Abstract: Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an SDN controller of the dynamic virtualized network. The network policy includes network policy elements which each identify (i) an authorized endpoint, (ii) a network access device, and (iii) a port of the network access device with which the authorized endpoint is associated. A security policy for the dynamic virtualized network is generated based on the network policy, by, for each network access device, creating a set of appropriate security measures for the network access device. Each security measure specifies how network traffic in the dynamic virtualized network is to be processed by a port of the network access device. Finally, the security policy is applied to each affected network access device.

Abstract: Disclosed are various embodiments for providing limited versions of applications. A limited version of an application is automatically generated from a full version of the application. The limited version has a smaller data size than the full version. The limited version of the application is sent to the client computing device in response to a request for a trial of the application.

Abstract: Methods, systems, and computer readable media for detecting a compromised computing host are disclosed. According to one method, the method includes receiving one or more domain name system (DNS) non-existent domain (NX) messages associated with a computing host. The method also includes determining, using a host score associated with one or more unique DNS zones or domain names included in the one or more DNS NX messages, whether the computing host is compromised. The method further includes performing, in response to determining that the computing host is compromised, a mitigation action.

Abstract: The present principles are directed to identifying and classifying web traffic inside encrypted network tunnels. A method includes analyzing network traffic of unencrypted data packets to detect packet traffic, timing, and size patterns. The detected packet, timing, and size traffic patterns are correlated to at least a packet destination and a packet source of the unencrypted data packets to create at least one of a training corpus and a model built from the training corpus. The at least one of the corpus and model is stored in a memory device. Packet traffic, timing, and size patterns of encrypted data packets are observed. The observed packet traffic, timing, and size patterns of the encrypted data packets are compared to at least one of the training corpus and the model to classify the encrypted data packets with respect to at least one of a predicted network host and predicted path information.

Abstract: Techniques to enforce policies with respect to managed files and/or endpoints are disclosed. A policy to be applied with respect to one or more files included in a synchronization set and/or an endpoint associated with the synchronization set is received. Compliance with the policy is ensured across a plurality of heterogeneous endpoints associated with the synchronization set.

Abstract: Methods and apparatus to securely share data are disclosed. An example includes retrieving, by executing an instruction with a processor at a first computing device associated with a first user of a cloud service, an encrypted archive file and a wrapped encryption key from a second computing device associated with a second user of the cloud service, the wrapped encryption key wrapped with key data associated with the first user of the cloud service at the second computing device, unwrapping the wrapped encryption key with the key data to obtain an unwrapped encryption key, and decrypting the encrypted archive file with the unwrapped encryption key to obtain a decrypted archive file.

Abstract: An example computer implemented method to create an authenticated server view includes sending a client secret to an online-synchronized content management system and receiving an authentication key. The example method can then include generating a server view of the online-synchronized content management system using instantiation data. The instantiation data can include a resource address and the authentication key. The server view can be configured to request server elements from the online-synchronized content management system using the instantiation data and render the server elements.

Abstract: Communications over short-range connections are used to facilitate whether access to resources is to be granted. For example, upon device discovery of one of an electronic user device and an electronic client device by the other device over a Bluetooth Low Energy connection, an access-enabling code associated with a user device or account can be evaluated for validity and applicability with respect to one or more particular resource specifications. User identity can be verified by comparing the user against previously obtained biometric information.

Abstract: Techniques for mitigating the transitive data problem using a secure asset manager are provided. These techniques include generating a secure asset manager compliant application by tagging source code for the application with a data tag to indicate that a data element associated with the source code is a sensitive data element, accessing a policy file comprising transitive rules associated with the sensitive data element, and generating one or more object files for the application from the source code. These techniques also include storing a sensitive data element in a secure memory region managed by a secure asset manager, and managing the sensitive data element according to a policy associated with the sensitive data element by an application from which the sensitive data element originates, the policy defining transitive rules associated with the sensitive data element.

Abstract: Secure and remote operation of a remote computer from a local computer over a network includes authenticating a remote computer for connection to a computer over the network and/or a local computer for connection to a remote computer over the network; establishing a secure connection therebetween; and integrating a desktop of a remote computer on a display of a local computer. Functions that are performed may include one or more of: integrating a file structure of accessible files accessed at the second or first computer, into a file structure contained at the first or second computer, respectively; at least one of integrating a desktop of the second computer on a display of the first computer and integrating a desktop of the first computer on a display of the second computer; and directly operating the second computer from the first computer or the first computer from the second computer.

Abstract: Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an SDN controller of the dynamic virtualized network. The network policy includes network policy elements which each identify (i) an authorized endpoint, (ii) a network access device, and (iii) a port of the network access device with which the authorized endpoint is associated. A test network access device is selected from which test traffic is to be injected into the dynamic virtualized network. The test network access device is caused to inject the test traffic into the dynamic virtualized network. One or more errors in connection with handling of the test traffic by the dynamic virtualized network are identified by comparing a predicted result with the actual result of injection of the test traffic.

Abstract: A method for digital content protection comprises generating a plurality of frame keys, retrieving a plurality of frames from digital content, and at least one of encrypting and decrypting the digital content with a different frame key that dynamically changes for each frame of the plurality of frames. A storage device comprises a computer-readable medium including encrypted digital content stored thereon, wherein the encrypted digital content is encrypted with a frame key that is different for each frame of the encrypted digital content. A content player comprises a computer-readable medium including instructions stored thereon, that when executed cause a processor to decrypt encrypted digital content by reconstructing a plurality of frame keys that are different from each other that are used to decrypt each frame of the encrypted digital content.

Abstract: Methods and apparatus for controlling data permission are disclosed herein, and embodiments include generating a relational database that includes entity objects, corresponding user identifications and obligatory relationships of corresponding permission information. The obligatory relationships include time interval information. Some methods further include receiving a request to access an entity object, and the access request comprises identification of an accessing user and an accessing timestamp. The method further includes rendering the permission information of the corresponding entity object if the identification of the accessing user is substantially similar to the corresponding identification of the entity object and the accessing timestamp is within the time interval in response to the accessing request.

Abstract: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.

Abstract: A smart tag and methods of interacting with and authenticating interactions with the same are provided. The smart tag (308) is enabled to generate a Tag Authentication Cryptogram (TAC) and include the TAC in response (S303) to a read request (S301). Accordingly, each response generated by the smart tag (308) will include a different TAC. It follows that interactions between the smart tag (308) and a reading device (304) can be authenticated as unique interactions if the TAC is validated as a unique and correct TAC.

Abstract: A method, system and computer-usable medium are disclosed for performing a device time accumulation operation. With a device time accumulation operation systems within a security intelligence platform which accumulate events within the IT environment associate an event ingest time with the event. When the events are provided for analysis, the device time accumulation operation analyzes the ingest times as well as the emit time to take into account historical time data associated with the accumulated events.

Abstract: A computer-implemented method for protecting files from malicious encryption attempts may include (1) detecting an attempt to alter a file, (2) identifying at least one characteristic of the attempt to alter the file, (3) determining, based on the characteristic of the attempt to alter the file, that the attempt to alter the file represents a malicious attempt by a third party to encrypt the file, and (4) performing a security action in response to determining that the attempt to alter the file represents a malicious attempt by the third party to encrypt the file. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Systems and methods for selective authorization of code modules are provided. According to one embodiment, a kernel mode driver monitors events occurring within a file system or an operating system. Responsive to observation of a trigger event performed by or initiated by an active process, in which the active process corresponds to a first code module within the file system and the event relates to a second code module within the file system, performing or bypassing a real-time authentication process on the second code module with reference to a multi-level whitelist database architecture. The active process is allowed to load the second code module into memory when the real-time authentication process is bypassed or when it is performed and results in an affirmative determination.

Abstract: Detection of abnormalities in multi-dimensional data is performed by processing the multi-dimensional data to obtain a reduced dimension embedding matrix, using the reduced dimension embedding matrix to form a lower dimension (of at least 2D) embedded space, applying an out-of-sample extension procedure in the embedded space to compute coordinates of a newly arrived data point and using the computed coordinates of the newly arrived data point and Euclidean distances to determine whether the newly arrived data point is normal or abnormal.

Abstract: A message access layer frame and an implementation method thereof are provided, relating to a technical field of software. After initiating a system, a controller parses a configuration file, initiates a database access service unit and initializes and initiates other components. After an application front end sends a request, a receiver receives the request of the application front end, translates the request into data in a consistent format and sends the data in the consistent format to a next handling module. An account password checker and a session processor, serving as main information handling modules of the frame, handle a client request and send the handled client request to the repeater. A repeater translates the handled data in the consistent format into data acceptable to an application back end and sends the data acceptable to the application back end to the application back end for a data handling by cloud.