Abstract: In one embodiment, a refrigerator appliance is provided. The refrigerator appliance can include a cabinet defining a chilled chamber, a controller configured to operate one or more components of the refrigerator appliance, and a camera assembly operable to monitor the chilled chamber. The camera assembly can include a camera module having a camera that is operable to capture data associated with the chilled chamber. The controller and the camera module can each be configured to respectively perform one or more operations of an authentication process to verify identity of the controller and the camera module. The camera module can be configured to operate the camera to capture the data associated with the chilled chamber and/or to transmit a redacted version of the data associated with the chilled chamber to the controller based at least in part on verification of the identity of the controller and the camera module.

Abstract: A method and an apparatus are provided. The method may include: receiving a query request and signature information of the query request sent from a first node in a blockchain other than a current blockchain, where there is a proxy node of the first node in the current blockchain, and the query request includes a query content and a storage number of a public key of the first node in the current blockchain; acquiring the public key of the first node from the current blockchain based on the storage number of the public key of the first node in the current blockchain; acquiring query data indicated by the query content from the current blockchain, in response to the signature information of the query request passing verification by the public key of the first node; and feeding back a query result to the first node based on the query data.

Abstract: Disclosed herein are system, method, and computer program product embodiments for creating cyber situational understanding in an operational environment. An embodiment operates by normalizing streaming cyber information for a plurality of cyberspace entities and generating cyber-graphs based on relationships between two or more of the plurality of cyberspace entities. A cyber-threat inquiry of the cyber-graphs returns potential cyber-threats that are subsequently visualized as an overlay on a corresponding operational environment.

Abstract: Systems and methods of handling sessions between client devices and one or more server based on session classifications are provided. A device identifies a time series of security metrics corresponding to requests received during a session established by a client device to access a resource provided by one or more servers. The device generates security features from the time series of security metrics based on one or more time windows. The device classifies the session as one of anomalous or genuine using the security features generated from the time series of security metrics based on the one or more time windows. The device handles subsequent requests received during the session based on the classification of the session as the one of anomalous or genuine.

Abstract: The present invention discloses a hacking detection method, including: deploying a plurality of trap IP addresses in a trap IP address list; collecting access logs from a plurality of network devices to create a connection record list, wherein the connection record list includes a plurality of connection records; and comparing the trap IP address list and the connection record list to obtain a suspicious source list. The suspicious source list includes a plurality of suspicious source IP addresses. The suspicious source IP addresses match a portion of the trap IP addresses in the trap IP address list.

Abstract: A blockchain-based data processing method and apparatus, a computer device, and a computer-readable storage medium.

Abstract: An effective strategy provides an intuitive starting point for an enterprise network agent to resolve issues before the issues increase the probability of an outage. Being able to predict whether and when a current anomalous state will transform into an outage is valuable to an enterprise network agent tasked with network administration, including monitoring the network; configuring the network; recommending software or hardware licenses, updates, or additions; obtaining software or hardware licenses or devices; generating reports and alerts; and launching countermeasures in association with the enterprise network.

Abstract: A security system for an in-vehicle network includes a gateway including at least one processor, wherein the at least one processor is configured to transition an intrusion detection and prevention system (IDPS) loaded into the gateway from a function off mode to a first monitoring mode and detect an intrusion into a general message and a diagnostic message on the in-vehicle network, transition from the first monitoring mode to a second monitoring mode and stop detecting the intrusion into the general message when there is a request to stop transmitting the general message from outside, detect the intrusion into the diagnostic message, and detect and block the general message introduced into the in-vehicle network.

Abstract: A security chip-based security authentication method and system, a security chip, and a readable storage medium are provided. The security authentication method includes: a security chip sending a key acquisition request to an auxiliary chip in response to a security authentication request sent by an upper computer; the auxiliary chip sending, to the security chip, first ciphertext data formed by encrypting a security key in response to the key acquisition request; the security chip decrypting the first ciphertext data to obtain the security key, and performing security authentication with the upper computer in combination with code table data stored on the chip. The security key and the code table data required for security authentication are respectively stored into the security chip and the auxiliary chip.

Abstract: A compact utility loader comprising a frame, an engine, a pair of loader arms, and an attachment secured to ends of the loader arms. The compact utility loader additionally includes a first track or wheel and a second track or wheel positioned on either side of the frame. The compact utility loader additionally comprises a control interface including a graphic display configured to present operational information to an operator. The graphic display is configured to present a login screen prompting the operator for a passcode. The engine is prevented from being started until a valid passcode is entered via the control interface.

Abstract: Automatic generation of a malware signature is disclosed. Code of a sample including packages and function names is parsed. Standard type packages and vendor type packages are filtered from the code of the sample to obtain main type packages. A signature using a fuzzy hash for the sample is generated based on the main type packages. A determination of whether the sample is malware is performed using the signature and a similarity score threshold.

Abstract: A system that dynamically adjusts an operation of software running on a first mobile device is provided. The system may include an application. The system may include an authentication module configured to authorize a user's login credentials, capture a biometric characteristic of the user, and authenticate the captured biometric characteristic based on a comparison to a stored biometric characteristic. The system may also include a tracking module configured to track a location of each of the plurality of mobile devices and based on the location, determine a number of mobile devices within a pre-determined range to the first mobile device. The system may include a throttling module configured to adjust the operation of the application based on the number of mobile devices, the adjusting including at least one of operating the application in read-only mode, partial-access mode and full-access mode and re-adjusting when a change in location is detected.

Abstract: An electronic device that selectively provides secure access of a second electronic device to a network is described. This electronic device receives an access request associated with a computer, where the access request includes one or more authentication parameters associated with a user. In response, the electronic device confirms the one or more authentication parameters to determine whether there is an authentication match. Moreover, when there is an authentication match, the electronic device accesses a policy associated with or that includes: a spatial criterion, a temporal criterion, information associated with the user, information associated with the one or more authentication parameters, and/or information associated with the network.

Abstract: A method with access authority management includes: receiving an input image comprising a region of at least one portion of a body of a user; determining whether the user corresponds to multiple users or a single user using the region of the at least one portion of the body; performing a verification for the user based on a face region in the input image, in response to the determination that the user is the single user; determining whether the input image is a real image or a spoofed image based on whether the verification is successful; and allowing an access authority to a system to the user, in response to the determination that the input image is the real image.

Abstract: The present invention provides a method for using a tamper-resistant physical unclonable functions (PUF) to generate temporary passwords, encrypt a password manager database for one-way encryption, and authenticate users. Resistive Random-Access Memory (ReRAM) can be exploited as PUFs. On the server side, a ReRAM PUF can be used to change the format of the password manager database. By comparing the resistance values extracted from the ReRAM PUF, a bitstream can be generated which can then be used as a challenge. Furthermore, by utilizing the hash function and the ReRAM PUF, the password manager database's content can be encrypted as a one-way encryption. The resistance values, which are the ReRAM PUF output, are converted to a bitstream and then replace the user ID and password hash in the database.

Abstract: This document describes methods and systems that use an undefined lifecycle state identifier to manage security of a system-on-chip (SoC) integrated circuit (IC) device. As part of the described techniques, the SoC IC device may include a first set of logic integrated circuitry that determines that a first combination of bit values fails to correspond to a known lifecycle state identifier. The first set of logic integrated circuitry may then provide, to a second set of logic integrated circuitry, a second combination of bit values that corresponds to the undefined lifecycle state identifier. The second set of logic integrated circuitry may then place the SoC IC device into an undefined lifecycle state.

Abstract: The present invention relates to a method for authenticating a device with a wireless access point. The method includes receiving an audio signal at the device via a microphone; processing the audio signal to extract a code; using the code to authenticate the device, at least to part, with the wireless access point; and in response to the authentication, providing access to one or more network services to the device via the wireless access point A system and software are also disclosed.

Abstract: An identification-estimation risk assessment apparatus includes a first calculation unit for calculating a first value ??Pr[?(t)=t?o?], which is a sum related to all shuffles of a probability Pr[?(t)=t?o?] that a table ?(t) obtained by anonymizing the original table t through randomization ? coincides with a table t?o? represented as a composite of a shuffle ? and the anonymized table t?; a second calculation unit for calculating a second value ??(r)=r?Pr[?(t)=t?o?], which is a sum related to a shuffle that satisfies ?(r)=r? of the probability Pr[?(t)=t?o?]; and a third calculation unit for calculating a third value ??(r)=r?Pr[?(t)=t?o?]/??Pr[?(t)=t?o?] as a risk assessment value of a risk that a record number r is identified and estimated as corresponding to a record number r?, based on the first value and the second value.

Abstract: A fraud detecting method for use in an in-vehicle network system including a plurality of electronic control units that communicate with each other via a network includes detecting whether a state of a vehicle satisfies a first condition or a second condition, and switching, upon detecting that the state of the vehicle satisfies the first condition or the second condition, an operation mode of a second electronic control unit connected to the network. A first mode in which a first type of detecting process for detecting a fraudulent message in the network is performed is switched to a second mode in which the first type of detecting process is not performed upon detecting that the state of the vehicle satisfies the first condition. Moreover, the second mode is switched to the first mode upon detecting that the state of the vehicle satisfies the second condition.

Abstract: Techniques to facilitate prevention of malicious attacks on a web service are disclosed herein. In at least one implementation, web resources associated with the web service are crawled to obtain information about internal and external web assets associated with the web service. Responses from the internal and external web assets are intercepted and content security policy headers are dynamically injected into the responses to determine internal and external dependency data associated with the internal and external web assets. The internal and external dependency data is processed with script reputation and domain reputation data to generate enriched dependency graph data. The enriched dependency graph data is analyzed to dynamically generate content security policies for the web service, and the dynamically generated content security policies are deployed to protect the web service.