Abstract: A technique for detecting malware involves loading known malware information, finding a string in the known malware information, saving the string in a first database, identifying a first contiguous string block from the known malware information, assigning a confidence indicator to the first contiguous string block, attempting to find the first contiguous string block in a second database containing one or more contiguous string blocks extracted from known malware, and responsive to a determination the first contiguous string block meets a predetermined threshold of similarity with a second contiguous string block contained in the second database, labelling the first contiguous string block.

Abstract: A method, a computer-readable medium, and a device for dynamically identifying criticality of services and data sources. The computer-readable medium comprising instructions which, when executed, cause a programmable device to: determine, based on a plurality of service-related metrics from a network node, upstream network nodes and downstream network nodes in a network; query the upstream network nodes and the downstream network nodes with a multicast request for an additional plurality of service-related metrics; extrapolate a current network topology based on the plurality of service-related metrics and the additional plurality of service-related metrics; determine whether or not an upstream backup server is present for the network node; determine a set of critical service delivery points in the network based on the determination of the upstream backup server; and generate a network service alert responsive to a service interruption from the set of critical service delivery points.

Abstract: Managing authentication of a child device includes receiving, by a host device, sensor data from a child device, deriving simplified authentication data from the sensor data based on a capability of the child device, storing the simplified authentication data in an authentication profile for the child device, and transmitting the simplified authentication data to the child device, wherein the simplified authentication data is sufficient to allow the child device to authenticate a user without the host device.

Abstract: A method, a computer-readable medium, and a device for dynamically identifying criticality of services and data sources. Service-related metrics are received from all IoT network elements in a network. The service-related metrics are parsed to extrapolate a network topology. From the topology, a set of critical service delivery points are determined based on data extracted from the service-related metrics. The critical service delivery points may be monitored for service interruptions and alerts may be generated in response to interruptions. Additionally the extrapolated network topology may be compared to a previously recorded topology of the network, and based on the delta, alerts may be generated when the delta meets a threshold.

Abstract: A method, a computer-readable medium, and a device for dynamically identifying criticality of services and data sources. The computer-readable medium comprising instructions which, when executed, cause a programmable device to: determine, based on a plurality of service-related metrics from a network node, upstream network nodes and downstream network nodes in a network; query the upstream network nodes and the downstream network nodes with a multicast request for an additional plurality of service-related metrics; extrapolate a current network topology based on the plurality of service-related metrics and the additional plurality of service-related metrics; determine whether or not an upstream backup server is present for the network node; determine a set of critical service delivery points in the network based on the determination of the upstream backup server; and generate a network service alert responsive to a service interruption from the set of critical service delivery points.

Abstract: A technique for detecting malware looks at startup hooks that may be created by malware to assist in ensuring that the malware is started upon a reboot of a programmable device. After enumerating startup hooks in the system, startup hooks associated with untrusted executables are deleted. If the startup hook is restored, that is an indication that the untrusted executable may be malware. An indication may then be passed to an anti-malware software to analyze the executable further.

Abstract: Provided herein are antibodies that bind to neuraminidase (NA) of different strains of influenza B virus, host cells for producing such antibodies, and kits comprising such antibodies. Also provided herein are compositions comprising antibodies that bind to NA of different strains of influenza B virus and methods of using such antibodies to diagnose, prevent or treat influenza virus disease.

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a graphics processor; and a graphics driver to facilitate access to the graphics processor, the graphics driver including: an authenticator to establish a trusted channel between the graphics driver and an application driver via mutual authentication of the graphics driver and the application driver; an offloader to offload a computing task to the graphics processor via the trusted channel, the computing task associated with the application driver; and a hypervisor to monitor memory associated with the offloaded computing task for an unauthorized access attempt.

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.

Abstract: Managing authentication of a child device includes receiving, by a host device, sensor data from a child device, deriving simplified authentication data from the sensor data based on a capability of the child device, storing the simplified authentication data in an authentication profile for the child device, and transmitting the simplified authentication data to the child device, wherein the simplified authentication data is sufficient to allow the child device to authenticate a user without the host device.

Abstract: A technique for detecting malware looks at startup hooks that may be created by malware to assist in ensuring that the malware is started upon a reboot of a programmable device. After enumerating startup hooks in the system, startup hooks associated with untrusted executables are deleted. If the startup hook is restored, that is an indication that the untrusted executable may be malware. An indication may then be passed to an anti-malware software to analyze the executable further.

Abstract: Managing authentication of a child device includes receiving, by a host device, sensor data from a child device, deriving simplified authentication data from the sensor data based on a capability of the child device, storing the simplified authentication data in an authentication profile for the child device, and transmitting the simplified authentication data to the child device, wherein the simplified authentication data is sufficient to allow the child device to authenticate a user without the host device.

Abstract: A technique for detecting malware involved loading known malware information, finding a string in the known malware information, saving the string in a first database, identifying a first contiguous string block from the known malware information, assigning a confidence indicator to the first contiguous string block, attempting to find the first contiguous string block in a second database containing one or more contiguous string blocks extracted from known malware, and labelling the first contiguous string block, responsive to a determination the first contiguous string block meets a predetermined threshold of similarity with a second contiguous string block contained in the second database.

Abstract: A request is received from a security tool, the request relating to an event involving data records in a storage device. An application programming interface (API) is used to interface with secure storage functionality of the storage device, the secure storage functionality enabling a set of secure storage operations. A security operation is caused to be performed at the storage device involving the data records based at least in part on the request. In one aspect, the set of secure storage operations can include a direct read operation, a direct write operation, a copy-on-write operation, and a save-attempted-write operation.

Abstract: A technique for detecting malware looks at startup hooks that may be created by malware to assist in ensuring that the malware is started upon a reboot of a programmable device. After enumerating startup hooks in the system, startup hooks associated with untrusted executables are deleted. If the startup hook is restored, that is an indication that the untrusted executable may be malware. An indication may then be passed to an anti-malware software to analyze the executable further.

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.

Abstract: A technique for detecting malware looks at startup hooks that may be created by malware to assist in ensuring that the malware is started upon a reboot of a programmable device. After enumerating startup hooks in the system, startup hooks associated with untrusted executables are deleted. If the startup hook is restored, that is an indication that the untrusted executable may be malware. An indication may then be passed to an anti-malware software to analyze the executable further.

Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.

Abstract: Pairing two devices includes detecting, by a first device, a trigger event that indicates that a second device is within a predetermined proximity, obtaining a first time stamp indicating a time of the trigger event as recorded by the first device, determining whether a difference between the first time stamp and a second time stamp satisfy a predetermine threshold, where the second time stamp indicates a time of the trigger event as recorded by the second device, and in response to determining that the difference between the first time stamp and the second time stamp satisfies the predetermined threshold, allowing the first device to pair with the second device.