Abstract: A system for effectively addressing the fast-producer and slow-consumer problem for persistent hybrid cloud caches. In particular, the system and associated methods ensure the integrity of data stored by persistent caches by utilizing a plurality of journals, including a user journal and a cloud journal. The user journal records operations conducted by users of the system in records. Before the records are transferred to a cloud storage system, the records are transferred to the cloud journal, which may be configured to be larger than the user journal. Once a record is transferred from the user journal to the cloud journal, the record may be released from the user journal, thereby increasing capacity of the user journal for subsequent operations to be recorded. Each record may then be transferred to the cloud storage system from the cloud journal, which may then cause each record to be released from the cloud journal.

Abstract: A system for managing domain registrations configured to connect to a blockchain wallet running on a client device. The blockchain wallet includes associated keys for a blockchain system. The system is further configured to inspect the blockchain wallet for a first non-fungible token (NFT) associated with a first domain name, and check with a domain name service (DNS) registry on whether the first domain name is registered at the DNS registry. The DNS registry is configured to receive registration information associated with one or more domains. In response to the first domain name being registered at the DNS registry, performing one or more of (i) expiring the first NFT in the blockchain wallet, (ii) adding a second NFT to the blockchain wallet, (iii) adding a fungible token to the blockchain wallet, (iv) removing the first NFT from the blockchain wallet, or (v) exchanging the first NFT for the fungible token.

Abstract: Embodiments of this application relate to the field of communication technologies, and provide a split inference method and an apparatus, to reduce communication overheads and also reduce a risk of leaking original data to a central server. The method includes: A first communication apparatus receives, from a second communication apparatus, first indication information indicating a previous-hop communication apparatus and a next-hop communication apparatus of the first communication apparatus, where the previous-hop communication apparatus and the next-hop communication apparatus each include at least one terminal device. The first communication apparatus receives data from the previous-hop communication apparatus, performs inference on the data based on a submodel corresponding to the first communication apparatus, to obtain an inference result, and sends the inference result to the next-hop communication apparatus.

Abstract: An authority authentication system includes an electronic device configured to generate a first unique asymmetric key pair, including a first public key and a first private key, a certificate authority server configured to generate a unique asymmetric key certificate and a unique certificate chain, and inject the unique certificate chain into the electronic device, at least one owner terminal device configured to request authority authentication from the electronic device based on at least one owner certificates and at least one owner key pair corresponding to the at least one owner terminal device, the at least one owner key pair including at least one public owner key and at least one private owner key, a communication network including a secure communication channel configured to transmit and receive the at least one owner certificate and the at least one public owner key.

Abstract: A device connection method includes acquiring connection information between the application and the device, where the connection information includes fastest connection mark information, and the fastest connection mark information includes a marked connection mode for the fastest connection among concurrent connection modes; acquiring a connection mode with the largest proportion in the fastest connection mark information in a first predetermined period N and determining the connection mode with the largest proportion as a first connection mode; acquiring at least one connection mode that ranks top among connection modes sorted in descending order of proportion in the fastest connection mark information in a second predetermined period M and combining the at least one connection mode into a first set, where the number of the at least one connection mode that ranks top is a preset number, and M is greater than N.

Abstract: Variations in latency, out-of-order, and duplication may occur for incoming packets delivered via a network including a constellation of low-Earth orbit (LEO) satellites. An incoming packet that comprises time data and a sequence number is received at a user terminal. A delivery deadline time (deadline) is determined for the incoming packet. The incoming packet and its deadline are stored in a waiting buffer. Packets from the waiting buffer are processed for storage into “slots” that correspond to sequence numbers of the incoming packets. A window designates which portion of the slots may be written to or read from. The window may comprise a circular buffer. The window may be “moved” relative to the slots based on sequence number of an incoming packet, highest packet transmitted, maximum permitted movement, lowest window stop, highest window stop, and so forth. Packets in slots within the window that have reached their deadline are sent.

Abstract: Provided are a file leak detection method. The method includes: acquiring a file operation event on a terminal device, wherein the file operation event is an event in which a specified operation is executed on a target file; extracting, from the file operation event, a file path of the target file involved in the file operation event; searching for file content of the target file according to the file path, and performing mapping processing on the file content of the target file, so as to obtain a file fingerprint of the target file; determining, according to the file path and the file fingerprint, whether the target file belongs to a specified file library which is used for dynamically maintaining a service file that needs to be protected; and if the target file belongs to the specified file library, determining that a file in the specified file library is leaking.

Abstract: A method for authenticating a host computer system to access a data storage device (DSD) comprising a non-volatile storage medium including a plurality of blocks, the method comprising: receiving, from a computer program on the host computer system, an initial read request to read a block of the plurality of blocks and in response sending information from the block to the host computer system; iteratively receiving, from the computer program on the host computer system, a subsequent read request to read a subsequent block of the plurality of blocks based on the information sent from the block of a previous response; and in each iteration sending information from the subsequent block to the host computer system or terminating the iterative process in response to determining that each block of the plurality of blocks has been read; and determining the host computer system is authenticated in response to determining one or more conditions are met, wherein the one or more conditions include determining that each

Abstract: Disclosed herein are systems and method for detecting malicious activity using a tuned machine learning model. In one aspect, a method includes receiving a plurality of logs indicative of software behavior from a plurality of endpoint devices and generating a plurality of event sequences from the plurality of logs. The method includes training a global machine learning model using the plurality of event sequences to predict resultant events for a sequence of lead up events and classify whether the resultant events indicate malicious activity. The method includes, for each respective endpoint device of the plurality of endpoint devices, generating a testing dataset comprising a plurality of benign event sequences that occurred on the respective endpoint device. The method includes generating a tuned machine learning model for the respective endpoint device by retraining the global machine learning model using the testing dataset. The method includes executing the tuned machine learning model.

Abstract: Promoting privacy while using a computer network. An operating system kernel-level process, having kernel-level access privilege, filters packets received over the computer network. When doing so, the header of a packet is examined to identify an origin of the packet. Upon determining that the origin of the packet is associated with a blacklist of entities, a connection request made a script comprised within the packet is blocked. However, upon determining that the origin of the packet is not associated with a blacklist of entities, an application executing upon the operating system is granted permission to have access to a payload of the packet. The application may be a web browser which can police the behavior of scripts within a web page while rendering the contents of the web page without alteration.

Abstract: A method executed by a hardware processor of a computer to manage use of a service at a terminal device, includes: receiving, from the terminal device via a communication network, identification information and authentication information that are input by a user to the terminal device to log in to the service; and in a case that a login to the service is not permitted based on the identification information and the authentication information, permitting a temporary login in which a restriction is placed on some functions of the service.

Abstract: A method includes rendering on displays of a plurality of extended reality (XR) devices an XR environment. The XR environment includes a first user avatar authorized to interact with an XR application of the plurality of XR applications and a second user avatar unauthorized to interact with the XR application. The method includes receiving, by sensors of an XR device, sensor data indicative of a user intent to interact with the XR application by the second user avatar, generating, based on the sensor data, an estimation of an unauthorized interaction with the XR application by the second user avatar, executing, based on the estimation of the unauthorized interaction, a data obfuscation of information associated with an authorized interaction with the XR application by the first user avatar, and re-rendering on the displays of the plurality of XR devices the XR application in accordance with the executed data obfuscation.

Abstract: Novel tools and techniques are provided for implementing secure network configuration and/or secure network access using a user device. In various embodiments, after establishing a secure wireless connection with a local network device, in some cases, by scanning and decoding a barcode (including connectivity data for connecting with the local network device) that is affixed to, or displayed on a display device on, a surface of the local network device, the user device may configure the local network device with settings and configurations. The user device may also provide a new wireless device with connectivity data for connecting with the local network device, in some cases, by scanning and decoding another barcode on the new wireless device to establish a secure connection to send the connectivity data. The user device and/or the new wireless device may then access a network established by the (configured) local network device.

Abstract: The present disclosure relates to systems, non-transitory computer-readable media, and methods for generating a secure upload URL, receiving a file upload to a first draft data store, and transferring the file from the first draft data store to a first final data store. In particular, in one or more embodiments, the disclosed systems transfers the file from the first draft data store to a first final data store based on the file meeting predetermined file attributes associated with the first draft data store. Moreover, the disclosed system provides to an agent device access to the file based on access permissions corresponding to the first final data store.

Abstract: The disclosure relates to a 5th generation (5G) or pre-5G communication system for supporting a higher data transmission rate than a 4th generation (4G) communication system such as Long Term Evolution (LTE). According to various embodiments, there is provided an operating method of an application function (AF) in a wireless communication system that includes: transmitting, to a network exposure function (NEF), a Nnef_EventExposure_Subscribe message including an address of a user equipment (UE) to request a subscription of a user plane function (UPF) event exposure service for the UE; and receiving, from the NEF, a Nnef_EventExposure_Notify message including information on the UPF event exposure service for the UE.

Abstract: A method for managing access to a file based backup (FBB) includes generating, at a first point-in-time, a first FBB at a first point-in-time, wherein the first FBB comprises a first set of files of an asset at the first point-in-time, generating, at a second point-in-time after the first point-in-time, a second FBB at a second point-in-time, wherein the second FBB comprises a second set of files of the asset at the second point-in-time, performing an asset analysis on the first FBB metadata file and a second FBB metadata file associated with the second FBB to generate a differencing FBB metadata file, performing an anomaly analysis on the second FBB using the differencing FBB metadata file to obtain a anomaly report, and performing a remediation of the second FBB based on the anomaly report.

Abstract: An entity for implementing a service in a network, an application device, and a method for executing an operation of a service are described. An entity is configured to implement a first service implemented by a first application device of a communications network, the entity including a management module configured to acquire, via an application programming interface of a second service implemented in the network, data managed by the second service, said management module being configured to store said acquired data in a primary cache of the entity, an update module configured to update, following a modification of one of said data managed by said second service, the primary cache to reflect said modification using said programming interface, and a processing module, configured to use at least one of said data from the primary cache when executing at least one operation of the first service.

Abstract: The present disclosure provides a network monitoring system including a plurality of sensor devices which transmits data packets and a monitoring server which performs the transferable reinforcement learning on the data packets to establish a bandwidth allocation policy in which a quality of experience (QoE) satisfies a set reference QoE to allocate the bandwidth to the plurality of sensor devices.

Abstract: A method and an apparatus for identifying sensitive information identifier in a privacy-protection manner are provided. The method is performed at a first computing entity which is configured to access a set of license plate numbers and to communicate with a second computing entity which is configured to obtain a license plate number that is captured by one of one or more license plate recognition (LPR) devices distributed in a certain geographic area. The method comprises: receiving a first hash value of the license plate number from the second computing entity; determining that the first hash value matches a second hash value of a plurality of hash values in an association relationship; and generating a notification of an identified license plate number. The association relationship maps a respective one of the plurality of hash values to a corresponding license plate number in the set of license plate numbers.

Abstract: Logic may identify information of a first electronic mail document associated with a control, the control to comprise a process to mitigate a risk. Logic may select the electronic mail document based on the information. Logic may determine metadata for the electronic mail document, the metadata. Logic may generate a first value representative of the electronic mail document based on application of a mathematical algorithm. Logic may generate a log entry for the electronic mail document comprising the metadata and the first value. Logic may encrypt the log entry with an encryption key. And logic may store the log entry in an encrypted ledger with a log entry date and a unique log entry identifier.