Abstract: A method of detecting and responding to an email address harvest attack at an Internet Service Provider (ISP) email system includes counting a number of failed email address look-ups during a single Simple Mail Transfer Protocol (SMTP) session associated with an originating Internet Protocol (IP) address and responding to the originating IP address with a positive acknowledgement that an otherwise invalid email address exists when the count of the number of failed email address look-ups exceeds a threshold.

Abstract: Computer program products and arrangements to process digital data are contemplated. The digital data may contain values, representing quantities of a wave form over regions. Embodiments include transformations, code, state machines or other logic to process digital data by dividing one of the regions, where one of the values represents a quantity of a wave form over the region. The embodiments may include assigning a value to each of the subregions. The average of the values of the subregions, weighted by the measures of the subregions, may approximately equal the value of the region. The regions may comprise pixels and the values of the pixels may represent the intensity of light waves over the pixels. The embodiments may include the processing of digital data in cameras, televisions, audio players, seismic devices, and medical imaging devices. The subdivision of regions and the assignment of value to the subregions may utilize derivative migration.

Abstract: The invention relates to a security border node (2a) for protecting a packet-based network from attacks, comprising: an anomaly detection unit (10) for performing an anomaly detection, in particular a statistical analysis, on session control messages (11), in particular on SIP messages contained in a packet stream (5) received in the security border node (2a). The security border node further comprises a message context provisioning unit (13) for providing at least one session control message (11) to the anomaly detection unit (10) together with message context information (12, 17, 24) related to a client (22) and/or to a session (23) to which the session control message (11, 11a to 11f) is attributed. The invention also relates to a method for protecting a packet-based network from attacks, to a computer program product, and to a packet-based network.

Abstract: A method of encrypting a plain text message that is m characters in length is described. A one off random key having a length of m characters is generated. The random key uses a character set and modulus that is compatible with the plain text message. A first substitution encryption of the plain text message is performed using the generated random key. A string of random fill characters that is f characters in length, f being a number between zero and infinity is generated. The generated random key and the string of random fill characters is concatenated to the encrypted plain text message to generate an encrypted message string. The encrypted message string has a length 2m+f. The encrypted message string is transmitted to a receiver.

Abstract: At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.

Abstract: A callback component embedded on a web site determines a current location of the web site. The current location is compared to a known legitimate location of the web site to determine if the web site has been copied to a different host location. Responsive to determining that the web site has been copied to a different location, the callback component alerts a central authority that the web site may be a fraudulent web site set up to launch phishing attacks. If the central authority determines that the web site is fraudulent, the central authority alerts appropriate entities to take down the fraudulent web site. The callback component generates a visual component viewable on the web site to deter phishing attackers from removing the callback component when the web site is copied.

Abstract: A motion estimation method, medium, and system with fast motion estimation. The motion estimation method includes comparing a cost indicating a difference between a current block of a current image and a block of a reference image specified by a starting point with a predetermined threshold and selectively searching for the best matching block of the current block from the starting point according to the comparison result.

Abstract: A server in a home domain for managing the authentication of clients that are subscribers of the home domain, but are attached to a visited domain. Based on knowledge of the type of security being used in an access network of the visited domain, the server determines whether a given client is to be authenticated by the visited domain or the home domain. The server then signals the result to the visited domain.

Abstract: Systems for encoding and reading RFID tags on a collection of items are shown. One embodiment of the invention includes a plurality of items, where each item possesses an item identifier string, and a plurality of RFID tags, where an RFID tag is affixed to each of the items and each RFID tag is encoded with a code word element generated using at least all of the item identifier strings. In many embodiments, the collection is a plurality of goods contained within a case, pallet, container or storage area.

Abstract: A method and communications system for generating and using compact digital certificates for secure wireless communication. Each compact certificate includes a digital signature and only a portion of the data used in generating the signature. The remaining certificate data is pre-stored on one or more wireless devices for which secure communication is desired. Upon receiving a compact certificate, the wireless device authenticates the certificate using its digital signature along with both the data contained in the certificate and the data pre-stored on the wireless device. This approach permits secure connections to be established between wireless devices using relatively small digital certificates.

Abstract: Operating parameters of one or more software appliances may be set at a configuration manager. Compliance of the one or more software appliances with license terms may be maintained at a license manager. Communications may be executed between the license manager and the configuration manager to maintain compliance of the operating parameters with the license terms. A user interface may be provided for administration of the one or more software appliances therewith, the administration including deployment of the one or more software appliances, the license manager, the configuration manager, and a deployment manager within a system landscape. Communication may be executed between the license manager and the deployment manager to maintain compliance of the administration of the one or more software appliances with the license terms. Communication may be executed between the deployment manager and the configuration manager to manage the deployment relative to the operating parameters.

Abstract: A system and method are provided for allocating wireless channels in a base station processor to messages sent between a subscriber and the base station processor in a wireless network. A latency period is determined corresponding to a return message to be received from a responsive node in response to an outgoing message sent from a sender via the base station processor. A latency manager in the base station processor computes the latency period and stores the latency period in an allocation table. A scheduler schedules a channel to be available at the end of the latency period indicated in the allocation table. At the end of the latency period, the return message is received and the scheduler allocates a channel as defined in the allocation table. The scheduled channel is used to transmit the message to or from the corresponding subscriber.

Abstract: Disclosed are various systems, methods, and other embodiments for the control of access to a mass storage system. In one example, a plurality of buckets are maintained in mass storage system, each of the buckets being employed to store at least one data file. In a server, a use of the buckets by a plurality of entities that use a plurality of clients is facilitated for the storage of a plurality of files over a public network. The use of one of the buckets by the one of the entities is restricted to a namespace.

Abstract: A secure communication system wherein message decryption may be performed while off-line, or optionally while on-line. A sender encrypts a message based on the message key and sends it to the recipient. An envelope containing a message key is created by encrypting the message key based on a verifier, where the verifier is based on a secret of the recipient. The recipient is provided the envelope, along with the message or separately, from the sender or from another party, contemporaneous with receipt of the message or otherwise. The recipient can then open the envelope while off-line, based on their secret, and retrieve the message key from the envelope to decrypt the message. In the event the recipient cannot open the envelope, optional on-line access permits obtaining assistance that may include obtaining an alternate envelope that the recipient can open.

Abstract: The present invention provides a system and method for introducing white noises into a digital audio signal so that there is progressive and cumulative degradation in audio quality after each successive reproduction of the audio sound signal in a fashion analogous to analog audio reproduction. The invention provides a white noise generator, and a digital entroping unit. In a preferred embodiment, the white noise generator is implemented by a hardware random number generator. The digital entroping unit controls the magnitude of white noise desired based on a random number generated by the random number generator, and adds the white noise to the input audio sound signal to produce a degraded audio sound signal. The magnitude of white noise can be controlled by using various masking and formatting of random number data.

Abstract: An anti-virus system for enforcing a virus monitoring and scanning process, the anti-virus and firewall system comprises a master CPU card, a plurality of slave CPU cards and a programmable logic. The master CPU card is used for controlling the virus monitoring and scanning process and dividing the virus monitoring and scanning process into a plurality of sub-processes. The plurality of slave CPU cards are controlled by the master CPU card in a software level and a hardware level, each of the plurality of slave CPU cards receives and processes one of the plurality of sub-processes then sends back to the master CPU card. The programmable logic controlled by the master CPU card for monitoring and controlling said plurality of slave CPU cards at a hardware level.

Abstract: Computer-implemented system and methods for authenticating the identity of a person, for example a customer (1) of an E-Commerce web site (15). The web site or other verification “client” (110) contacts a verification engine (10, 100) (“Authentex”), which may be implemented as a web server (604). The verification engine (10), in turn, has limited access to a plurality of independent, third-party secure databases (21, 112) which are maintained by Trusted Validators (3, 610, 620, etc), which are entities such as banks that have a pre-existing relationship with customer (FIG. 4), and due to that relationship, acquire and maintain “out-of-wallet” data (4) that may be useful to authenticate the identity of the customer. That confidential customer data—held by the third-party “Trusted Validators”—is not disclosed.

Abstract: A signature is identified in association with an entity at a client. A reputation score associated with the entity is identified, the reputation score indicating a likelihood that the entity will compromise the client. Whether the signature detection event is a false positive signature detection event is evaluated based on the reputation score and reported.

Abstract: The following subject matter provides a computer-implemented method and system for calculation of cost-effectiveness of countermeasures in mitigating the threats on a system through calculating risk of threats. The calculation is run on a model of assets, threats, vulnerabilities and countermeasures and enables the production of easy to understand reports and action item lists showing the financial value of threat risks and countermeasures priorities and cost-effectiveness.

Abstract: A computer includes a portable environment including a portable file system located on a removable storage device, the portable environment using virtualization in a host operating system. A path translation module translates a virtualized path of a file in the portable file system to an actual path of the file. The virtualized path is the path in the context of a portable user application running in the portable environment, and the actual path is the path in the context of the host operating system. A malware detection module executing directly under the host operating system determines whether the file contains malware using the actual path of the file and takes remedial actions if malware is detected.