Abstract: A computer-implemented method, a computer system, and computer program product for associating security events. The method includes obtaining a result of implementation of one or more Locality-Sensitive Hashing (LSH) functions to feature data of a first event detected by a first device. The method also includes mapping the result to one or more positions in a data structure. In response to data elements of the one or more positions indicating first information associating with the one or more positions exists in a storage, the method includes obtaining the first information from the storage. The method further includes sending the first information to the first device.

Abstract: A computer-implemented method, a computer system, and computer program product for associating security events. The method includes obtaining a result of implementation of one or more Locality-Sensitive Hashing (LSH) functions to feature data of a first event detected by a first device. The method also includes mapping the result to one or more positions in a data structure. In response to data elements of the one or more positions indicating first information associating with the one or more positions exists in a storage, the method includes obtaining the first information from the storage. The method further includes sending the first information to the first device.

Abstract: Embodiments of the present invention relate to a method, system and computer program product for compacting data in a distributed storage system. According to the method, a query request is received from a client, wherein the query request comprises information of a previous query request of the client. A first query result of the query request and a second query result of the previous query request are retrieved. A delta data and a first indicator are sent to the client in response to the first query result being different from the second query result, wherein the delta data is the data of the first query result excluding the data comprised in both first and second query results, and the first indicator indicates the data comprised in both the first and the second query results.

Abstract: Embodiments of the present invention relate to a method, system and computer program product for compacting data in a distributed storage system. According to the method, a query request is received from a client, wherein the query request comprises information of a previous query request of the client. A first query result of the query request and a second query result of the previous query request are retrieved. A delta data and a first indicator are sent to the client in response to the first query result being different from the second query result, wherein the delta data is the data of the first query result excluding the data comprised in both first and second query results, and the first indicator indicates the data comprised in both the first and the second query results.

Abstract: Establishing Transport Layer Security/Secure Sockets Layer (TLS/SSL) sessions with destination servers for Internet of Things (IoT) devices is provided. A request is sent to establish a TLS/SSL session with a target destination server in a set of destination servers using destination server information related to a particular IoT device in a plurality of IoT devices. A TLS/SSL session is established with the target destination server corresponding to the particular IoT device. TLS/SSL session credential information is received for the particular IoT device from the target destination server. The TLS/SSL session credential information for the particular IoT device is saved in a session credential information table. The TLS/SSL session is suspended with the target destination server corresponding to the particular IoT device.

Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.

Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.

Abstract: Establishing Transport Layer Security/Secure Sockets Layer (TLS/SSL) sessions with destination servers for Internet of Things (IoT) devices is provided. A request is sent to establish a TLS/SSL session with a target destination server in a set of destination servers using destination server information related to a particular IoT device in a plurality of IoT devices. A TLS/SSL session is established with the target destination server corresponding to the particular IoT device. TLS/SSL session credential information is received for the particular IoT device from the target destination server. The TLS/SSL session credential information for the particular IoT device is saved in a session credential information table. The TLS/SSL session is suspended with the target destination server corresponding to the particular IoT device.

Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.

Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.

Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.

Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.

Abstract: A method for implementing an Internet of Things security appliance is presented. The method may include intercepting a data packet sent from a server to a client computing device. The method may include performing a security check on the data packet using security modules. The method may include determining the data packet is not malicious based on the security check. The method may include determining a shadow tester to test the data packet based on a type associated with the client computing device. The method may include creating a virtualization environment of the client computing device using the shadow tester. The method may include analyzing behaviors associated with the data packet within the virtualization environment using detection modules. The method may include determining the behaviors do not violate a behavior policy associated with the client computing device. The method may include transmitting the data packet to the client computing device.

Abstract: A method for providing a transparent asynchronous network flow exchange is provided. The method may include receiving a query request from a requester, whereby the received query request is associated with a network packet. The method may also include determining if the network packet contains a plurality of defined signatures. The method may further include in response to determining that the network packet contains a plurality of defined signatures, authenticating a plurality of information associated with the network packet. The method may additionally include determining a plurality of flow related security information associated with the network packet based on the authentication of the plurality of information. The method may include sending the determined plurality of flow related security information to the requester.