Abstract: A replaceable item for a host device includes a non-volatile memory and logic. The non-volatile memory stores passwords or authentication values, and/or a cryptographic key. The logic permits retrieval of a predetermined maximum number of the passwords from the non-volatile memory to authenticate the replaceable item within the host device. The predetermined maximum number of the passwords is less than the total number of the passwords.

Abstract: A system for generating an enhanced polymorphic quantum enabled firewall in real-time typically includes a classical computer apparatus and a quantum optimizer in communication with the classical computer apparatus. The classical computer apparatus is configured to identify an unauthorized attempt to access information by an unidentified source, collect a first set of data about the unauthorized attempt, determine a type of the unauthorized attempt by analyzing the first set of data, and transmit the first set of data and the type of the unauthorized attempt to the quantum optimizer. The quantum optimizer upon receiving the first set of data and the type of the unauthorized attempt, generates a second key and a second level of encryption using the second key, generates a new protocol for transferring the second level of encryption over a network, and transfers the second level of encryption and the new protocol to the classical computer apparatus.

Abstract: An example method for migrating communication data from a source server to a target server includes obtaining, using a computing device, a set of credentials to access the source server, and accessing the source server using the set of credentials. The method also includes requesting, automatically by the computing device, a directory structure associated with communication data from the source server, populating, by the computing device, the target server using the directory structure, requesting the communication data from the source server, and populating the target server with the communication data.

Abstract: Systems and methods automatically determine rules for detecting malware. A fingerprint representing a file is received. A set of nearest neighbor fingerprints from at least a set of malware fingerprints that are nearest neighbors are determined. The set of malware fingerprints are analyzed to determine a representative fingerprint. A malicious file detection rule is generated based, at least in part, on the representative fingerprint.

Abstract: A system and method for detecting replay attacks on secure data are disclosed. A system on a chip (SOC) includes a security processor. Blocks of data corresponding to sensitive information are stored in off-chip memory. The security processor uses an integrity data structure, such as an integrity tree, for the blocks. The intermediate nodes of the integrity tree use nonces which have been generated independent of any value within a corresponding block. By using only the nonces to generate tags in the root at the top layer stored in on-chip memory and the nodes of the intermediate layers stored in off-chip memory, an amount of storage used is reduced for supporting the integrity tree. When the security processor detects events which create access requests for one or more blocks, the security processor uses the integrity tree to verify a replay attack has not occurred and corrupted data.

Abstract: Access control within a network is established by combining multiple factors to prevent unauthorized access to a computer and/or network target system. The factors which may be combined are selected from a combination of three main factors confirmation that the accessing device which is attempting access is by an authorized user; the access request is made by a device that corresponds to an authorized degree of importance; and the accessing device is connected from a network that corresponds to the authorized degree of importance.

Abstract: Disclosed is a computer and method in a computer that detects attachment of an external device. A determination may be made whether the external device is trusted or untrusted. When the external device is deemed to be trusted, a first device stack may be instantiated in a first OS executing on the computer to conduct interactions with the external device. When the external device is deemed to be untrusted, a second device stack may be instantiated in a second OS executing on the computer to conduct interactions with the external device.

Abstract: In an embodiment, a central computer performs a data processing method. The central computer receives telemetry data from intrusion sensors. The central computer stores authentication records in a hosts database. Each authentication record is based on the telemetry data and comprises a thumbprint of a public key certificate and a host identifier of a sender computer. The central computer receives a suspect record that was sent by a first intrusion sensor. The suspect record has a first particular thumbprint of a first particular public key certificate and a first particular host identifier of a suspect sender. From the hosts database, the central computer searches for a matching record having a same host identifier as the first particular host identifier of the suspect record and a same thumbprint as the first particular thumbprint of the suspect record. The central computer generates an intrusion alert when no matching record is found.

Abstract: Disclosed are various embodiments that facilitate bootstrap authentication of a second application by way of a user confirmation via a first application. The first application is authenticated using trusted credentials. A first application is authenticated with an authentication service using the security credential. Text input is sent from the first application to the second application via the network. The text input is sent to a text entry field on the second application.

Abstract: Embodiments of the invention provide for malware collusion detection in a mobile computing device. In one embodiment, a method for malicious inter-application interaction detection in a mobile computing device includes filtering applications installed in a mobile device to a set of related applications and then monitoring in the mobile device execution of the related applications in the set. The method additionally includes computing resource utilization of one of the related applications executing in a background of the mobile device while also computing execution performance of a different one of the related applications. Finally, the method includes responding to a determination that the computed resource utilization is high while the computed execution performance is poor by generating a notification in the display of the mobile device that the one of the related applications is suspected of malware collusion with the different one of the related applications.

Abstract: Embodiments of the present application relate to a method, apparatus, and system for providing a security check. The method includes receiving a security verification request sent from a terminal, obtaining first verification element information based at least in part on the security verification request, generating a digital object unique identifier based at least in part on the first verification element information, sending the digital object unique identifier to the terminal, receiving second verification element information from the terminal, and in the event that the first verification element information and the second verification element information are consistent, sending security check pass information to the terminal.

Abstract: An image processing system includes: a first image processing device including: an input unit that receives an input of first authentication information for authenticating a user based on a first authentication method; an authentication unit that performs authentication on an own device by using the first authentication information; and a cooperating unit that uses a function of one or more second image processing devices. The authentication unit transmits, when the cooperating unit is to be operated, the first authentication information to the one or more second image processing devices, and transmits, when authentication to a second image processing device based on the first authentication information has failed, a transmission request of authentication method information indicating a second authentication method of the second image processing device to the second image processing device, the authentication to which based on the first authentication information has failed.

Abstract: A method for securely distributing a profile within a dispersed storage network (DSN) that begins by encrypting a profile using a key. The method continues by encoding the encrypted profile in accordance with a dispersed storage error encoding function. The method continues by outputting the set of encoded profile slices to the DSN for storage therein. The method continues by encoding the key in accordance with an error encoding function and outputting the set of secure key portions to a set of devices of the DSN for storage therein. A device obtains the profile by retrieving secure key portions from the set of devices and recovering the key therefrom. The device then retrieves encoded profile slices from the DSN and decodes them to recover the encrypted profile. The device then decrypts the encrypted profile using the key to recover the profile.

Abstract: A malware warning system, including a client sending requests to and receiving replies from a server, and a server, including a first warning generator sending to the client a warning including a threat level of content located at a web site, in response to receiving from the client a URL for accessing content at the web site, a second warning generator sending to the client a warning including information about at least one of the nature of the threat of the content located at the web site and a location of the web site, in response to receiving from the client a request for more information about the nature of the threat, and a third warning generator, sending to the client a warning including an instruction to perform a swipe gesture to confirm a request to access the URL, in response to receiving that request from the client.

Abstract: Utilities (e.g., methods, systems, apparatuses, etc.) for use in generating and making use of priority scores for data generated by one or more data systems that more accurately prioritize those events and other pieces of data to be addressed by analysts and troubleshooters before others (e.g., collectively taking into account threats posed by origin host components and risks to impacted host components) to work the highest risk events and alarms first and to effectively and efficiently spend their alarm monitoring time.

Abstract: A system is provided for selective extended archiving of data. A network analyzer may intercept and log traffic that passes over at least part of a computer network including capturing a plurality of network packets and producing a traffic log including a corresponding plurality of entries with values of fields in the plurality of network packets. A data collector may receive the traffic log and archive the corresponding plurality of entries for a predetermined retention period, and produce a table of the values of the fields. An data collector may then identify a value from the table as an indicator of a network compromise, and cause the data collector to archive entries of the corresponding plurality of entries having the value for an additional period beyond the predetermined retention period.

Abstract: Described herein are methods, systems, and software to handle verification information in a content node. In one example, a method of operating a content node includes receiving a secure content request from an end user device and determining the availability of verification information stored on the content node to service the secure content request. The method further provides, if the verification information is available, verifying the end user device based on the verification information. The method also includes, if the verification information is unavailable, querying an origin server to verify the end user device.

Abstract: An embodiment relates to a method for processing data that includes (a) calculating a second identifier based on input data, (b) conducting a first operation comparing the second identifier with a first identifier, and (c) conducting a second operation comparing the second identifier with a modified first identifier.

Abstract: A number of events are counted in different layers of a computing environment during execution of a software application. The number of counted events can be compared to a previously generated cluster set to determine that at least one of the counted events is an outlier. Data can then be provided that characterizes the at least one of the counted events determined to be an outlier. In some cases, some or all of the functionality of the software application can be selectively disabled. Related apparatus, systems, techniques and articles are also described.

Abstract: A method for obfuscating the properties of a web browser includes identifying an active web browser and generating random assortments of properties compatible with the web browser. The generated random properties are then integrated with the true properties of the web browser to provide an obfuscated property set that, on request by a web server, may be communicated to the web server.