Abstract: An applicator for applying fibers to a surface is described herein. The applicator includes a body having a first end and a second end. The first end has a first opening configured to couple to a container housing the fibers and to receive the fibers from the container. The second end has a second opening for dispensing the fibers from the body. The applicator also includes an air flow generating member for creating an air current for propelling the fibers through the second opening as the fibres pass along a pathway between the first opening and the second opening. The fibers are directed along the pathway from the first opening towards the second opening and into the air current by gravity.

Abstract: There is provided a surgical instrument for navigated surgeries and systems and methods using such a surgical instrument. The surgical tool comprises a tip; a tool interface, separate from the tip; and an optically trackable target. The tip is configured to probe positions in a space and identify the positions using optical information from the optically trackable target. The tool interface is configured to mate with a surgical tool such that the optical trackable target then provides optical information with which to determine positional information for the surgical tool in the space. In one example, the system provides navigational information during surgery using the surgical instrument, namely, a single integrated tracker instrument with two or more mechanical interfaces for coupling the tracker instrument with anatomical features and/or surgical tools.

Abstract: There is provided a surgical instrument for navigated surgeries and systems and methods using such a surgical instrument. The surgical tool comprises a tip; a tool interface, separate from the tip; and an optically trackable target. The tip is configured to probe positions in a space and identify the positions using optical information from the optically trackable target. The tool interface is configured to mate with a surgical tool such that the optical trackable target then provides optical information with which to determine positional information for the surgical tool in the space. In one example, the system provides navigational information during surgery using the surgical instrument, namely, a single integrated tracker instrument with two or more mechanical interfaces for coupling the tracker instrument with anatomical features and/or surgical tools.

Abstract: There is provided a surgical instrument for navigated surgeries and systems and methods using such a surgical instrument. The surgical tool comprises a tip; a tool interface, separate from the tip; and an optically trackable target. The tip is configured to probe positions in a space and identify the positions using optical information from the optically trackable target. The tool interface is configured to mate with a surgical tool such that the optical trackable target then provides optical information with which to determine positional information for the surgical tool in the space. In one example, the system provides navigational information during surgery using the surgical instrument, namely, a single integrated tracker instrument with two or more mechanical interfaces for coupling the tracker instrument with anatomical features and/or surgical tools.

Abstract: Methods and apparatus are provided for private set membership using aggregation for reduced communications. A determination is made as to whether at least one data element of a client is in a data set of a server by: obtaining a transformation of the at least one data element; receiving a response from the server based on the transformation of the at least one data element, wherein the transformation comprises one or more of a Bloom filter-based transformation that employs a Bloom filter comprising a plurality of hash functions and an encryption-based transformation; and determining whether the at least one data element is in the data set based on the response, wherein one or more of the response and the determining is based on a result of at least one aggregation of a plurality of values that depend on the at least one data element and one or more items in the data set.

Abstract: An applicator for applying fibers to a surface is described herein. The applicator includes a body having a first end and a second end. The first end has a first opening configured to couple to a container housing the fibers and to receive the fibers from the container. The second end has a second opening for dispensing the fibers from the body. The applicator also includes an air flow generating member for creating an air current for propelling the fibers through the second opening as the fibres pass along a pathway between the first opening and the second opening. The fibers are directed along the pathway from the first opening towards the second opening and into the air current by gravity.

Abstract: There is provided a surgical instrument for navigated surgeries and systems and methods using such a surgical instrument. The surgical tool comprises a tip; a tool interface, separate from the tip; and an optically trackable target. The tip is configured to probe positions in a space and identify the positions using optical information from the optically trackable target. The tool interface is configured to mate with a surgical tool such that the optical trackable target then provides optical information with which to determine positional information for the surgical tool in the space. In one example, the system provides navigational information during surgery using the surgical instrument, namely, a single integrated tracker instrument with two or more mechanical interfaces for coupling the tracker instrument with anatomical features and/or surgical tools.

Abstract: Techniques of controlling access to a resource involve selecting an authentication scheme for authenticating a user based on an environmental context in which the user is requesting access to the resource. Along these lines, the access control server receives application usage data from a user and separates the data into current environmental factors and current usage factors. In response, the access control server compares the current environmental factors to expected environmental factors for each of multiple predefined environmental contexts. Based on measures of closeness between the current and expected environmental factors, the access control server computes a familiarity score indicative of whether the request to access the resource is recognizable within the particular environmental context.

Abstract: There are disclosed techniques for use in detecting malicious websites. In at least one embodiment, there is disclosed a technique for generating a profile in connection with a website. The profile comprising at least one attribute associated with the website. The technique also comprises collecting information relating to the website during a visit to the website. The technique further comprises detecting a change in connection with the website. The detection of the change comprises identifying a variation between the generated profile and the collected information.

Abstract: Methods, apparatus and articles of manufacture for behavioral detection of suspicious host activities in an enterprise are provided herein. A method includes processing log data derived from one or more data sources associated with an enterprise network over a given period of time, wherein the enterprise network comprises multiple host devices; extracting one or more features from said log data on a per host device basis, wherein said extracting comprises: determining a pattern of behavior associated with the multiple host devices based on said processing; and identifying said features representative of host device behavior based on the determined pattern of behavior; clustering the multiple host devices into one or more groups based on said one or more features; and identifying a behavioral anomaly associated with one of the multiple host devices by comparing said host device to the one or more groups across the multiple host devices.

Abstract: Methods, apparatus and articles of manufacture for detecting suspicious web traffic are provided herein. A method includes generating a database comprising information corresponding to each of multiple connections between one or more destinations external to an enterprise network and one or more hosts within the enterprise network, wherein said multiple connections occur over a given period of time; processing multiple additional connections between one or more destinations external to the enterprise network and one or more hosts within the enterprise network with one or more filtering operations to produce one or more filtered connections, wherein said multiple additional connections occur subsequent to said given period of time; and analyzing said filtered connections against the database to identify a connection to a destination external to the enterprise network that is not included in the information in the database.

Abstract: Time correction records are created for correcting timestamps of network logs to identify timing of network events in a predetermined time reference frame, the network logs being created by logging devices generating the timestamps in device time reference frames. For each logging device, one or more network events are generated or identified at respective event times in the predetermined time reference frame, each network event having a corresponding event-related network log from the logging device and a respective timestamp in a device time reference frame. For each network event, a respective difference value is calculated as a difference between the event time and a respective timestamp from a network log. For each logging device, a selection function is applied to the difference values to calculate a correction value, and the correction value is stored along with an identifier of the logging device in a time correction record.

Abstract: A threat detection system for detecting threat activity in a protected computer system includes anomaly sensors of distinct types including user-activity sensors, host-activity sensors and application-activity sensors. Each sensor builds a history of pertinent activity over a training period, and during a subsequent detection period the sensor compares current activity to the history to detect new activity. The new activity is identified in respective sensor output. A set of correlators of distinct types are used that correspond to different stages of threat activity according to modeled threat behavior. Each correlator receives output of one or more different-type sensors and applies logical and/or temporal testing to detect activity patterns of the different stages. The results of the logical and/or temporal testing are used to generate alert outputs for a human or machine user.

Abstract: Methods, apparatus and articles of manufacture for modeling user working time using authentication events within an enterprise network are provided herein. A method includes collecting multiple instances of activity within an enterprise network over a specified period of time, wherein said multiple instances of activity are attributed to a given device; creating a model based on said collected instances of activity, wherein said model comprises a temporal pattern of activity within the enterprise network associated with the given device; and generating an alert upon detecting an instance of activity within the enterprise network associated with the given device that is (i) inconsistent with the temporal pattern of the model and (ii) in violation of one or more security parameters.

Abstract: There is disclosed a method for use in credential recovery. In one exemplary embodiment, the method comprises determining a policy that requires at least one trusted entity to verify the identity of a first entity in order to facilitate credential recovery. The method also comprises receiving at least one communication that confirms verification of the identity of the first entity by at least one trusted entity. The method further comprises permitting credential recovery based on the received verification.

Abstract: Methods, apparatus and articles of manufacture for identifying suspicious user logins in enterprise networks are provided herein. A method includes processing log data derived from one or more data sources associated with an enterprise network, wherein the enterprise network comprises multiple hosts; generating a set of profiles, wherein the set comprises a profile corresponding to each of multiple users and a profile corresponding to each of the multiple hosts, wherein each profile comprises one or more login patterns based on historical login information derived from said log data; and analyzing a login instance within the enterprise network against the set of profiles.

Abstract: There is disclosed a method for use in credential recovery. In one exemplary embodiment, the method comprises determining a policy that requires at least one trusted entity to verify the identity of a first entity in order to facilitate credential recovery. The method also comprises receiving at least one communication that confirms verification of the identity of the first entity by at least one trusted entity. The method further comprises permitting credential recovery based on the received verification.

Abstract: Methods, apparatus and articles of manufacture for detecting suspicious web traffic are provided herein. A method includes generating a database comprising information corresponding to each of multiple connections between one or more destinations external to an enterprise network and one or more hosts within the enterprise network, wherein said multiple connections occur over a given period of time; processing multiple additional connections between one or more destinations external to the enterprise network and one or more hosts within the enterprise network with one or more filtering operations to produce one or more filtered connections, wherein said multiple additional connections occur subsequent to said given period of time; and analyzing said filtered connections against the database to identify a connection to a destination external to the enterprise network that is not included in the information in the database.

Abstract: A client device or other processing device comprises a file encoding module, with the file encoding module being configured to separate a file into a plurality of sets of file blocks, to assign sets of the file blocks to respective ones of a plurality of servers, to define a plurality of parity groups each comprising a different subset of the plurality of servers, to assign, for each of the servers, each of its file blocks to at least one of the defined parity groups, and to compute one or more parity blocks for each of the parity groups. The file blocks are stored on their associated servers, and the parity blocks computed for each of the parity groups are stored on respective ones of the servers other than those within that parity group. Such an arrangement advantageously ensures that only a limited number of parity block recomputations are required in response to file block updates.

Abstract: A technique controls access to a file. The technique involves creating a file encryption key based on (i) a user input parameter (e.g., a user password) from a user of the client device and (ii) an automatically generated salt parameter (e.g., a random number). The technique further involves encrypting the file using the file encryption key to form an encrypted copy of the file, and providing the salt parameter to an external storage system to externally store the salt parameter. Access to data within the encrypted copy of the file requires the salt parameter provided to the external storage system.