Abstract: Existing policies enforced at or above an operating system (OS) layer of a device are obtained. Translation rules are stored that include data structure descriptions of conditions, corresponding actions performed when the conditions are satisfied, and attributes specified in the existing policies, and attributes of one or more layers below the OS layer that are relevant to policy enforcement in the one or more layers below the OS layer. The existing policies are parsed using the data structure descriptions to identify the conditions, corresponding actions, and attributes specified in the existing policies. New policies are generated that are consistent with the existing policies. The new policies include the identified attributes specified in the existing policies and the attributes relevant to policy enforcement in the one or more layers below the OS layer. The new policies are enforced in the one or more layers below the OS layer.

Abstract: Network level Moving Target Defense techniques are provided with substantially continuous access to protected applications. An exemplary method comprises identifying a first application listening to a first port or a first network address; notifying the first application to listen to a second port or a second network address; notifying at least one additional application that the first application is listening to the second port or the second network address; and notifying the first application to unlisten to the first port or the first network address, wherein the first application operates in a substantially continuous manner during a change from listening to one or more of the first port and the first network address and listening to one or more of the second port and the second network address. The first application can be a stateful application having persistent storage.

Abstract: An enterprise storage system and method detects the probability of encryption of data by comparing the level of randomness in the data to a set of increasing thresholds to determine the severity of encryption. Encryption exceeding a high predetermined threshold is determined to be due to ransomware. Upon determining the level of encryption, an appropriate action is taken based upon one or both of the policy of the enterprise or local governmental regulations as to encryption or non-encryption of data.

Abstract: Existing policies enforced at or above an operating system (OS) layer of a device are obtained. Translation rules are stored that include data structure descriptions of conditions, corresponding actions performed when the conditions are satisfied, and attributes specified in the existing policies, and attributes of one or more layers below the OS layer that are relevant to policy enforcement in the one or more layers below the OS layer. The existing policies are parsed using the data structure descriptions to identify the conditions, corresponding actions, and attributes specified in the existing policies. New policies are generated that are consistent with the existing policies. The new policies include the identified attributes specified in the existing policies and the attributes relevant to policy enforcement in the one or more layers below the OS layer. The new policies are enforced in the one or more layers below the OS layer.

Abstract: A tracing mechanism is provided for analyzing session-based attacks. An exemplary method comprises: detecting a potential attack associated with a session from a potential attacker based on predefined anomaly detection criteria; adding a tracing flag identifier to a response packet; sending a notification to a cloud provider of the potential attack, wherein the notification comprises the tracing flag identifier; and sending the response packet to the potential attacker, wherein, in response to receiving the response packet with the tracing flag identifier, the cloud provider: determines a source of the potential attack based on a destination of the response packet; forwards the response packet to the potential attacker based on the destination of the response packet; and monitors the determined source to evaluate the potential attack. The response packet is optionally delayed by a predefined time duration and/or until the cloud provider has acknowledged receipt of the notification.

Abstract: One example method includes bringing up a clone application in a validation environment, replaying recorded incoming network traffic to the clone application, obtaining a response of the clone application to the incoming network traffic, comparing the response of the clone application to recorded outgoing network traffic of the production application, and making a validation determination regarding the clone application, based on the comparison of the response of the clone application to recorded outgoing network traffic of the production application. When the clone application is not validated, the example method includes identifying and resolving a problem relating to the clone application.

Abstract: A cleaning device for cleaning a keyboard includes a cleaning surface and proximal and distal guide arms. The cleaning surface has a transverse width which is large enough to depress one key completely while at least partially depressing a second adjacent key. The longitudinal length of the cleaning surface is equal to the longitudinal length of character keys of the keyboard. The ends of the cleaning surface are curved. The guide arms are for guiding the cleaning surface transversely across the keyboard.

Abstract: A variable buoyancy amusement device for use in water includes a body having a water-impermeable outer surface and an internal volume. A relatively heavy lower portion of the body has a local density significantly greater than that of water so that the body tends to assume an upright orientation with the lower portion at the underside of the body. The body also features an internal cavity connected to the surface of the body by an upper aperture and a lower aperture. At least one of the apertures is selectively closeable so that, when the cavity contains air, the body floats on the water with the lower aperture submerged. When the aperture is opened, water enters the cavity through the lower aperture thereby reducing the buoyancy of the body and causing it to sink.

Abstract: An educational apparatus for teaching symbols, such as letters, words and numbers which includes a number of cards, each of which features a drawing and/or a word or other assembly of symbols, and a number of symbol blocks, such as letter blocks, each of which features a hollowed-out region representing a single letter, and a frame for holding one of the cards and several of letter blocks. The user can select a card, place the card on the frame, and proceed to select and place onto the frame the appropriate letter blocks to form the word represented on the card. If a sheet of paper is place below the frame, the user can proceed to stencil in the word. Furthermore, the user can fill in the letters with soft non-adhering pliable plastic putty, such as play dough or silly putty and the like, and/or to fill in the hollow letters with specially designed letter segments.

Abstract: A bathroom accessory includes a base member; suction cups on one face of the base member for removably mounting the accessory to a mounting surface, such as the wall of a shower or the wall of or adjacent to a bathtub; a plurality of projections projecting from the opposite face of the base member for massaging the back of user when the accessory is mounted to the mounting surface; and a flexible back-cleaning pad removably attached to cover the outer tips of at least some of the projections for cleaning the back of the user.