Abstract: Methods, apparatuses and system provide for technology that interleaves a plurality of verification commands with a plurality of copy commands in a command buffer, wherein each copy command includes a message authentication code (MAC) derived from a master session key, wherein one or more of the plurality of verification commands corresponds to a copy command in the plurality of copy commands, and wherein a verification command at an end of the command buffer corresponds to contents of the command buffer. The technology may also add a MAC generation command to the command buffer, wherein the MAC generation command references an address of a compute result.

Abstract: Techniques and apparatuses to harden AI systems against various attacks are provided. Among the different techniques and apparatuses, is provided, techniques and apparatuses that expand the domain for an inference model to include both visible classes and well as hidden classes. The hidden classes can be used to detect possible probing attacks against the model.

Abstract: Machine learning fraud resiliency using perceptual descriptors is described. An example of a computer-readable storage medium includes instructions for accessing multiple examples in a training dataset for a classifier system; calculating one or more perceptual hashes for each of the examples; generating clusters of perceptual hashes for the multiple examples based on the calculation of the one or more perceptual hashes for each of the plurality of examples; obtaining an inference sample for classification by the classifier system; generating a first classification result for the inference sample utilizing a neural network classifier and generating a second classification result utilizing the generated clusters of perceptual hashes; comparing the first classification result with the second classification result; and, upon a determination that the first classification result does not match the second classification result, determining a suspicion of an adversarial attack.

Abstract: Methods and apparatus for hardware based file/document expiry timer enforcement is disclosed. An example method includes instructing, by executing an instruction with a processor, a trusted execution environment to generate an encryption key and a certificate for a document, the certificate including expiry information for the document, the certificate associated with identification information of the document, and the expiry information indicative of a time period for which the encryption key is valid to decrypt the document; encrypting, by executing an instruction with the processor, the document using the encryption key; transmitting the certificate to a first remote network storage device; and transmitting the document to a second remote network storage device.

Abstract: Implementations herein disclose an activation function for homomorphically-encrypted neural networks. A data-agnostic activation technique is provided that collects information about the distribution of the most-dominant activated locations in the feature maps of the trained model and maintains a map of those locations. This map, along with a defined percent of random locations, decides which neurons in the model are activated using an activation function. Advantages of implementations herein include allowing for efficient activation function computations in encrypted computations of neural networks, yet no data-dependent computation is done during inference time (e.g., data-agnostic). Implementations utilize negligible overhead in model storage, while preserving the same accuracy as with general activation functions and runs in orders of magnitude faster than approximation-based activation functions.

Abstract: The disclosure generally relates to method, system and apparatus for multifactor authentication exchange using out of band communication to authenticate a user while defending against the man in the middle attack. In an exemplary method, the disclosed principles provide a multifactor authentication (MFA) exchange, which includes: receiving an authentication request through in-band communication from a first device associated with a user to authenticate the user, the authentication request including a first authentication factor to identify the user; generating a second authentication factor, the second authentication factor further comprising an authorization token; generating an encryption key to encrypt the authorization token and a redirect Uniform Resource Locator (URL) address; and communicating the second authentication factor, the encryption key and the redirect URL address to a second device associated with the user.

Abstract: An example apparatus includes: memory; instructions in the apparatus; and at least one processor to execute the instructions to: check for proof of trust information in one or more pre-determined positions in a trusted digital image, the proof of trust information including a secure output marker, the secure output marker indicative of information corresponding to a trusted output area of the trusted digital image; decrypt the secure output marker using one or more security keys from a trusted execution environment (TEE), the TEE isolated from a computing application; and enable activation of a trusted output indicator in response to a match between first data corresponding to the secure output marker and second data corresponding to the trusted output area of the trusted digital image.

Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.

Abstract: Examples relate to an apparatus, device, method, and computer program for an image data processing system, to an image date processing system and image data processing method, and to corresponding computer systems and computer programs. An apparatus for an image data processing system is to obtain information on a user selection from a user, the user selection relating to at least one modality of computer-based processing of a depiction of the user the user is comfortable or uncomfortable with, determine a presence of a depiction of the user in image data of a camera, and determine one or more modalities of computer-based processing to be applied to the depiction of the user in the image data based on the user selection, provide control information regarding the one or more modalities of computer-based processing to be applied to the depiction of the user in the image data for the image data processing system.

Abstract: The disclosure generally relates to method, system and apparatus for multifactor authentication exchange using out of band communication to authenticate a user while defending against the man in the middle attack. In an exemplary method, the disclosed principles provide a multifactor authentication (MFA) exchange, which includes: receiving an authentication request through in-band communication from a first device associated with a user to authenticate the user, the authentication request including a first authentication factor to identify the user; generating a second authentication factor, the second authentication factor further comprising an authorization token; generating an encryption key to encrypt the authorization token and a redirect Uniform Resource Locator (URL) address; and communicating the second authentication factor, the encryption key and the redirect URL address to a second device associated with the user.

Abstract: Providing optical watermark signals for a visual authentication session by performing at least the following: receive, at an anti-spoof engine, an instruction to perform visual authentication operations for a visual authentication session, generate, with the anti-spoof engine, an optical watermark signal based on receiving the instruction, wherein the optical watermark signal includes at least one optical identifier to authenticate images captured during the visual authentication session, obtain, with the anti-spoof engine, an image source that includes captured images of the visual authentication session, determine, with the anti-spoof engine, whether the image source includes a reflected optical watermark signal, and compare, with the anti-spoof engine, whether the reflected optical watermark signal matches the generated optical watermark signal based on the determination that the image source includes the reflected optical watermark signal.

Abstract: A circuit includes a first communication interface configured to receive first sensor data from a stationary sensor. The first sensor data include a result of a first sensing of a local environment of the stationary sensor performed by the stationary sensor. The circuit may further include a second communication interface configured to receive second sensor data from an unmanned aerial vehicle. The second sensor data include a result of a second sensing of at least a portion of the local environment of the stationary sensor performed by a sensor of the unmanned aerial vehicle. The circuit may further include one or a plurality of processors configured to compare the first sensor data and the second sensor data and to classify the at least one stationary sensor based on a result of the comparison.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to track a provenance of goods. An example apparatus includes an unsigned block generator to generate a first unsigned block to store first processing data associated with the product by a first entity, a block signature engine to sign the first unsigned block with a first private key to generate a blockchain having a first signed block, the unsigned block generator to generate a second unsigned block in response to a second entity generating second processing data associated with the product by the second entity, the block signature engine to expand the blockchain by signing the second unsigned block with a second private key to generate a second signed block within the blockchain, and a blockchain validator to verify the product provenance by validating the first processing data and the second processing data using respective public keys associated with the first entity and the second entity.

Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.

Abstract: Embodiments are directed to security optimizing compute distribution in a hybrid deep learning environment. An embodiment of an apparatus includes one or more processors to determine security capabilities and compute capabilities of a client machine requesting to use a machine learning (ML) model hosted by the apparatus; determine, based on the security capabilities and based on exposure criteria of the ML model, that one or more layers of the ML model can be offloaded to the client machine for processing; define, based on the compute capabilities of the client machine, a split level of the one or more layers of the ML model for partition of the ML model, the partition comprising offload layers of the one or more layers of the ML model to be processed at the client machine; and cause the offload layers of the ML model to be downloaded to the client machine.

Abstract: The present disclosure provides privacy preservation of analytic workflows based on splitting the workflow into sub-workflows each with different privacy-preserving characteristics. Libraries are generated that provide for formatting and/or encrypting data for use in the sub-workflows and also for compiling a machine learning algorithm for the sub-workflows. Subsequently, the sub-workflows can be executed using the compiled algorithm and formatted data.

Abstract: The present disclosure is directed to systems and methods for the selective introduction of low-level pseudo-random noise into at least a portion of the weights used in a neural network model to increase the robustness of the neural network and provide a stochastic transformation defense against perturbation type attacks. Random number generation circuitry provides a plurality of pseudo-random values. Combiner circuitry combines the pseudo-random values with a defined number of least significant bits/digits in at least some of the weights used to provide a neural network model implemented by neural network circuitry. In some instances, selection circuitry selects pseudo-random values for combination with the network weights based on a defined pseudo-random value probability distribution.

Abstract: A system and apparatus for data confidentiality in a distributed ledger are disclosed. The system and apparatus preserve qualities of distributed ledgers, such as transparency, integrity, and redundancy, while also providing confidentiality, scalability, and security not previously available in distributed ledgers. The system includes a data confidentiality module that exploits a trusted execution environment for both transaction processing and key synchronization. The apparatus accessing the distributed ledger provides for new nodes joining the network, sending transactions to the ledger by existing nodes, securely processing the transaction using the trusted execution environment, securing transmission to the logic layer for application of business logic, reading and writing data to local storage, and reading encrypted transactions.

Abstract: A system and method of detecting and remediating attacks includes receiving operating system (OS) read/write data from an OS, the OS read/write data describing at least one of reads from and writes to a storage device over a file system interface of the OS; collecting storage device read/write data, the storage device read/write data describing at least one of reads from and writes to the storage device; comparing the OS read/write data to the storage device read/write data; and determining if there is a discrepancy between the OS read/write data and the storage device read/write data. If there is a discrepancy, determining if there is an anomaly detected between OS read/write data and the storage device read/write data. If there is an anomaly, causing a remediation action to be taken to stop a malware attack.