Abstract: A behavior-based security system of a computing device may be protected from non-benign behavior, malware, and cyber attacks by configuring the device to work in conjunction with another component (e.g., a server) to monitor the accuracy and performance of the security system, and determine whether the system is working correctly, efficiently, or as expected. This may be accomplished via the server generating artificial attack software, sending the generated artificial attack software to the mobile device to simulate non-benign behavior in the mobile device, such as a cyber attack, and determining whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior. The sever may send a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.

Abstract: A method herein is for authenticating a device connection for website access without using a website password. In the method, a web server receives an access request over the device connection from a device requesting access to a website based on a pre-established identity. The web server, in response to the access request, forwards an access cookie to the device over the device connection and forwards an activation URL to an address associated with the pre-established identity. The web server receives a request for the forwarded activation URL and, using the access cookie, grants access to the device over the device connection.

Abstract: A portable self-contained node apparatus establishes a connection to a host apparatus having one or more peripheral devices connected directly thereto. The node apparatus is configured to view the one or more peripheral devices while being unaware of the host apparatus, and to act as a master device interacting directly with the one or more peripheral devices.

Abstract: Methods, devices, and systems for detecting return-oriented programming (ROP) exploits are disclosed. A system includes a processor, a main memory, and a cache memory. A cache monitor develops an instruction loading profile by monitoring accesses to cached instructions found in the cache memory and misses to instructions not currently in the cache memory. A remedial action unit terminates execution of one or more of the valid code sequences if the instruction loading profile is indicative of execution of an ROP exploit involving one or more valid code sequences. The instruction loading profile may be a hit/miss ratio derived from monitoring cache hits relative to cache misses. The ROP exploits may include code snippets that each include an executable instruction and a return instruction from valid code sequences.

Abstract: Disclosed is an apparatus and method to perform a pairing process with a limited input wireless device. A host device includes a transceiver and a processor. The processor may be configured to execute instructions to: receive from the transceiver a pairing process request from the limited input wireless device, wherein the pairing process request includes a private code based upon a physical user action implemented with the limited input wireless device; and implement a pairing process to validate the limited input wireless device for a particular host device function associated with the private code.

Abstract: A behavior-based security system of a computing device may be protected from non-benign behavior, malware, and cyber attacks by configuring the device to work in conjunction with another component (e.g., a server) to monitor the accuracy and performance of the security system, and determine whether the system is working correctly, efficiently, or as expected. This may be accomplished via the server generating artificial attack software, sending the generated artificial attack software to the mobile device to simulate non-benign behavior in the mobile device, such as a cyber attack, and determining whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior. The sever may send a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.

Abstract: Reciprocal wireless connections may be established between a pair of devices to support failover, load balancing, traffic distribution, or other peer-to-peer connectivity features. Each device of a pair of devices may implement both a local wireless access point and a local wireless station to communicate with the other device of the pair of devices. Establishment of a second wireless connection between the pair of devices may be coordinated using a protocol extension of a first wireless connection. A multiplexing (MUX) component may coordinate traffic among the reciprocal wireless connections.

Abstract: Systems and methods for switching between communicating according to a first network protocol and a second network protocol are provided. The provided systems and methods multiplex received communications according to the first and second network protocols and select one of the network protocols based on a quality or throughput of the network protocol without terminating any existing sessions established according to either of the first or second network protocols.

Abstract: One example provides a broadcast device configured to display an advertisement for viewing by a user and a mobile client device configured to capture information relating to the advertisement from the broadcast device. The mobile client device determines whether the captured information is sufficient to allow the mobile client device to generate an electronic coupon. If it is, the mobile client device generates a coupon may be stored in the mobile client device and subsequently presented at a point-of-sale device as part of a transaction. If the captured information is insufficient, the mobile client device may request additional information from an advertiser server either directly or via the broadcast device.

Abstract: Systems and methods to discover access points in wireless networks are disclosed. In one embodiment, an access point of a wireless network may be placed in a sleep mode when there is no network activity. Normally, a remote device would not be able to discover such sleeping access points because the access point is not sending out a beacon signal. Exemplary embodiments of the present disclosure provide for a remote device that may send a wake up signal to the access point. On receipt of the wake up signal from the remote device, the access point begins sending a beam formed beacon signal to the remote device to initiate registration of the remote device with the access point. By providing a way to wake a sleeping access point, wireless networks may be effectively established while concurrently saving power and reducing electromagnetic interference.

Abstract: To inhibit cross-site forgery attacks, different types/classes of cookies are used. A first cookie and a second cookie are generated by a web server and provided to a client browser during a web session. The first cookie defines a first set of use conditions for when the first cookie is to be used within the web session. The second cookie defines a second set of use conditions for when the second cookie is to be used within the web session. The client browser determines which (if any) of the first cookie or second cookie to send to the web server based on the use conditions defined within each cookie and the operation(s) sought by the client browser. The web server may grant different or the same privileges to operation(s) being sought by the client browser depending on whether the first or second cookie is sent by the client browser.

Abstract: Disclosed is a method for visual verification a Captcha's source. In the method, a Captcha is served to a user. The Captcha includes visual information related to a characteristic of a source of the Captcha and related to a puzzle question of the Captcha. The visual information is for visual verification by the user of the Captcha's source. A response is received from the user based on the served Captcha. A determination is made as to whether the received response is a solution of the puzzle question of the served Captcha.

Abstract: Aspects disclosed in the detailed description include apparatuses and methods for using remote multimedia sink devices. Exemplary aspects of the present disclosure provide a multimedia remote display system comprising a multimedia source device configured to discover a remote multimedia sink device, which has a graphics processing unit (GPU) and supports a wireless network interface. The multimedia source device is also configured to handle the remote multimedia sink device as a local high-speed peripheral device, and opportunistically apply compression to a multimedia stream before rendering the multimedia stream on the remote multimedia sink device. By handling the remote multimedia sink device as a local high-speed peripheral device, and opportunistically applying compression to the multimedia stream, high-definition (HD) multimedia content may be rendered on the remote multimedia sink device without adversely impacting quality of the HD multimedia content.

Abstract: Methods, and mobile devices implementing the methods, use application-specific and/or application-type specific classifier to improve the efficiency and performance of a comprehensive behavioral monitoring and analysis system predicting whether a software application is causing undesirable or performance depredating behavior. The application-specific and application-type specific classifier models may include a reduced and more focused subset of the decision nodes that are included in a full or more complete classifier model that may be received or generated in the mobile device. The locally generated application-specific and/or application-type specific classifier models may be used to perform real-time behavior monitoring and analysis operations by applying the application-based classifier models to a behavior/feature vector generated by monitoring mobile device behavior.

Abstract: A feature is provided that facilitates securely creating and/or replacing cryptographic keys. A first key pair is created comprising first private key and first public key. A second (spare) key pair is created comprising second private key and second public key. The second key pair is associated with the first private key. The second key pair is divided into shares and distributed to at least two shareholders. When the first key pair is to be replace, the second key pair is recreated and authenticated with at least a portion of the distributed shares. A trust level is associated with the second key pair corresponding to a trust level of the first key pair. The first key pair may be invalidated upon authentication of the second key pair. Further configurations provide for the creation of additional spare key pairs.

Abstract: A method herein is for authenticating a device connection for website access without using a website password. In the method, a web server receives an access request over the device connection from a device requesting access to a website based on a pre-established identity. The web server, in response to the access request, forwards an access cookie to the device over the device connection and forwards an activation URL to an address associated with the pre-established identity. The web server receives a request for the forwarded activation URL and, using the access cookie, grants access to the device over the device connection.

Abstract: A hand-held token can be operated to generate an acoustic signal representing the digital signature generated by a private key of a public key/private key pair. Verifiers that might be located at, e.g., buildings, in vehicles, at bank ATMs, etc. receive the signal and retrieve the corresponding public key to selectively grant access authorization to components served by the verifiers. Methods and systems permit adding and removing a token from the access list of a verifier. Other methods and systems enable the token to be used with several verifiers that are nearby each other, such as might be the case with multiple vehicles owned by the same user and parked nearby each other, without more than one verifier being operated to grant access.

Abstract: Methods, devices, and systems for detecting return-oriented programming (ROP) exploits are disclosed. A system includes a processor, a main memory, and a cache memory. A cache monitor develops an instruction loading profile by monitoring accesses to cached instructions found in the cache memory and misses to instructions not currently in the cache memory. A remedial action unit terminates execution of one or more of the valid code sequences if the instruction loading profile is indicative of execution of an ROP exploit involving one or more valid code sequences. The instruction loading profile may be a hit/miss ratio derived from monitoring cache hits relative to cache misses. The ROP exploits may include code snippets that each include an executable instruction and a return instruction from valid code sequences.

Abstract: The mobile commerce authentication and authorization system allows a user of a currently existing mobile wireless communications instrument to conduct financial transactions, including purchases, across a wireless communications system using location data to authorize and authenticate the user and the transaction. The location of the mobile wireless communications instrument and the location of a vendor point-of-sale device are matched with a payment sum. Authentication of the mobile wireless communications instrument user is achieved at least by application of the position and/or location determinable features of the mobile wireless communications instrument, the position and/or location of a point-of-sale device of a vendor or merchant where the instrument user seeks to purchase goods or services, and the payment sum entered on the point-of-sale device.

Abstract: Systems and methods are provided for establishing communications sessions over multiple network protocols using a stored key. The key may be generated by a user credential entered at a first network station and may be stored in a profile in a memory of the first network station and used for authenticating with a second network station to establish a communications session with the second network station over a first network protocol. The key may then be retrieved from the profile for use in authenticating with the second network station and establishing a communications session with the second network station over a second network protocol.