Abstract: A system includes calling to a first function, determination, in response to the call, of whether to execute a first version of the first function or a second version of the first function, execution of the first version of the first function if it is determined to execute the first version of the first function, and execution of the second version of the second function if it is determined to execute the second version of the first function, wherein the second version of the first function comprises a security-related features and the first version of the first function does not comprise the security-related feature.

Abstract: A system includes calling to a first function, determination, in response to the call, of whether to execute a first version of the first function or a second version of the first function, execution of the first version of the first function if it is determined to execute the first version of the first function, and execution of the second version of the second function if it is determined to execute the second version of the first function, wherein the second version of the first function comprises a security-related features and the first version of the first function does not comprise the security-related feature.

Abstract: Enhancing security achieved via encryption that is performed within an encryption device by combining entropy that is generated within the encryption device with additional entropy, that is generated external to the encryption device, into the generation of an encryption key. Prior to an encryption device utilizing a deterministic algorithm to generate the encryption key, multiple random numbers may be obtained from different entropy sources—at least one of which is internal to the encryption device and at least one of which is external to the encryption device. The encryption device combines the multiple random numbers into a combined entropy input that cannot be determined from either one of the random numbers alone. This combined entropy input is then utilized to generate the encryption key that is ultimately used to perform the device-internal encryption.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: Enhancing security achieved via encryption that is performed within an encryption device by combining entropy that is generated within the encryption device with additional entropy, that is generated external to the encryption device, into the generation of an encryption key. Prior to an encryption device utilizing a deterministic algorithm to generate the encryption key, multiple random numbers may be obtained from different entropy sources—at least one of which is internal to the encryption device and at least one of which is external to the encryption device. The encryption device combines the multiple random numbers into a combined entropy input that cannot be determined from either one of the random numbers alone. This combined entropy input is then utilized to generate the encryption key that is ultimately used to perform the device-internal encryption.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: A system includes calling to a first function, determination, in response to the call, of whether to execute a first version of the first function or a second version of the first function, execution of the first version of the first function if it is determined to execute the first version of the first function, and execution of the second version of the second function if it is determined to execute the second version of the first function, wherein the second version of the first function comprises a security-related features and the first version of the first function does not comprise the security-related feature.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: There is provided a system and a computer-implemented method of detecting malware in real time in a live environment. The method comprises: monitoring one or more operations of at least one program concurrently running in the live environment, building at least one stateful model in accordance with the one or more operations, analyzing the at least one stateful model to identify one or more behaviors, and determining the presence of malware based on the identified one or more behaviors.

Abstract: Disclosed are methods, devices, and media for enforcing network access control, the method including the steps of: extracting a packet signature from a packet (or packet fragment) received from a network; storing the packet signature and the packet in a buffer; computing a buffer signature using a per-endpoint secret key; determining whether the packet signature and the buffer signature are identical; and upon determining the packet signature and the buffer signature are identical, transmitting the packet to a protocol stack. Preferably, the step of extracting includes extracting the packet signature from a field (e.g. identification field) of a header of the packet. Preferably, the method further includes the step of: upon determining the packet signature and the buffer signature are not identical, discarding the packet. Methods for receiving a packet from a protocol stack, and transmitting the packet to a network are disclosed as well.

Abstract: Disclosed are methods, devices, and media for enforcing network access control, the method including the steps of: extracting a packet signature from a packet (or packet fragment) received from a network; storing the packet signature and the packet in a buffer; computing a buffer signature using a per-endpoint secret key; determining whether the packet signature and the buffer signature are identical; and upon determining the packet signature and the buffer signature are identical, transmitting the packet to a protocol stack. Preferably, the step of extracting includes extracting the packet signature from a field (e.g. identification field) of a header of the packet. Preferably, the method further includes the step of: upon determining the packet signature and the buffer signature are not identical, discarding the packet. Methods for receiving a packet from a protocol stack, and transmitting the packet to a network are disclosed as well.