Abstract: A system which comprises a series of native applications, suited to run on mobile devices, and a series of web-based applications for which functionality and processing are optimized. The native applications and the web-based applications are coordinated to optimize processes of acquiring, storing and disseminating data for speed, integrity and security.

Abstract: Aspects of the disclosure relate to detecting and protecting against cybersecurity attacks using unprintable tracking characters. A computing platform may receive a character-limited message sent to a user device. Subsequently, the computing platform may detect that the character-limited message sent to the user device includes suspicious content. Then, the computing platform may generate a modified character-limited message by inserting one or more special characters into the character-limited message and cause transmission of the modified character-limited message to the user device. Next, the computing platform may receive, from the user device, a spam report that includes the modified character-limited message. Then, the computing platform may identify a presence of the one or more special characters included in the modified character-limited message and adjust one or more filters based on the identification.

Abstract: A system and methods for protecting a serverless application, the system including: (a) a serverless application firewall configured to inspect input of the serverless function so as to ascertain whether the input contains malicious, suspicious or abnormal data; and (b) a behavioral protection engine configured to monitor behaviors and actions of the serverless functions during execution thereof.

Abstract: The present disclosure describes systems, apparatuses, and methods for obfuscation-based intellectual property (IP) watermark labeling. One such method comprises identifying, by one or more computing processors, a specific net within an integrated circuit design that is likely to be used in a malicious attack; and adding additional nets to the integrated circuit design that add additional logic states to a finite state machine present in the integrated circuit design. The additional logic states comprise watermarking states for performing authentication of the integrated circuit design, in which a watermark digest can be captured upon application of secret key inputs to the additional nets. Other methods, systems, and apparatuses are also presented.

Abstract: Aspects of the disclosure relate to an electronic document sharing and signing (DSS) ecosystem for electronic document authentication and authorization. The DSS ecosystem may preferably provide a communication platform between a first user information database associated with a first entity and a second user information database associated with a second entity. The DSS ecosystem may include a signer information database. The signer information database may be coupled to the first user information database and the second user information database. The signer information database may be configured to be readable by the first entity and writeable to by the first entity, and readable by the second entity but not writeable to by the second entity. The signer database may include a list of signatory names associated with the first entity, and a plurality of electronically signed documents. Each of the documents may include an electronic signature applied by a signatory whose name appears on the signatory list.

Abstract: Systems and methods are disclosed that minimize ongoing risk to an organization from user behaviors which magnify the severity of a spoofed domain. Systems and method are provided which enable an entity and users of an entity to identify potential harmful domains, combining search, discovery, reporting, the generation of risk indicators, end-user risk assessments, and training into a security awareness system.

Abstract: A system includes a memory and at least one processor to set a network throughput level setting to a default network traffic rate in a computer network, begin a data protection operation at the network throughput level setting in the computer network, continually monitor the computer network and determine that a condition has occurred in the computer network, dynamically adjust the network throughput level setting in response to the condition by one of decreasing the network throughput level setting by a network traffic rate increment and increasing the network throughput level setting by the network traffic rate increment, and dynamically shape network or storage traffic for the data protection operation using the network throughput level setting.

Abstract: Systems and methods are provided for augmenting the services of SM-DP and SM-DP+ based mobile network systems. These systems and methods enable securing, in advance of arrival at the mobile network system, connectivity services (e.g., limited, short or one-time) or long-term subscription for eSIM/iSIM capable devices/machines. Such connectivity services may be purchased or booked in advance from a local or foreign network operator with service to be activated immediately or at a point in the future. For example, a traveler to a foreign country can pre-purchase (at the travel booking stage) mobile connectivity for use during upcoming travel to a foreign network. The corresponding service can be activated at the time/date of arrival for the selected period.

Abstract: Technology related to a network application firewall is disclosed. In one example, a method includes intercepting a response from a network application and destined for a client. The response can be associated with a user identifier. A modified response can be forwarded to the client. The modified response can include a honeytrap embedded within the intercepted response. Engagement with the honeytrap can be detected in a subsequent request to the network application. In response to detecting the engagement with the honeytrap, an indication that the user identifier is malicious can be stored.

Abstract: In various embodiments, a computer-implemented method for generating and verifying officially verifiable electronic representations may be disclosed.

Abstract: An enterprise-grade network security system is described herein. An enterprise-grade network security system may ensure that a consumer-managed network conforms with security standards for a company. In this manner, potential cyber threats may be prevented from infecting centralized company resources. An enterprise-grade network security system may include hardware, software, applications, and a strategic intelligence platform utilizing machine learning and artificial intelligence to identify potential security risks.

Abstract: A method for execution by a computing device of a storage network includes dispersed storage error decoding a plurality of sets of encoded data slices to recover a plurality of secure packages, where the plurality of secure packages include a plurality of encrypted data segments and a plurality of sets of encoded key slices, and where encoded key slices are appended to the encrypted data segments in accordance with an appending approach. The method includes splitting the plurality of secure packages into the plurality of encrypted data segments and the plurality of sets of encoded key slices. The method includes decoding the at least the decode threshold number of each set of the plurality of sets of encoded key slices to recover a plurality of encryption keys. The method includes decrypting the plurality of encrypted data segments using the plurality of encryption keys to recover the data segments.

Abstract: An authentication system includes an authenticator that receives an authentication request from a device and receives sensor data from one or more sensors, the sensor data being indicative of interaction with one or more real world objects or with a displayed authentication image. The authenticator determines that the sensor data is indicative of an authorized interaction with the one or more real world objects or with the displayed authentication image and, in response to the determination, grants the authentication request.

Abstract: Techniques for securing control and user plane separation in mobile networks (e.g., service provider networks for mobile subscribers, such as for 4G/5G networks) are disclosed. In some embodiments, a system/process/computer program product for securing control and user plane separation in mobile networks in accordance with some embodiments includes monitoring network traffic on a mobile network at a security platform to identify an Packet Forwarding Control Protocol (PFCP) message associated with a new session, in which the mobile network includes a 4G network or a 5G network; extracting a plurality of parameters from the PFCP message at the security platform; and enforcing a security policy at the security platform on the new session based on one or more of the plurality of parameters to secure control and user plane separation in the mobile network.

Abstract: An apparatus may comprise an electronic circuit configured to perform one or more functions or operations, and a memory associated with the electronic circuit. The memory stores a customer-side circuit identification (ID) comprising watermark value combined with a pseudo-random number that is generated as a function of a seed value, wherein the seed value is based on a timestamp generated by computer. An external interface may be coupled to the memory, wherein the external interface provides read-access to the customer-side circuit ID.

Abstract: A computing system for enabling the analysis of multiple raw data sets whilst protecting the privacy of information within the raw data sets, the system comprising a plurality of synthetic data generators and a data hub. Each synthetic data generator is configured to: access a corresponding raw data set stored in a corresponding one of a plurality of raw data stores; produce, based on the corresponding raw data set, a synthetic data generator model configured to generate a synthetic data set representative of the corresponding raw data set; and push synthetic information including at least one of the corresponding synthetic data set and the synthetic data generator model to the data hub. The data hub is configured to store the synthetic information received from the synthetic data generators for access by one or more clients for analysis.

Abstract: An attack countermeasure determination includes a domain name input unit that receives any domain name as input, and acquires setting information corresponding to the domain name, registration information corresponding to the domain name, and external information corresponding to an internet protocol (IP) address corresponding to the domain name, as feature information on the domain name, an attack countermeasure determination unit that specifies a pre-designated category for the domain name on the basis of the feature information and determines, in a stepwise manner, an attack countermeasure against the domain name in accordance with the specified category, and an attack countermeasure information output unit that outputs attack countermeasure information corresponding to the attack countermeasure.

Abstract: The present disclosure provides a method, a control terminal and a system for assisting a device to access a network. The method includes: receiving auxiliary distribution network information which is used to assist a device to access the network, filling the received auxiliary distribution network information into a probe request frame, and sending the probe request frame which carries the auxiliary distribution network information in a wifi broadcast packet, so that, after monitoring the wifi broadcast packet, the device accesses a corresponding wireless router by using the auxiliary distribution network information carried by the probe request frame in the wifi broadcast packet.

Abstract: An example operation may include one or more of connecting, by a recipient node, to a source node via a blockchain network, receiving, by the recipient node, a data block, a digest of the data block encrypted by a private key of the source node, a public key paired to the private key and an IP address of the source node, calculating, by the recipient node, a digest of the data block, decrypting, by the recipient node, the digest of the data block by the public key, comparing, by the recipient node, the decrypted digest against the digest, and in response to a match, storing the encrypted digest, the public key and the IP address of the source node onto a ledger of the recipient node.

Abstract: Systems, apparatuses and methods may provide for a memory apparatus that includes a client-side address space dedicated to an accessor of obfuscated multi-tenant data, wherein an executable view generation library is stored to the client-side address space. In one example, the executable view generation library is to receive a request to access at least a portion of the obfuscated multi-tenant data, convert the obfuscated multi-tenant data to deobfuscated multi-tenant data based on metadata associated with the executable view generation library and generate a single-tenant view based on the deobfuscated multi-tenant data.