Abstract: One or more systems, devices, computer program products and/or computer-implemented methods of use provided herein relate to generating a security threat prediction. A system can comprise a memory that stores computer executable components, and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a prediction component that analyzes a public data graph model to generate a primary security threat determination, wherein the prediction component can further generate a secondary security threat prediction based on the primary security threat determination and on a proprietary data graph model, wherein the proprietary data graph model comprises proprietary security threat data from a source, and wherein the proprietary security threat data has been scrubbed of source-identifiers.

Abstract: An analyzer system inputs parameter values from trace files of a software application into an autoencoder. The analyzer system adjusts weights of the edges between nodes in the autoencoder until reconstruction errors in outputs are minimized. The analyzer system receives a selection of a parameter represented in an autoencoder. In response, the analyzer system identifies hidden layer nodes connected to an output node corresponding to the selected parameter and identifies other output nodes connected to the hidden layer nodes. The analyzer system retrieves weights assigned to edges between the hidden layer nodes and the other output nodes. The analyzer system calculates correlation values between the output node corresponding to the selected parameter and each of the other output nodes and outputs the correlation values. A user can use the correlation values to better direct the root cause analysis.

Abstract: Described are techniques for generating an adaptive data protocol for an IoT network having a plurality community networks of IoT devices. The techniques include determining a data synchronization policy associated with Internet of Things (IoT) devices contained in a plurality of community networks within an IoT network. The techniques further include determining a data sharing policy associated with the IoT devices in the IoT network. The techniques further include analyzing transactions of the data synchronization policy and the data sharing policy to identify transactional inefficiencies in the data synchronization policy and the data sharing policy. The techniques further include generating an adaptive data protocol to increase transactional efficiency within the IoT network based on the analyzing of the data synchronization policy and the data sharing policy.

Abstract: Electronic communication privacy verification is provided. An electronic communication associated with a set of addresses is received. The electronic communication is analyzed using an artificial intelligence model to classify a purpose for the electronic communication. Using an authorization database, it is determined whether each address in the set of addresses has been authorized for communication for the classified purpose. In response to determining at least one address has not been authorized for communication for the classified purpose, a sender of the electronic communication is prompted to remove the at least one address.

Abstract: An embodiment for determining presentation content effectiveness using attraction modeling is provided. The embodiment may include receiving presentation content from a meeting host during on online collaborative meeting. The embodiment may also include capturing one or more actions of one or more users during a display of the presentation content to the one or more users. The embodiment may further include creating an audience attention model. The embodiment may also include in response to determining at least one user is distracted from the presentation content, modifying the display of the presentation content for each distracted user in accordance with one or more characteristics associated with each distracted user. The embodiment may further include categorizing the one or more users into one or more groups. The embodiment may also include providing visual feedback to the meeting host.

Abstract: In an approach to efficient concurrent TLS data streams, a parent connection is established by performing a normal TLS handshake. A concurrent mode of operation is negotiated, where one or more child connections are established without using the TLS handshake. The one or more child connections are associated to the parent connection. Child application traffic secrets are derived for each child connection of the one or more child connections from application traffic secrets of the parent.

Abstract: A method, a computer program product, and a system for binding post-quantum certificates to traditional certificates. The method includes selecting a traditional certificate in a certificate chain owned by an owner. The method also includes calculating a fingerprint of the traditional certificate. The method further includes generating a post-quantum certificate with identical information fields as the traditional certificate, and populating a serial number of the post-quantum certificate using the fingerprint. The post-quantum certificate acts as an extension of the first traditional certificate providing authentication and validation between a client and a server using post-quantum capable signing algorithms.

Abstract: A computer system determines stack usage. An intercept function is executed to store a stack marker in a stack, wherein the intercept function is invoked when a program enters or exits each function of a plurality of functions of the program. A plurality of stack markers are identified in the stack and a memory address is determined for each stack marker during execution of the program to obtain a plurality of memory addresses. The plurality of memory addresses are analyzed to identify a particular memory address associated with a greatest stack depth. A stack usage of the program is determined based on the greatest stack depth. Embodiments of the present invention further include a method and program product for determining stack usage in substantially the same manner described above.

Abstract: Establishing secure communications by sending a server certificate message, the certificate message including a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm, the first certificate and second certificate bound to each other, signing a first message associated with client-server communications using a first private key, the first private key associated with the first certificate, signing a second message associated with the client-server communications using a second private key, the second private key associated with the second certificate, the second message including the signed first message, and sending a server certificate verify message, the server certificate verify message comprising the signed first message and the signed second message.

Abstract: A method, a computer program product, and a system for embedding a message in a random value. The method includes generating a random value and applying a hash function to the random value to produce a hash value. Starting with the hash value, the method further includes reapplying the hash function in an iterative or recursive manner, with a new hash value produced by the hash function acting as an initial value that is applied to the hash function for a next iteration, until a bit sequence representing a message is produced in a message hash value. The method further includes utilizing the message hash value as a new random value that can be used by an encryption algorithm.

Abstract: Before deployment, artifacts and/or binaries are generated by the process of compilation from source code files are double signed with signatures. Immediately before deployment, a copy of the artifacts and/or binaries is made for the planned deployment and the double signed signatures are checked to ensure source code integrity and security.

Abstract: In an approach for securing data, a processor publishes a traditional public key in a traditional certificate and a PQC public key in a PQC certificate. A processor encrypts data with a hybrid shared secret, the hybrid shared secret generated with a key derivation function by using a traditional shared secret based on the traditional public key and a PQC shared secret based on the PQC public key. A processor decrypts the data with the hybrid shared secret based on a traditional private key and a PQC private key. A processor signs the data with a traditional signature followed by a PQC signature.

Abstract: Establishing a transfer mode between devices for large bulk records over a TLS protocol by fragmenting an encrypted bulk record into a set of pre-defined block sizes for convenient transfer. The pre-defined block sizes are specifically sized to indicate a beginning and an end of the transfer of the associated blocks making up the large bulk record. A middle box is unaware of the association between the blocks and permits transfer according to the maximum transmission unit of the TLS protocol. The fragmented bulk record is reconstructed and decrypted for use after the transfer.

Abstract: In an approach to efficient concurrent TLS data streams, a parent connection is established by performing a normal TLS handshake. A concurrent mode of operation is negotiated, where one or more child connections are established without using the TLS handshake. The one or more child connections are associated to the parent connection. Child application traffic secrets are derived for each child connection of the one or more child connections from application traffic secrets of the parent.

Abstract: An operator uses a handheld fastening tool to fasten a surface-mount technology printed-circuit board (PCB) to an adjacent object by installing a fastener at a target location on the PCB. The operator wears augmented-reality (AR) eyewear equipped with image-recognition technology. The system identifies the distance between the target location and the nearest electronic component mounted to the PCB. An accelerometer integrated into the fastening tool continuously monitors the inclination of the tool and the frequency of operator hand movements while holding the tool. The distance, inclination, and movement measurements are used to derive a composite score indicating a likelihood that the current fastening task will be completed successfully without damage. The eyewear represents the score to the operator as a color-coded AR object. The measurements, scores, and color coding are continuously updated to give the operator real-time feedback about the operator's current likelihood of success.

Abstract: A computer system determines stack usage. An intercept function is executed to store a stack marker in a stack, wherein the intercept function is invoked when a program enters or exits each function of a plurality of functions of the program. A plurality of stack markers are identified in the stack and a memory address is determined for each stack marker during execution of the program to obtain a plurality of memory addresses. The plurality of memory addresses are analyzed to identify a particular memory address associated with a greatest stack depth. A stack usage of the program is determined based on the greatest stack depth. Embodiments of the present invention further include a method and program product for determining stack usage in substantially the same manner described above.

Abstract: Provided is a method, a computer program product, and a system for providing perfect forward secrecy in virtual machines. The method includes receiving a secure memory allocation function from an application, including a connection secret to be stored in memory. The method further includes allocating memory for the connection secret according to the memory size parameter and storing an entry relating to the connection secret in a secure database. The memory information includes a memory location and a memory size of the memory. The method also includes monitoring an operation state relating to the virtual machine. The method further includes receiving, from the application, a secure deallocation function relating to the connection secret and retrieving the memory information from the secure database. The method also includes deleting the connection from the memory and sanitizing the memory location logged by the memory information.

Abstract: A computer-implemented method, computer system, and computer program product for generation of a password with increased password strength. Embodiments of the present invention may include receiving one or more alphanumeric characters. Embodiments of the present invention may include receiving one or more images. Embodiments of the present invention may include hashing the received one or more images. Embodiments of the present invention may include hashing the one or more alphanumeric characters and the hashed one or more images to generate the password. Embodiments of the present invention may include replacing the one or more alphanumeric characters with the one or more images and sending the generated password to a server. Embodiments of the present invention may include sequencing the one or more images between the one or more alphanumeric characters. The one or more images may be personal photos of a user.

Abstract: A method, a computer program product, and a system for removing padding oracles in encryption techniques. The method includes padding a plaintext message using a padding scheme producing a padded plaintext message. The method also includes encrypting the padded plaintext message using a block cipher generating an encrypted data block of fixed-size as well as a hash value. The method further includes randomly generating an ephemeral key and an initialization vector. The method also includes prepending the hash value, the ephemeral key, and the initialization vector to the encrypted data block. The method includes performing an encryption technique to the encrypted data block prepended with the hash value, the ephemeral key, and the initialization vector.

Abstract: Extending the useful life of finite lifetime asymmetric cryptographic keys by referencing the number of uses of the keys in conjunction with or instead of the elapsed time since generation of the finite lifetime keys. By integrating asymmetric cryptographic keys into a limited use security scheme, the lifetime of finite lifetime asymmetric cryptographic keys is based on the practical risk of security breach during use rather than an arbitrary duration in which the keys are valid.