Abstract: Method and apparatus are disclosed for malware detection. According to an embodiment, a hybrid method for malware detection comprises: obtaining calling maps of a malware set and a normal application set, wherein a calling map comprises information about system call sequences with different calling depth greater than or equal to one; generating a malware pattern set and a normal pattern set, based on comparison between frequencies of the calling maps of the malware set and the normal application set; acquiring a calling map of an unknown application; and determining a malware detection result for the unknown application, based on comparison between the unknown application's calling map with the malware pattern set and the normal pattern set. The malware pattern set and/or the normal pattern set may be updated according to the malware detection result.

Abstract: A method and apparatus is provided for providing an active ticket in a mobile terminal for use by a mobile terminal user, wherein at least one active ticket has a ticket characteristic that dynamically changes based on one or more states in a life cycle of the active ticket. Dynamic changes to the ticket characteristic include multimedia changes or other presentation data, including text, sound (audio), animation, video, still pictures, or some combination thereof. The active ticket can have different states in it's life cycle, such as purchased, validated, invalid for certain events. Also the ticket service provider or issuer can send new control data to change the characteristic and/or contents of the active ticket.

Abstract: Methods, apparatus, computer program product and computer readable medium are disclosed for authentication. A method comprises: sending an authentication request to a relying party, wherein the authentication request comprises a voice authentication command of a user; receiving from an identity provider at least one first challenge message with respective randomly generated verification code and respective first randomly generated challenge style; and sending at least one voice verification code to the identity provider, wherein the at least one voice verification code is pronounced by the user in the light of the respective randomly generated verification code and the respective first randomly generated challenge style.

Abstract: An electronic device includes a casing, a driven component, a magnetic component and an electromagnetic component. The casing has an outer surface, an inner surface, and an accommodating groove penetrating through the outer surface and the inner surface. The driven component is movably disposed in the accommodating groove. The magnetic component is connected to the driven component. The electromagnetic component is aligned with the magnetic component, and the magnetic component and the electromagnetic component are located at the same side of the inner surface. When the electromagnetic component isn't powered, the magnetic component and the electromagnetic component are attracted to each other, and the driven component is positioned at a first position. When the electromagnetic component is powered, the magnetic component and the electromagnetic component are repulsed to each other so as to drive the driven component to move from the first position to the second position.

Abstract: A framework, apparatus, system and method for realizing security and trust management for virtualized networks. A computing platform for implementation in a networking device of a virtualized network comprises a root-trusted module layer, which includes a root trust module for providing root trust; and a middleware layer, which includes system-level components configured to manage security and trust of virtualized network functions by verifying, establishing or maintaining trust with regard to the virtualized network functions based on the root trust. The computing platform can further comprise a number of virtualized security and trust functions that can be flexibly deployed in the virtualized network function infrastructure supported by the above two layers.

Abstract: A signal processing method and apparatus includes determining a first signal F1(t) output by a first neuron, processing the first signal F1(t) using q orders of synapse weight parameters wq(t), wq?1(t), . . . , w1 (t) to obtain a second signal F2(t), and inputting the second signal F2(t) to a second neuron, where the second neuron is a next-layer neuron of the first neuron.

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to receive, from a data provider, a first ciphertext, perform a mathematical manipulation of the first ciphertext, the mathematical manipulation modifying plaintext of the first ciphertext without decrypting the first ciphertext, the mathematical manipulation being identified by a computation identifier, obtain a second ciphertext from the first ciphertext by performing a cryptographic re-encryption operation, and provide the second ciphertext to a first computation party.

Abstract: An approach is provided for providing secure communications based on trust evaluation in a distributed manner. A method can comprises: sending data to a plurality of devices, the data being encrypted with a communication key; encrypting the communication key with public attribute keys associated with attributes, wherein the attributes comprising at least one trust level related attribute representing an access condition for the data based on a trust level; evaluating a trust level of each device of the plurality of devices, to identify eligible devices of the plurality of devices whose trust levels satisfy the access condition; sending the encrypted communication key to the plurality of devices; and sending secret attribute keys associated with the attributes to each device of the eligible devices for decrypting the encrypted communication key, the secret attribute keys being personalized for the each device of the eligible devices.

Abstract: A subtree pinning system includes a file system tree, a plurality of metadata servers, and a metadata server assignment system. The file system tree includes a plurality of subtrees. The metadata servers are configured to manage the plurality of subtrees. The metadata server assignment system is configured to receive a command to reassign a subtree to a first metadata server. The metadata server assignment system is also configured to remove an assignment of a second metadata server to manage the subtree and create an assignment of the first metadata server to manage the subtree. The metadata server assignment is further configured to prevent the subtree from being managed by another metadata server.

Abstract: A method is disclosed, comprising obtaining, by a first apparatus, a first identifier associated with the first apparatus, wherein the first identifier is different from a second identifier associated with the first apparatus, providing, by the first apparatus, at least one message to at least one further apparatus of at least one further apparatus, wherein each of the at least one message comprises a key information of the first apparatus and is associated with the first identifier associated with the first apparatus, and determining, by the first apparatus, a session key of a communication session associated with the first apparatus and the at least one further apparatus, based on at least one message received, by the first apparatus, provided by at least one further apparatus of the at least one further apparatus, wherein each of the at least one message comprises a key information of the respective further apparatus and is associated with a first identifier associated with the respective further apparatus

Abstract: A method for anonymous authentication may comprise: issuing token information to a first node registered with a network entity, wherein the token information indicates one or more tokens for the first node; distributing a token list to a plurality of nodes registered with the network entity, wherein the token list is associated with respective tokens for the plurality of nodes comprising at least the first node and a second node, and wherein the token information and the token list are used for an anonymous authentication between the first node and the second node.

Abstract: An approach is provided for providing an offline malware detection, and in addition a real-time malware detection. The offline malware detection may comprise: detecting at least one of function calling map of the application offline, wherein a function calling map records relationships of callings among functions called by the application; extracting patterns of the function callings of the application from the at least one function calling map; and comparing the extracted pattern with at least one basic pattern of normal applications. The real-time malware detection may comprises: running an application in a real environment; recording behaviors of the application at runtime of the application; extracting behavior patterns from the recorded behaviors; and comparing the extracted behavior patterns with at least one of basic patterns of normal applications or patterns previously recorded for the application.

Abstract: A method and apparatus is provided for providing an active ticket in a mobile terminal for use by a mobile terminal user, wherein at least one active ticket has a ticket characteristic that dynamically changes based on one or more states in a life cycle of the active ticket. Dynamic changes to the ticket characteristic include multimedia changes or other presentation data, including text, sound (audio), animation, video, still pictures, or some combination thereof. The active ticket can have different states in it's life cycle, such as purchased, validated, invalid for certain events. Also the ticket service provider or issuer can send new control data to change the characteristic and/or contents of the active ticket.

Abstract: A method for authentication and key agreement in a communication network is disclosed. In the method, a network node generates a common public key and a master secret key, assigns to a first user equipment a first set of one or more pseudonym identifications corresponding to a real identity of the first user equipment, the common public key and a first private key specific to the first user equipment, and assigns to a second user equipment a second set of one or more pseudonym identifications corresponding to a real identity of the second user equipment, the common public key and a second private key specific to the second user equipment.

Abstract: A method for securing D2D communications may comprise: encrypting communication data based at least in part on a security policy associated with at least one of a general trust evaluation and a local trust evaluation; and sending the encrypted communication data from a first user equipment to one or more second user equipments, wherein the second user equipment of which at least one of a general trust evaluation result and a local trust evaluation result satisfies the security policy set by the first user equipment is eligible to access the encrypted communication data.

Abstract: A method for privacy-enhanced evidence evaluation may comprise: sending a request for pre-evaluation information regarding evidence data of a target object to a first network entity from a requesting node; obtaining the pre-evaluation information from the first network entity, in response to successful verification of the requesting node at a second network entity; and calculating an evidence evaluation of the target object based at least in part on the pre-evaluation information, wherein the pre-evaluation information comprises re-encrypted evidence data of the target object associated with one or more time slots, and wherein the re-encrypted evidence data of the target object at an associated time slot is resulted at least in part from encrypted evidence data of the target object collected by the first network entity from one or more evidence providers at the associated time slot, by using a re-encryption key from the second network entity.

Abstract: Method and apparatus are disclosed for homomorphic re-encryption schemes in a system comprising a cloud service provider (CSP), a third authorized party (TAP), a data requestor (DR) and a plurality of data providers (DPs). According to an embodiment, a method implemented at a CSP comprises: in response to a request from a TAP, obtaining from a plurality of DPs cipher texts of their respective data, based on the request, wherein each DP is able to homomorphically encrypt its data; analyzing the cipher texts; and sending the analyzing result to the TAP, wherein the TAP is able to re-encrypt the analyzing result, such that a DR can decrypt the re-encrypted analyzing result with the DR's secret key.

Abstract: A method and a device are provided for switching a display mode in the mobile terminal field. The method includes: obtaining a first display mode of an operating system; and when the first display mode of the operating system is a night mode, switching a second display mode of an application to an application night mode.

Abstract: A system and method is disclosed for allowing content providers to protect against widespread copying of their content, while enabling them to give their customers more freedom in the way they use the content. In accordance with one embodiment, content providers identify their content as protected by watermarking the content. Consumers use compliant devices to access protected content. All of a user's compliant devices, or all of a family's devices, can be organized into an authorized domain. This authorized domain is used by content providers to create a logical boundary in which they can allow users increased freedom to use their content.

Abstract: A system and method is disclosed for allowing content providers to protect against widespread copying of their content, while enabling them to give their customers more freedom in the way they use the content. In accordance with one embodiment, content providers identify their content as protected by watermarking the content. Consumers use compliant devices to access protected content. All of a user's compliant devices, or all of a family's devices, can be organized into an authorized domain. This authorized domain is used by content providers to create a logical boundary in which they can allow users increased freedom to use their content.