includes determining attack surface associated with the organization based on the obtained input data and the exit criterion. The method includes identifying attack frontiers for the attack surfaces. Further, the method includes prioritizing the attack frontiers. Additionally, the method includes simulating the attack frontiers at the attack surfaces based on the prioritization. Moreover, the method includes determining attack paths associated with the attack surface based on results of simulation. Also, the method includes learning attack patterns associated with the attack paths based on the results of execution.

Abstract: A system and method for objective quantification and mitigation of privacy-risk of a dataset is disclosed.

Abstract: An analysis execution part 11 that, in response to a request for an analysis on a predetermined subject utilizing pieces of personal information 35, generates a first analysis result based on a plurality of pieces of personal information 35 associated with an item necessary for performing the analysis, and anonymizes the plurality of pieces of personal information 35 and generates a second analysis result for the request for the analysis based on the anonymized pieces of information, and an analysis result evaluation part 12 that generates information on a difference between the generated first analysis result and the generated second analysis result are provided.

Abstract: Systems and methods for determining and displaying comparative platform-specific security vulnerabilities with respect to cloud-based computing platforms are disclosed. To compare platform-specific security vulnerabilities of cloud-based computing platforms, the system detects a user interaction at a webpage for a network operation. The system then determines a first set of computing aspects associated with a set of cloud-based computing platforms using response data received from a processing of the network operation. The system then identifies a second set of computing aspects associated with a comparative cloud-based computing system platform and determines an overall-computing aspect impact level for associated computing aspects of the second set of computing aspects.

Abstract: Systems and methodologies for generating a bridge file linking a subject identifier (Subject ID) (or a tokenized subject identifier), used to anonymize a subject in a trial, to tokenized personal identification information (PII), used to de-identify other data for the subject, without revealing the link between the subject identifier (subject ID) and the personal identifying information (PII) for the subject. The bridge file can then be used to link trial data for the subject anonymized with a subject ID to other data for the subject de-identified with tokenized PII.

Abstract: The technology disclosed works in real time, as base and subordinate HTTP URL requests are received, to attribute subordinate HTTP URL requests to base web pages. The main case uses the “referer” or “referrer” HTTP header field for attribution, directly and through a referer hierarchy to the base web page. A second case, which minimizes false generation of base web page log entries, involves small files, such as cascading style sheets (CSS) files, that often have a blank or no referer field. The technology disclosed applies equivalently to hypertext transfer protocol secure (HTTPS) data (e.g., HTTPS transactions, requests, and/or events).

Abstract: The disclosure provides an approach for detecting and preventing attacks in a network. Embodiments include receiving network traffic statistics of a system. Embodiments include determining a set of features of the system based on the network traffic statistics. Embodiments include inputting the set of features to a classification model that has been trained using historical features associated with labels indicating whether the historical features correspond to attacks. Embodiments include receiving, as output from the classification model, an indication of whether the system is a target of an attack. Embodiments include receiving additional statistics related to the system. Embodiments include analyzing, in response to the indication that the system is the target of the attack, the additional statistics to identify a source of the attack. Embodiments include performing an action to prevent the attack based on the source of the attack.

Abstract: An approach is provided for probe trajectory anonymization using based on a negative gap. The approach involves, for example, receiving a probe trajectory generated from at least one sensor of a probe device. The approach also involves processing the probe trajectory to segment the probe trajectory into a first subtrajectory and a second subtrajectory based on a negative gap between the first subtrajectory and the second subtrajectory. The negative gap specifies an amount of overlap between the end of the first subtrajectory and the beginning of the second subtrajectory. The approach further involves assigning a first pseudonym (e.g., a first new probe identifier) to the first subtrajectory, and a second pseudonym (e.g., a second new probe identifier) to the second subtrajectory. The approach then involves providing the first subtrajectory and the second subtrajectory as a trajectory anonymization output.

Abstract: In accordance with some aspects of the present disclosure, an apparatus is disclosed. In some embodiments, the apparatus includes a processor and a memory. In some embodiments, the memory includes programmed instructions that, when executed by the processor, cause the apparatus to receive a request from a client; determine family of metrics; schedule the request based on the family of metrics; and in response to satisfying one or more scheduling criteria, send the request to a backend server.

Abstract: A cybersecurity system is provided for automated cybersecurity insights, remediation recommendations, and service provisioning. The cybersecurity system can generate threat insights and/or generate remediation recommendations using machine learning models and cybersecurity data obtained from target networks, partners, and the like. To provision cybersecurity services, cybersecurity system may collect metadata regarding the network connections and use cases desired for one or more services. Once the metadata has been collected, the cybersecurity assessment system automatically provisions the selected services based on the provided data, such as duration of time elected, service metrics, and the like.