Abstract: Systems, apparatuses, methods, and computer readable mediums for utilizing smart components to monitor connected devices. In one embodiment, a system includes a computing device and a covering device which covers at least a portion of the computing device. The computing device includes one or more input/output (I/O) interfaces. The covering device may be a smart cover, a security screen protector, or other type of smart covering component. The covering device intercepts, via a first I/O interface, a signal generated by the computing device. The covering device analyzes the signal to determine if a security policy is being violated. The covering device performs a security action responsive to determining that a security policy is being violated. In one embodiment, the covering device covers a display of the computing device and the covering device utilizes photoresistor technology to read the display of the computing device on a pixel-by-pixel basis.

Abstract: Purchasing related activity that is executed on computing devices on a LAN is monitored. Information is identified concerning purchases of IoT devices on the LAN, based on the monitoring of the purchasing related activity. For example, a specific purchase of a specific device (or specific device type) can be identified, or identifying information concerning a purchased device can be inferred, based on monitored purchasing related activity. IoT devices are discovered on the LAN and identified. Identifying a discovered device can further comprise interrogating the discovered device, monitoring activities of the discovered device, and/or analyzing information concerning purchases of IoT devices on the LAN. Gleaned identifying information concerning a discovered device can be used to determine or disambiguate the device's identity.

Abstract: The disclosed computer-implemented method for storing information about transmission control protocol connections may include (1) configuring a server with a transmission control protocol stack that is an alternative to a default transmission control protocol stack of an operating system of the server, (2) receiving, at the server, a request to establish a transmission control protocol connection with the server, (3) routing the request through the alternative transmission control protocol stack instead of the default transmission control protocol stack, and (4) storing, at the server via the alternative transmission control protocol stack, connection information about the transmission control protocol connection that excludes at least one item of information that would be stored by the default transmission control protocol stack. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for analyzing emotional responses to online interactions may include (1) identifying an online interaction of a user, (2) detecting an emotional response of the user to the online interaction by monitoring one or more emotional indicators of the user during the online interaction and determining, based on an evaluation of the one or more emotional indicators, that the emotional response of the user is outside an expected range, and (3) performing a security action in response to determining that the user's emotional response is outside the expected range. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for using vehicles as information sources for knowledge-based authentication may include (1) identifying a vehicle belonging to a user who is attempting to authenticate with an identity-verification authority, (2) acquiring analytic information about the vehicle, (3) generating, by analyzing the analytic information about the vehicle, at least one authentication question, where the correct response to the authentication question requires knowledge about the vehicle, (4) presenting the authentication question to the user, and (5) authenticating the identity of the user based on the user responding correctly to the authentication question. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Techniques for detecting shared devices are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for detecting shared devices comprising receiving, using a shared computer detection component, information about a connection to a website from a user device, identifying, using the shared computer detection component, one or more characteristics associated with the connection from the user device, determining, in the event there is sufficient data based on the one or more characteristics associated with the connection from the user device, whether the user device is a shared device, and calculating a first responsive action in the event it is determined that the user device is a shared device.

Abstract: The disclosed computer-implemented method for mediating information requests may include (1) detecting, at the information-managing device, a request for the information-managing device to provide at least one element of personal information to a requesting device that is within physical proximity of the information-managing device, (2) evaluating, based at least in part on an attribute of the request, whether the request for the element of personal information is appropriate, and (3) performing a security action that responds to the request in a manner that is commensurate to the appropriateness of the request for the element of personal information. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for enforcing access-control policies may include (i) determining that a user is attempting to access a controlled device that is subject to an access-control policy, (ii) locating at least one additional device that is in physical proximity to the controlled device, (iii) acquiring context information from the additional device that provides information about the identity of the user, (iv) establishing the identity of the user based on the context information acquired from the additional device, and (v) enforcing the access-control policy based on the identity of the user. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for managing encryption keys for single-sign-on applications may include (1) receiving, from an identity service, notification of a request to access encrypted data on a cloud service, the notification including a session key for encrypting and decrypting a master key for decrypting cloud service keys, (2) deriving the master key, (3) decrypting, using the master key, a cloud service key for decrypting data on the cloud service, (4) storing the master key, encrypted using the session key, (5) receiving an additional notification of an additional request to access encrypted data on an additional cloud service, the notification including the session key, (6) without again obtaining the authentication element from the user, decrypting the master key, and (7) decrypting, using the master key, an additional cloud service key for decrypting data on the additional cloud service. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method for anonymous reputation requests is described. In one embodiment, the method includes calculating a full thumbprint of an object on a client machine, trimming one or more bits from the full thumbprint to generate a trimmed thumbprint, sending the trimmed thumbprint to a reputation server, and receiving a result from the reputation server regarding the trimmed thumbprint.

Abstract: A computer-implemented method for generating tripwire files may include (1) generating an initial tripwire file according to an initial tripwire generation calculation, the initial tripwire file configured such that modification of the initial tripwire file triggers investigation of a security breach, (2) generating a subsequent tripwire file according to a subsequent tripwire generation calculation, the subsequent tripwire generation calculation differing from the initial tripwire generation calculation along at least one dimension, (3) receiving automated feedback that indicates whether at least one of the initial tripwire file and the subsequent tripwire file failed to enable detection of a security threat, and (4) adjusting automatic generation of a third tripwire file based on the automated feedback indicating whether at least one of the initial tripwire file and the subsequent tripwire file failed to detect the security threat.

Abstract: A computer-implemented method for automatically generating passwords that comply with password restrictions may include (1) maintaining a database that stores password criteria for a plurality of websites, (2) determining that a user is accessing a website that requests creation of a password, (3) determining a set of password complexity rules for the website by querying the database that stores the password criteria, (4) using the set of password complexity rules to automatically generate the password for the website such that the password complies with the password criteria for the website, and (5) providing the password for use in the website that requested creation of the password. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for guiding users to network-enabled devices may include (i) monitoring network communications within a wireless network, (ii) determining, based on monitoring network communications transmitted over the wireless network that involve a network-enabled device connected to the wireless network, that an end user requires guidance to a physical location of the network-enabled device, (iii) deriving the physical location of the network-enabled device in three-dimensional space, and (iv) guiding, by a user interface, the end user to the physical location of the network-enabled device in three-dimensional space. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for providing kinship-based accessibility to securely stored data may include (1) identifying encrypted data that is encrypted with a first cryptographic key which was derived from heritable biometric information obtained from a first person, (2) receiving heritable biometric information obtained from a second person related to the first person within a predetermined degree, (3) generating a second cryptographic key based at least in part on the heritable biometric information obtained from the second person, and (4) decrypting the encrypted data that is encrypted with the first cryptographic key derived from the heritable biometric information obtained from the first person by using the second cryptographic key generated based at least in part on the heritable biometric information obtained from the second person. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for verifying authentication requests using IP addresses may include (i) collecting, by a computing system, data on IP address changes from a set of endpoint devices, (ii) creating, by the computing system using the data on IP address changes, a virtual IP address distance map based on a likelihood of change from at least one origin IP address to at least one destination IP address, (iii) automatically detecting, by the computing system, a change in an IP address of a client device, (iv) determining, by the computing system and based on the virtual IP address distance map, that the change in the IP address of the client device indicates that an authentication request from the client device is suspicious, and (v) performing, by the computing system, a security action to secure the client device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for detecting and addressing suspicious file restore activities may include (i) detecting a restore activity during which files are restored to a client device from a previously stored backup of the files, (ii) determining that a total number of the files restored during the restore activity exceeds a threshold number, and (iii) performing, based on the total number of the files exceeding the threshold number, a security action to protect the client device from a malicious threat associated with the restore activity. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for logging users out of online accounts may include (i) receiving, from a first computing device of a user, a request from the user to log into an online account hosted by an online platform, (ii) establishing, between the online platform and a second computing device of the user, a network session that both (a) verifies the identity of the user to the online platform and (b) at least partially disrupts the functionality of the second computing device, (iii) logging the user into the online account via the first computing device, (iv) detecting a request from the user to log out of the online account, and then (v) in response to the request to log out of the online account, (a) restoring full functionality of the second computing device by terminating the network session and (b) logging the user out of the online account.

Abstract: The disclosed computer-implemented method for authenticating users on touchscreen devices may include (i) detecting that the computing device is at an authentication step that requires valid authentication input from a user in order to authenticate the user to a service on the computing device, (ii) detecting that the computing device is physically oriented such that a touchscreen of the computing device is facing away from the user of the computing device, (iii) receiving input from the user via the touchscreen, (iv) determining that the input from the user comprises a mirrored version of the valid authentication input that is flipped along a vertical axis relative to the touchscreen, and (v) authenticating the user to the service in response to determining that the input comprises the mirrored version of the valid authentication input. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Systems and methods of administering computer activities based upon user emotional intelligence are provided. One method may include receiving a user request for a computer activity and sensing emotional context data associated with the user, such as voice stress analysis of use a communication, eye motion, pupil dilation, mood and stress changes, sporadic user movement, and video contexts indicating micro-expressions (i.e. anxiety, anger, amusement, and the like). The method may further include retrieving a policy associated with the requested computer activity and applying the sensed emotional context data to the policy. In response to policy permission, the system may enable full or restricted access to the requested computer activity based upon the sensed emotional context. In the alternative, in response to policy violation, the system may deny access to the computer activity. The system may solicit feedback such that parental or third party controls may be established using emotional intelligence.

Abstract: A first mobile device securely transmits selected verified attributes concerning the corresponding user to a second mobile device. The first device broadcasts verified, signed biometric information concerning its user, and the user's public key. The second device confirms the received broadcasted biometric information, based on sensor input. For example, sensors on the second device generate images of the first user, who is physically proximate, and information gleaned from the images is compared to broadcasted biometric information. In response to confirming the broadcasted biometric information, the second device transmits a request to establish a secure channel, and both devices generate a session key. The first device selects specific verified attributes to provide to the second device, based on context, policy and/or user directive. The first device then encrypts the attributes using the session key, and transmits them to the second device. The second device receives and decrypts the attributes.