Abstract: Techniques for application identification for phishing detection are disclosed. In some embodiments, a system/process/computer program product for application identification for phishing detection includes monitoring network activity associated with a session to detect a request to access a site; determining advanced application identification associated with the site; and identifying the site as a phishing site based on the advanced application identification.

Abstract: An exploit detector hooks functions of a WebAssembly engine API that include functions invoked when creating a WebAssembly instance, when permissibly modifying read-write-execute (RWX) memory allocated for a WebAssembly instance, and when calling an exported WebAssembly function. Upon invocation of the hooked instance creation function(s), the detector obtains an address of RWX memory allocated for the instance, reads data stored there, and records an association between the address and the data. If the hooked function(s) for permissibly modifying RWX memory is invoked, the detector updates the data stored in the recorded association with the modified data read from the RWX memory. Based on invocation of the hooked function(s) associated with WebAssembly export function calls, the detector reads the current data in the RWX memory to be executed and compares this data to the data recorded in association with the address. If the actual and expected data differ, the detector detects a browser exploit.

Abstract: A delay device and a delay control method are provided. The delay device includes at least one current-controlled delay group and at least one switch. The at least one current-controlled delay group is coupled to a transmission wire, each of the at least one current-controlled delay group includes at least one current-controlled delayer, and each of the at least one current-controlled delayer provides a delay according to a control voltage. The at least one switch is coupled between the at least one current-controlled delay group and the transmission wire, and each of the at least one switch is turned on or off according to a bit of an enable signal applied thereto. In the disclosure, the generated delay can be dynamically adjusted and cannot be affected by parasitic capacitance.

Abstract: Detection of malicious JavaScript based on automated user interaction emulation is disclosed. A malware sample is executed in an instrumented virtual environment. Dynamic behavior is triggered based on emulated user interactions.

Abstract: A method includes receiving a light beam propagating along an optical path and operating a polarization rotator in a first state to produce an input right-hand circularly polarized beam or in a second state to produce an input left-hand circularly polarized beam. The method also includes converting, using a first diffractive element, the input right-hand circularly polarized beam into an intermediate left-hand circularly polarized beam or converting, using the first diffractive element, the input left-hand circularly polarized beam into an intermediate right-hand circularly polarized beam. The method also includes converting, using a second diffractive element, the intermediate left-hand circularly polarized beam into a right-hand circularly polarized output beam or converting, using the second diffractive element, the intermediate right-hand circularly polarized beam into a left-hand circularly polarized output beam.

Abstract: This application provides example encoding methods and example encoders. One example method includes performing bit truncation on a to-be-encoded block when a bit rate control condition is satisfied. A first cost value corresponding to the bit truncation can then be calculated. The to-be-encoded block can then be predicted to determine a prediction residual of the to-be-encoded block when the bit rate control condition is satisfied. A second cost value corresponding to the prediction can then be calculated based on the prediction residual. The first cost value can then be compared with the second cost value to determine an encoded bit.

Abstract: The application relates to the field of integrated circuit design and discloses a digital phase interpolator, comprising: a first delay unit, a pre-interpolating unit, a second delay unit, and a phase interpolating unit; wherein each interpolation branch comprises a pre-interpolating unit and a re-interpolating unit. For two input signals with preset phase differences, the digital phase interpolator performs two interpolation processes, one at the pre-interpolating unit and the other at the phase interpolating unit. This distributed quadratic interpolation reduces the task of the phase interpolation unit, helps to reduce the number of stages of the phase interpolating unit, reduces the input load, reduces the overall power consumption and the overall area, ensures the rationality of its own power consumption, and improves the linearity of phase interpolation to some extent.

Abstract: Various techniques for malicious pattern extraction via fuzzing are disclosed. In some embodiments, a system/process/computer program product for malicious pattern extraction via fuzzing includes receiving a malicious sample (e.g., the malicious sample can be an executable file, such as a binary, script, etc., or a file that includes content for inputting into an application, such as for an office productivity suite or another application); mutating the malicious sample using fuzzing; and generating a signature based on a critical path (e.g., a malware signature can be automatically generated by a cloud security service for detection of the malicious sample, and the cloud security service can distribute the malware signature to a plurality of firewalls and/or other security entities to subscribers of a security service).

Abstract: Inline detection of ransomware attacks using network traffic, such as server message block (SMB) traffic, is disclosed. A network communication between a client and a server is received. A determination is made, using the received network traffic, that a ransomware attack is being attempted against the server. In response to detecting the attempted ransomware attack, a remedial action is performed.

Abstract: This disclosure provides methods and apparatus for stimulating a well by using structural reactive material while perforating a well casing and well formation in a well at the same time. A structural reactive material member may be attached to a shaped charge to form a hybrid charge. A detonation signal may be transmitted to the one or more hybrid charges to detonate a main explosive in the shaped charges to generate a jet to perforate the well casing and the well formation, break apart the structural reactive material into reactive material particles, and propel the reactive material particles into the well formation for deflagration in the well formation to stimulate the well.

Abstract: The present application discloses a method, system, and computer system for detecting Return Oriented Programming (ROP) exploits. The method includes (i) intercepting, by one or more processors, a memory attribute change function for a sample; (ii) determining if a return address is associated with a shellcode address, and (iii) in response to determining that the return address is associated with the shellcode address, determining that the sample is an ROP exploit.

Abstract: The present disclosure provides a series of novel, water-soluble, sulfonate-based phosphorus ligand of formula (I) derived from a dihydrobenzo 1,3-oxaphosphole framework that has shown superior results for Suzuki coupling reactions for hindered substrates in aqueous media.

Abstract: This disclosure provides methods and apparatus for stimulating a well by using structural reactive material while perforating a well casing and well formation in a well at the same time. A structural reactive material member may be attached to a shaped charge to form a hybrid charge. A detonation signal may be transmitted to the one or more hybrid charges to detonate a main explosive in the shaped charges to generate a jet to perforate the well casing and the well formation, break apart the structural reactive material into reactive material particles, and propel the reactive material particles into the well formation for deflagration in the well formation to stimulate the well.

Abstract: Detection of malicious JavaScript based on automated user interaction emulation is disclosed. A malware sample is executed in an instrumented virtual environment. Dynamic behavior is triggered based on emulated user interactions.

Abstract: The present application discloses a method, system, and computer system for detecting malicious files. The method includes obtaining network traffic, pre-filtering the network traffic based at least in part on a first set of features for traffic reduction, and using a detection model in connection with determining whether the filtered network traffic comprises malicious traffic, the detection model being based at least in part on a second set of features for malware detection.

Abstract: The present application discloses a method, system, and computer system for detecting malicious SQL or command injection strings. The method includes obtaining an SQL or command injection string and determining whether the command injection string is malicious based at least in part on a machine learning model.

Abstract: Detection of malicious JavaScript based on automated user interaction emulation is disclosed. A malware sample is executed in an instrumented virtual environment. Dynamic behavior is triggered based on emulated user interactions.

Abstract: A delay device and a delay control method are provided. The delay device includes at least one current-controlled delay group and at least one switch. The at least one current-controlled delay group is coupled to a transmission wire, each of the at least one current-controlled delay group includes at least one current-controlled delayer, and each of the at least one current-controlled delayer provides a delay according to a control voltage. The at least one switch is coupled between the at least one current-controlled delay group and the transmission wire, and each of the at least one switch is turned on or off according to a bit of an enable signal applied thereto. In the disclosure, the generated delay can be dynamically adjusted and cannot be affected by parasitic capacitance.

Abstract: A welding device includes a welding torch having an electrode, an oscillation assembly having an oscillation shaft, and a connection member. The welding torch is affixed to the connection member at a first point and the oscillation shaft is affixed to the connection member at a second point. An extension of the axis of the oscillation shaft intersects with the axis of the welding torch at an intersection point. The distance from the intersection point to the tip of the electrode is less than a distance from the first point on the connection member to the tip of the electrode. During operation, the oscillation in the oscillation shaft is transferred through the connection member to the welding torch and causes pendulum type oscillations in the welding torch with the intersection point serving as the pivot point of the oscillation.

Abstract: Techniques for application identification for phishing detection are disclosed. In some embodiments, a system/process/computer program product for application identification for phishing detection includes monitoring network activity associated with a session to detect a request to access a site; determining advanced application identification associated with the site; and identifying the site as a phishing site based on the advanced application identification.