Abstract: A dishwashing apparatus may include a sump. The sump may include a sump pan configured to couple with a wash chamber of the dishwashing apparatus. The sump may include a sump well coupled to the sump pan and configured to collect the liquid from the sump pan. The sump well may include a well inlet in communication with the sump pan. The sump pan may convey the liquid to the well inlet. A recirculation port extending through a first wall of the sump well. A drain port may extend through a second wall of the sump well. The second wall defines a bottom of the sump well. The dishwashing apparatus may include a controller. The controller may monitor electrical characteristics of a pump. The controller may provide a notification if fluid is not flowing through the pump.

Abstract: A dishwashing apparatus may include a sump. The sump may include a sump pan configured to couple with a wash chamber of the dishwashing apparatus. The sump may include a sump well coupled to the sump pan and configured to collect the liquid from the sump pan. The sump well may include a well inlet in communication with the sump pan. The sump pan may convey the liquid to the well inlet. A recirculation port extending through a first wall of the sump well. A drain port may extend through a second wall of the sump well. The second wall defines a bottom of the sump well. The dishwashing apparatus may include a controller. The controller may monitor electrical characteristics of a pump. The controller may provide a notification if fluid is not flowing through the pump.

Abstract: A dishwashing apparatus may include a sump. The sump may include a sump pan configured to couple with a wash chamber of the dishwashing apparatus. The sump may include a sump well coupled to the sump pan and configured to collect the liquid from the sump pan. The sump well may include a well inlet in communication with the sump pan. The sump pan may convey the liquid to the well inlet. A recirculation port extending through a first wall of the sump well. A drain port may extend through a second wall of the sump well. The second wall defines a bottom of the sump well. The dishwashing apparatus may include a controller. The controller may monitor electrical characteristics of a pump. The controller may provide a notification if fluid is not flowing through the pump.

Abstract: A dishwashing apparatus may include a sump. The sump may include a sump pan configured to couple with a wash chamber of the dishwashing apparatus. The sump may include a sump well coupled to the sump pan and configured to collect the liquid from the sump pan. The sump well may include a well inlet in communication with the sump pan. The sump pan may convey the liquid to the well inlet. A recirculation port extending through a first wall of the sump well. A drain port may extend through a second wall of the sump well. The second wall defines a bottom of the sump well. The dishwashing apparatus may include a controller. The controller may monitor electrical characteristics of a pump. The controller may provide a notification if fluid is not flowing through the pump.

Abstract: A dishwashing apparatus may include a sump. The sump may include a sump pan configured to couple with a wash chamber of the dishwashing apparatus. The sump may include a sump well coupled to the sump pan and configured to collect the liquid from the sump pan. The sump well may include a well inlet in communication with the sump pan. The sump pan may convey the liquid to the well inlet. A recirculation port extending through a first wall of the sump well. A drain port may extend through a second wall of the sump well. The second wall defines a bottom of the sump well. The dishwashing apparatus may include a controller. The controller may monitor electrical characteristics of a pump. The controller may provide a notification if fluid is not flowing through the pump.

Abstract: The disclosed computer-implemented method for identifying malicious file droppers may include (1) detecting a malicious file on the computing device, (2) constructing an ordered list of files that resulted in the malicious file being on the computing device where the malicious file is the last file in the ordered list of files and each file in the ordered list of files placed the next file in the ordered list of files on the computing device, (3) determining that at least one file prior to the malicious file in the ordered list of files comprises a malicious file dropper, and (4) performing a security action in response to determining that the file prior to the malicious file in the ordered list of files comprises the malicious file dropper. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for performing application container introspection may include (1) identifying a request issued by an application launched from an application container, (2) determining that the request calls a function that facilitates transferring data between the application container and at least one external data source, and then in response to determining that the request calls the function, (3) directing the request to a function library that includes a custom version of the function that facilitates both (A) transferring, between the application container and the external data source, an encrypted version of the data that is unintelligible to an external application running outside the application container and (B) providing an unencrypted version of the data to the external application to enable the external application to inspect the data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for categorizing mobile devices as rooted may include (1) gathering a set of metadata describing a plurality of rooted mobile devices that have been modified to allow a user to alter protected systems and an additional set of metadata describing a plurality of unrooted mobile devices that have not been modified to allow the user to alter the protected systems, (2) comparing the set of metadata with the additional set of metadata to determine at least one feature that differentiates the rooted mobile devices from the unrooted mobile devices, (3) determining whether the feature is present in metadata that describes an uncategorized mobile device, and (4) categorizing the uncategorized mobile device as a rooted mobile device based on the presence of the feature in the metadata that describes the uncategorized mobile device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for generating device-specific security policies for applications may include (1) installing, onto a computing device, an application requested by the computing device, (2) while the application is running on the computing device, monitoring interactions between the application and a computing environment in which the computing device operates to identify (A) computing resources within the computing environment required by the application and (B) potential security concerns related to the application within the computing environment, and then (3) generating, based on the monitored interactions, a set of device-specific security policies to enforce for the application while the application runs on the computing device that allow the application to access the required computing resources while mitigating the potential security concerns. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A processor-based method to defeat file and process hiding techniques in a computing device is provided. The method includes generating one of a path permutation, a symlink, or an address, for a path to open or obtain status of a tool or function in a library in a mobile computing device and making an open or status call for the tool or function, using the one of the path permutation, symlink or address. The method includes avoiding a pattern match and blocking, by an injected library, of the open or status call, the avoiding being a result of making the open or status call using the path permutation, symlink or address.

Abstract: A computer-implemented method for evaluating electronic control units within vehicle emulations may include (1) connecting an actual electronic control unit for a vehicle to a vehicle bus that emulates network traffic rather than actual network traffic generated by operation of the vehicle, (2) manipulating input to the actual electronic control unit to test how safely the actual electronic control unit and the emulated electronic control unit respond to the manipulated input, (3) detecting an output from the actual electronic control unit that indicates a response, from the actual electronic control unit, to manipulating the input, and (4) evaluating a safety level of at least one of the actual electronic control unit and the emulated electronic control unit based on detecting the output from the actual electronic control unit. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for logging processes within containers may include (i) detecting creation of a new container that comprises a lightweight platform-independent filesystem capable of executing at least one process that is isolated from a host computing device that hosts the container, (ii) launching, within the new container, a monitoring process that maintains a log of events associated with a process that will be executing within the new container, (iii) recording to the log, by the monitoring process, data about at least one event associated with the process executing within the container, and (iv) exporting, by the monitoring process, the log to the host computing device that hosts the new container. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for enforcing secure software execution may include (1) providing at least one known benign input to an executable file that is susceptible to abnormal code execution, (2) observing a series of function calls made by the executable file as the executable file processes the known benign input, (3) storing the series of function calls as a control flow graph that represents known safe function call pathways for the executable file, and (4) forcing a subsequent execution of the executable file to follow the series of function calls stored in the control flow graph to protect the executable file against abnormal code execution. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The present disclosure relates to systems and methods based at least in part on managing electronic device configuration and/or features. In some embodiments, a method may include identifying a first configuration state at a first time; generating a virtual configuration state based at least in part on the first configuration state at the first time; determining a first modification to be made to the first configuration state based at least in part on a first characteristic of a first application; modifying the virtual configuration state based at least in part on the determined first modification; and/or modifying the first configuration state at a second time after the first time based at least in part on the determined first modification.

Abstract: A processor-based method to defeat file and process hiding techniques in a computing device is provided. The method includes generating one of a path permutation, a symlink, or an address, for a path to open or obtain status of a tool or function in a library in a mobile computing device and making an open or status call for the tool or function, using the one of the path permutation, symlink or address. The method includes avoiding a pattern match and blocking, by an injected library, of the open or status call, the avoiding being a result of making the open or status call using the path permutation, symlink or address.

Abstract: The disclosed computer-implemented method for detecting anomalous messages in automobile networks may include (1) receiving automobile-network messages that are expected to be broadcast over an automobile network of an automobile, (2) extracting a set of features from the automobile-network messages, and (3) using the set of features to create a model that is capable of distinguishing expected automobile-network messages from anomalous automobile-network messages. The disclosed computer-implemented method may further include (1) detecting an automobile-network message that has been broadcast over the automobile network, (2) using the model to determine that the automobile-network message is anomalous, and (3) performing a security action in response to determining that the automobile-network message is anomalous. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for detecting discrepancies in automobile-network data may include (1) receiving data that indicates at least one attribute of an automobile and that was conveyed via an automobile-network message that was purportedly broadcast over an automobile network of the automobile, (2) receiving additional data that indicates the same attribute of the automobile and that was not conveyed via any automobile-network message that was broadcast over the automobile network, (3) detecting a discrepancy between the data and the additional data, and (4) performing a security action in response to detecting the discrepancy between the data and the additional data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for estimating ages of network devices may include (1) identifying at least one networked device that may be attached to a network, (2) identifying a media access control address of the networked device, the media access control address comprising an organizational unique identifier, (3) querying an organizational-unique-identifier database with the organizational unique identifier and receiving, in response, device-age information relating to an estimated age of the networked device and (4) determining the estimated age of the networked device based at least in part on the device-age information. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for obscuring network services may include (1) identifying a local network comprising at least one client and at least one host, where the host provides a service that is not bound to any routable address on the local network and the client is expected to send messages to the service, (2) provisioning the client with a proxy that intercepts the messages directed to the service by the client, identifies the host that provides the service, and adds at least one layer of encryption to the messages, (3) configuring the proxy to route the messages through an onion routing network within the local network that comprises at least one onion routing node, and (4) configuring the onion routing network to remove the at least one layer of encryption from the messages before forwarding the messages. Various other methods, systems, and computer-readable media are also disclosed.