Abstract: Systems and methods relating to establishment of a Packet Data Unit, PDU, session over a Non 3GPP Access to a 3GPP network and transmitting IP data and non-IP data are provided. A method of operation of a wireless device is provided and comprises sending to an AMF over an N3IWF a PDU session request to establish a PDU session to transport one of IP data or non-IP data over an established first IPsec, Security Association, SA, establishing an IPSec Child SA, for the PDU session and associating the IPSec Child SA to a PDU session then encapsulating the data using ESP encapsulation or GRE encapsulation associated with the IPSec Child SA and indicating the type of data that is being transmitted (e.g., non-IP data that comprises raw application data). In this manner, an IoT device is able to securely transmit to the 3GPP network IP data/non-IP data/raw application data over an unsecure non 3GPP access network such as Wireless Local Area Network.

Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.

Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.

Abstract: Systems and methods for verifying the rendering of video content on information resources are provided herein. A server can transmit a video content element having a first bit stream corresponding to a predesignated frame to a client device. The client device can identify the first bit stream as corresponding to the predesignated frame. The client device can decode the first bit stream corresponding to the predesignated frame of the video content element to generate a second bit stream. The client device can transmit, to the server, a tracking message including the second bit stream. The server can compare the second bit stream included in the tracking message from the client device with a third bit stream maintained at a database. The server can determine that the video content element is rendered at the client device responsive to the second bit stream matching the third bit stream.

Abstract: A vehicle anomaly detection server includes: a communicator that communicates with a vehicle to receive a log of an in-vehicle network in the vehicle; a processor; and a memory including at least one set of instructions that, when executed by the processor causes the processor to perform operations including: selecting, when information indicating that an anomaly is occurring to a first vehicle among vehicles is obtained by the processor, an anomaly-related vehicle from among the vehicles based on the anomaly, the first vehicle being the vehicle that communicates with the communicator; transmitting, to the anomaly-related vehicle via the communicator, a first request to transmit a log of an in-vehicle network in the anomaly-related vehicle; and determining whether an anomaly is occurring to the anomaly-related vehicle, based on information indicated by the log transmitted from the anomaly-related vehicle and received by the communicator.

Abstract: Systems and methods receive a first indication that an Internet of Things (IoT) device is attempting to access a home network; determine that the IoT device is a trusted device; store an identifier associated with the IoT device to a blockchain in response to determining that the IoT device is a trusted device; receive a second indication that an event has occurred with respect to the IoT device; determine whether the event is a major event; and verify the identifier associated with the IoT device by storing an identity and information associated with the event to the blockchain in response to determining that the event is a major event.

Abstract: A verification code generation method is performed at a computing device.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for session authentication. An example system includes encoding circuitry configured to generate, based on a first set of quantum bases, a set of qbits, and transmit the set of qbits over a quantum line, wherein the encoding circuitry is further configured not to transmit the first set of quantum bases. The example system further includes decoding circuitry in communication with the encoding circuitry over the quantum line, the decoding circuitry configured to receive, over a quantum line, the set of qbits, and decode, based on a second set of quantum bases, the set of qbits to generate a decoded set of bits. The example system further includes session authentication circuitry configured to generate a session key based on the decoded set of bits.

Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.

Abstract: Disclosed are an apparatus for detecting in-vehicle external data intrusion by comparing multiple information entropy and a method of operating the same. The present invention may prevent a danger due to in-vehicle external data intrusion by providing a technology that may determine whether in-vehicle external data intrusion occurs by checking information entropy representing the amount of information for a package ID generable through an in-vehicle Controller Area Network (CAN) communication network.

Abstract: A method, an entity, and a system for managing access to data. The data is associated with metadata. At least one predetermined access policy for accessing metadata includes, for each client, at least one identifier relating to the client. An entity receives from at least one client device, a data access request that includes at least one identifier relating to the client. The entity determines, based on the associated access policy, whether the metadata access is authorized. If yes, the entity determines, based on the associated access policy, associated first data allowing to access the metadata. The entity accesses, based on the first data, the associated metadata. The entity accesses, based on the accessed metadata and the associated access policy, at least a part of the associated data, as a late dynamic binding of the metadata with the associated data (or a part of it).

Abstract: An authentication system that executes user authentication processing in accordance with an authentication request includes at least one first device. The first device has a biological information acquiring unit that is configured to acquire biological information of a user, and a first authentication unit that outputs an authentication result of which the user is authenticated, based on the biological information. The authentication system includes a second device that is configured to communicate with the first device. The second device has an information acquiring-storing unit that is able to store identification information of the first device beforehand, a determination unit that is configured to determine whether the first device is registered, and a second authentication unit that is configured to perform user authentication, in accordance with an authentication result output by the first authentication unit, when the determination unit determines that the first device is registered.

Abstract: Techniques for enriching encrypted traffic analytics are presented. In one embodiment, a method includes obtaining telemetry data for one or more domains within a network. The telemetry data includes both encrypted traffic analytics information and traffic flow information associated with the network traffic. For each domain of the one or more domains, the method also includes generating a model comprising a mapping from a plurality of traffic flow information features to at least one encrypted traffic analytics feature. The method includes generating a database comprising generated models for each of the domains and obtaining telemetry data for a target domain that includes traffic flow information, but does not include encrypted traffic analytics information. At least one encrypted traffic analytics feature of the target domain is determined based on a plurality of traffic flow information features of the target domain using the database.

Abstract: Provided is a method for automatic user authentication, including: (a) a first step in which a user credential is stored on a website in the course of membership registration, wherein the user credential includes a given mobile phone number; (b) a second step in which a service application is downloaded onto a first mobile terminal, wherein the first mobile terminal is linked to the website server; and (c) a third step in which the service application is activated on the first mobile terminal through automatic user authentication without an additional membership registration process.

Abstract: Technologies related to trusted user account login are disclosed. In one implementation, a temporary trusted login token request for accessing a service page from an originating application is received. A temporary trusted login token based on the temporary trusted login token request is generated. The temporary trusted login token is sent to the originating application. A service page access request is received for accessing the service page generated based on the temporary trusted login token. The temporary trusted login token including the service authorization from the service page access request is identified. Whether the service page is included in the one or more service pages that are identified by the service authorization is determined, and trusted login to the service page from the originating application is allowed if the service page is included in the one or more service pages.

Abstract: A method includes receiving a processor design of a processor, receiving an application to be executed by the processor, and receiving a security policy. The method includes simulating the execution of the application on the processor to identify information flow violations generated by the application based on the security policy.

Abstract: An authentication system that executes user authentication processing in accordance with an authentication request includes at least one first device. The first device has a biological information acquiring unit that is configured to acquire biological information of a user, and a first authentication unit that outputs an authentication result of which the user is authenticated, based on the biological information. The authentication system includes a second device that is configured to communicate with the first device. The second device has an information acquiring-storing unit that is able to store identification information of the first device beforehand, a determination unit that is configured to determine whether the first device is registered, and a second authentication unit that is configured to perform user authentication, in accordance with an authentication result output by the first authentication unit, when the determination unit determines that the first device is registered.

Abstract: A method and apparatus for providing tenant specific encryption is described herein. According to an embodiment, a transmission site receives a data packet for transmission or forwarding. The transmission site determines, based on information in a header of the data packet, that the data packet is to be encrypted before transmission or forwarding. Using the information in the header, the transmission site identifies an encryption key for the data packet. The transmission site generates, for the data packet, an additional header and populates the additional header with a destination port number based on a destination port header value of the data packet. The transmission site overwrites the destination port header value of the packet with data indicating that the data packet is encrypted and then encrypts an encapsulated packet within the data packet using the encryption key prior to transmitting or forwarding the data packet.

Abstract: Techniques for secure sharing of data in computing systems are disclosed herein. In one embodiment, a method includes when exchanging data between the host operating system and the guest operating system, encrypting, at a trusted platform module (TPM) of the host, data to be exchanged with a first key to generate encrypted data. The method also includes transmitting the encrypted data from the host operating system to the guest operating system and decrypting, at the guest operating system, the transmitted encrypted data using a second key previously exchanged between the TPM of the host and a virtual TPM of the guest operating system.

Abstract: Aspects of the disclosure provide methods and apparatuses for providing application interfaces. For example, a terminal device includes a display screen and processing circuitry. The processing circuitry displays, via the display screen, a fake interface for a specific application in response to a state change of the specific application. The fake interface displays non-privacy content that has no association with the specific application. Then, the processing circuitry detect an operation on the fake interface, and displays, via the display screen, an application interface of the specific application with privacy content when the operation on the fake interface satisfies a pre-defined requirement.