Abstract: A personal protection suit has a selectively sealable hood (1) for protection against CBRN threats. In one series of embodiments, the hood (1) is separable from a jacket body (5) by a releasable attachment means (11), and has a mask hood seal (2) for sealing with a mask. In one series of embodiments the hood (1A) has a deployable face mask (60) stored within the hood (1A). The hood (1) can be removed without breaking the seal between the mask and mask hood seal (2) to minimise contamination during donning and doffing.

Abstract: Provided is a method for domain name ranking. An example method includes receiving Domain Name System (DNS) data, which includes domain names. The DNS data is processed to obtain multiple metric values for each of the domain names. The metric values can include a query count (QC), a client count (CC), and a network count (NC). The method proceeds with calculating a score for each of the domain names based on the metric values. The calculation can be performed using the following equation: Score=NC·CC·(1+log(QC)). Furthermore, the method ranks the domain names based on the score for each of the domain names. The ranking can be based on normalization of the scores or based on converting the scores into respective percentile ranks.

Abstract: The present disclosure is related to a computer-implemented method and system for distinguishing human-driven Doman Name System (DNS) queries from Machine-to-Machine (M2M) DNS queries. The method includes receiving a DNS query, which includes a domain name, generating a probability score for the domain name based on one or more predetermined rules, and categorizing the DNS query as a human-driven DNS query or a M2M DNS query based on the probability score.

Abstract: The disclosure is related to computer-implemented methods for domain name scoring. In one example, the method includes receiving a request to provide a reputation score of a domain name, receiving input data associated with the domain name, extracting a plurality of features from the input data and the domain name, generating a feature vector based on the plurality of features, and calculating the reputation score of the domain name by a machine-learning classifier based on a graph database, which includes feature vectors associated with at least a plurality of reference domain names, a plurality of servers, a plurality of domain name owners, and so forth. In another example, the method can calculate the reputation score by finding a similarity between the feature vector and one of domain name clusters in the graph database. The reputation score represents a probability that the domain name is associated with malicious activity.

Abstract: A computer-implemented method for detecting anomalies in DNS requests comprises receiving a plurality of DNS requests generated within a predetermined period. The predetermined period includes a plurality of DNS data fragments. The method further includes receiving a first DNS request and selecting a plurality of second DNS requests from the plurality of DNS requests such that each of the second DNS requests is a subset of the first DNS request. The method also includes calculating a count value for each of the DNS data fragments, where each of the count values represents a number of instances the second DNS requests appear within one of the DNS data fragments. In some embodiments, the count values for each of the DNS data fragments can be normalized. The method further includes determining an anomaly trend, for example, based on determining that at least one of the count values exceeds a predetermined threshold value.

Abstract: The present disclosure is related to a computer-implemented method and system for distinguishing human-driven Doman Name System (DNS) queries from Machine-to-Machine (M2M) DNS queries. The method includes receiving a DNS query, which includes a domain name, generating a probability score for the domain name based on one or more predetermined rules, and categorizing the DNS query as a human-driven DNS query or a M2M DNS query based on the probability score.

Abstract: A computer-implemented method for detecting anomalies in DNS requests comprises receiving a plurality of DNS requests generated within a predetermined period. The predetermined period includes a plurality of DNS data fragments. The method further includes receiving a first DNS request and selecting a plurality of second DNS requests from the plurality of DNS requests such that each of the second DNS requests is a subset of the first DNS request. The method also includes calculating a count value for each of the DNS data fragments, where each of the count values represents a number of instances the second DNS requests appear within one of the DNS data fragments. In some embodiments, the count values for each of the DNS data fragments can be normalized. The method further includes determining an anomaly trend, for example, based on determining that at least one of the count values exceeds a predetermined threshold value.

Abstract: The present disclosure is related to a computer-implemented method and system for distinguishing human-driven Domain Name System (DNS) queries from Machine-to-Machine (M2M) DNS queries. The method includes receiving a DNS query, which includes a domain name, generating a probability score for the domain name based on one or more predetermined rules, and categorizing the DNS query as a human-driven DNS query or a M2M DNS query based on the probability score.

Abstract: A personal protection suit has a selectively sealable hood (1) for protection against CBRN threats. In one series of embodiments, the hood (1) is separable from a jacket body (5) by a releasable attachment means (11), and has a mask hood seal (2) for sealing with a mask. In one series of embodiments the hood (1A) has a deployable face mask (60) stored within the hood (1A). The hood (1) can be removed without breaking the seal between the mask and mask hood seal (2) to minimise contamination during donning and doffing.

Abstract: A computer-implemented method for detecting anomalies in DNS requests comprises receiving a plurality of DNS requests generated within a predetermined period. The predetermined period includes a plurality of DNS data fragments. The method further includes receiving a first DNS request and selecting a plurality of second DNS requests from the plurality of DNS requests such that each of the second DNS requests is a subset of the first DNS request. The method also includes calculating a count value for each of the DNS data fragments, where each of the count values represents a number of instances the second DNS requests appear within one of the DNS data fragments. In some embodiments, the count values for each of the DNS data fragments can be normalized. The method further includes determining an anomaly trend, for example, based on determining that at least one of the count values exceeds a predetermined threshold value.

Abstract: A computer-implemented method for detecting anomalies in DNS requests comprises receiving a plurality of DNS requests generated within a predetermined period. The predetermined period includes a plurality of DNS data fragments. The method further includes receiving a first DNS request and selecting a plurality of second DNS requests from the plurality of DNS requests such that each of the second DNS requests is a subset of the first DNS request. The method also includes calculating a count value for each of the DNS data fragments, where each of the count values represents a number of instances the second DNS requests appear within one of the DNS data fragments. In some embodiments, the count values for each of the DNS data fragments can be normalized. The method further includes determining an anomaly trend, for example, based on determining that at least one of the count values exceeds a predetermined threshold value.

Abstract: A computer-implemented method for detecting anomalies in DNS requests comprises receiving a plurality of DNS requests generated within a predetermined period. The predetermined period includes a plurality of DNS data fragments. The method further includes receiving a first DNS request and selecting a plurality of second DNS requests from the plurality of DNS requests such that each of the second DNS requests is a subset of the first DNS request. The method also includes calculating a count value for each of the DNS data fragments, where each of the count values represents a number of instances the second DNS requests appear within one of the DNS data fragments. In some embodiments, the count values for each of the DNS data fragments can be normalized. The method further includes determining an anomaly trend, for example, based on determining that at least one of the count values exceeds a predetermined threshold value.

Abstract: A system for providing a personal and portable ranging system that is configured to make a user more aware of the objects surrounding them. The ranging system comprising a sensor unit comprising at least one ranging sensor, a processing unit configured to receive information obtained from the at least one ranging sensor and configured to provide at least one output notification signal, and a notification device configured to provide at least one alert signal in response to the at least one output notification signal. The notification device can provide information regarding objects detected by the ranging system.

Abstract: The present disclosure is related to a computer-implemented method and system for distinguishing human-driven Domain Name System (DNS) queries from Machine-to-Machine (M2M) DNS queries. The method includes receiving a DNS query, which includes a domain name, generating a probability score for the domain name based on one or more predetermined rules, and categorizing the DNS query as a human-driven DNS query or a M2M DNS query based on the probability score.

Abstract: The disclosure is related to computer-implemented methods for domain name scoring. In one example, the method includes receiving a request to provide a reputation score of a domain name, receiving input data associated with the domain name, extracting a plurality of features from the input data and the domain name, generating a feature vector based on the plurality of features, and calculating the reputation score of the domain name by a machine-learning classifier based on a graph database, which includes feature vectors associated with at least a plurality of reference domain names, a plurality of servers, a plurality of domain name owners, and so forth. In another example, the method can calculate the reputation score by finding a similarity between the feature vector and one of domain name clusters in the graph database. The reputation score represents a probability that the domain name is associated with malicious activity.

Abstract: A computer-implemented method for detecting anomalies in DNS requests comprises receiving a plurality of DNS requests generated within a predetermined period. The predetermined period includes a plurality of DNS data fragments. The method further includes receiving a first DNS request and selecting a plurality of second DNS requests from the plurality of DNS requests such that each of the second DNS requests is a subset of the first DNS request. The method also includes calculating a count value for each of the DNS data fragments, where each of the count values represents a number of instances the second DNS requests appear within one of the DNS data fragments. In some embodiments, the count values for each of the DNS data fragments can be normalized. The method further includes determining an anomaly trend, for example, based on determining that at least one of the count values exceeds a predetermined threshold value.

Abstract: Provided is a method for domain name ranking. An example method includes receiving Domain Name System (DNS) data, which includes domain names. The DNS data is processed to obtain multiple metric values for each of the domain names. The metric values can include a query count (QC), a client count (CC), and a network count (NC). The method proceeds with calculating a score for each of the domain names based on the metric values. The calculation can be performed using the following equation: Score=NC·CC·(1+log(QC)). Furthermore, the method ranks the domain names based on the score for each of the domain names. The ranking can be based on normalization of the scores or based on converting the scores into respective percentile ranks.

Abstract: An article of clothing (10) comprising: a first portion (14) shaped to cover at least part of a wearer's groin or buttock region during use and extending into a gusset region of the article, and a second portion (16) shaped to extend around a wearer's body so as to hold the article against the wearer during use. The first portion (14) comprises a carbon textile layer and a backing layer, the filter layer comprising a knitted material comprising activated carbon. The second material (16) comprises one or more textile panels adjacent said first portion (14) and having elasticity greater than the elasticity of the first portion such that the second portion conforms to the shape of the wearer's body.

Abstract: A computing system and architecture is provided that affects and extends services exported through application libraries. The system has an operating system having an operating system kernel having OS critical system elements (OSCSEs) for running in kernel mode; and, a shared library having critical system elements (SLCSEs) stored within the shared library for use by the software applications in user mode. The SLCSEs stored in the shared library are accessible to the software applications and when accessed by a software application forms a part of the software application. When an instance of an SLCSE provided to an application from the shared library it is ran in a context of the software application without being shared with other software applications. The other applications running under the operating system each have use of a unique instance of a corresponding critical system element for performing essentially the same function, and can be run simultaneously.

Abstract: A system is disclosed having servers with operating systems that may differ, operating in disparate computing environments, wherein each server includes a processor and an operating system including a kernel a set of associated local system files compatible with the processor. This invention discloses a method of providing at least some of the servers in the system with secure, executable, applications related to a service, wherein the applications may be executed in a secure environment, wherein the applications each include an object executable by at least some of the different operating systems for performing a task related to the service. The method of this invention requires storing in memory accessible to at least some of the servers a plurality of secure containers of application software.