Abstract: Methods, systems, and programming for updating a search index are described herein. In a non-limiting embodiment, event data representing actions performed on a plurality of content items managed via the search index may be obtained. The event data may be filtered based on pre-determined criteria to generate updated event data, where the updated event data represents relevant actions performed on at least one of the plurality of content items and are associated with the search index. An updated search index based on the updated event data may then be generated.

Abstract: An apparatus for goal generation is disclosed. The apparatus includes at least a processor and a memory communicatively connected to the at least a processor. The memory instructs the processor to receive a goal datum related to a user, wherein the goal datum comprises behavioral parameters. The memory additionally instructs the processor to classify the goal datum to a user goal. The classification comprises training a goal classifier using a goal training data. Goal training data contains a plurality of data entries containing a plurality of goal datum inputs correlated to a plurality of goal outputs. The classification also comprises classifying the goal datum to the goal using the goal classifier. The classifier assigns the goal as a function of the classification. A goal path is generated as a function of the classification of the goal datum to a goal, wherein the goal path is divided into waypoints.

Abstract: Method and system consist of a mobile application installed on a mobile device with internet connection and a geographical positioning device; a remote hosting server configured with software and database; an onsite wireless communication hosting apparatus. The mobile application communicates with the remote hosting server and the onsite wireless communication apparatus. The remote hosting server and onsite wireless communication apparatus communicate and transfer data to one another, the remote hosting server communicates with third party databases via secured access and retrieves location related information requested by onsite users of the mobile device. Web users at anywhere may select a location displayed on a digital map over interface of a web application configured to the remote hosting server; access the same as onsite users; including data entered by location owners, received from third-party databases via secured connection, and uploaded from onsite wireless communication apparatus.

Abstract: A method for data processing is provided. The method includes obtaining first retrieving data associated with a first user and a first retrieving result selected by the first user from at least one retrieving result corresponding to the first retrieving data. The first retrieving data is labelled with an intention tag indicating a retrieving intention of the first user. The method further includes obtaining second retrieving data that is used by a second user to conduct retrieving and selecting the first retrieving result within a predetermined time period. The method further includes assigning the intention tag to the second retrieving data.

Abstract: In one general embodiment, a computer-implemented method includes selecting a portion of a hash table, identifying a plurality of uniform resource locators (URLs) stored within the selected portion of the hash table, and for each of the plurality of identified URLs, individually determining whether to process the identified URL, based on data associated with the identified URL.

Abstract: Computing systems, computing apparatuses, computing methods, and computer program products are disclosed for optimizing a webpage. An example computing method includes determining a first average number of clicks (ANC) value for a first set of webpage nodes based on first webpage decision tree data and historical usage data. The example computing method further includes generating semantic grouping data for the first set of webpage nodes based on the first webpage decision tree data and webpage node description data. The example computing method further includes determining a second ANC value based on the first set of webpage nodes. The example computing method further includes generating, based on the second ANC value and the semantic grouping data, second webpage decision tree data.

Abstract: A browser is disclosed that provides for browsing a hierarchical dataset including potentially millions of nodes. The hierarchical dataset may be located on a machine that is remote to the machine hosting the browser. Through selective, intelligent fetching and local cache management of sparse portions of the hierarchical dataset, the browser provides consistent and predictable response times for displaying a randomly-selected node in the context of proximate nodes in the hierarchy.

Abstract: An image processing apparatus and method is provided. The apparatus includes one or more processors and one or more memories storing instructions that, when executed, configures the one or more processors, to identify one or more photos associated with a user account of an online community and identify one or more descriptors characterizing an image capture style and are associated with the identified photos, determine, based on the identified descriptors associated with the identified images, one or more descriptors to be proposed to a user corresponding to the user account of the online community, and generate a graphical user interface for outputting, to a user, a request for content that represents the determined proposed descriptors for performing image capture based on the output request.

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums described herein are directed to emulating a semi-transparent effect with respect to a display element rendered via a GUI. The semi-transparent effect may be generated based on a sampling of pixel values of another display element that is non-overlapping with the display element. For instance, pixel values of a portion of the other display element that is adjacent to an edge of the display element may be determined. Using the determined pixel values, a visualization scheme is generated that emulates a visual effect (e.g., a blur effect). The determined visualization scheme is then applied to the display element. This causes the display element to appear semi-transparent such that the colors of the other display element appear to be behind the display element, thereby creating an effect that the display element is overlaid on top of the other display element.

Abstract: A computing in memory (CIM) cell includes a memory cell circuit, a first semiconductor element, a second semiconductor element, and a third semiconductor element. A first terminal of the first semiconductor element is coupled to a first computing bit-line. A control terminal of the first semiconductor element is coupled to a computing word-line. A control terminal of the second semiconductor element is coupled to the memory cell circuit. A first terminal of the second semiconductor element is coupled to a second terminal of the first semiconductor element. A first terminal of the third semiconductor element is coupled to a second terminal of the second semiconductor element. A second terminal of the third semiconductor element is coupled to a second computing bit-line. A control terminal of the third semiconductor element receives a bias voltage.

Abstract: Methods, systems, and apparatus for a matrix multiply unit implemented as a systolic array of cells are disclosed. Each cell of the matrix multiply includes: a weight matrix register configured to receive a weight input from either a transposed or a non-transposed weight shift register; a transposed weight shift register configured to receive a weight input from a horizontal direction to be stored in the weight matrix register; a non-transposed weight shift register configured to receive a weight input from a vertical direction to be stored in the weight matrix register; and a multiply unit that is coupled to the weight matrix register and configured to multiply the weight input of the weight matrix register with a vector data input in order to obtain a multiplication result.

Abstract: Systems and methods are provided for intelligently accessing media content based on rights. This may be accomplished by a media guidance application that generates a DRM score associated with a first copy of the media asset. The media guidance application determines that plurality of alternative copies of a media asset are available from other sources and determines DRM scores for the alternative copies. The media guidance application determines that one of the alternative copies has a lower digital rights management score as compared to the first copy of the media asset and stores the alternative copy instead of the first copy of the media asset.

Abstract: A method for registering and provisioning an electronic device is provided. The method includes a step of inserting a first keypair into a secure element of the electronic device. The first keypair includes a public key and a private key. The method further includes a step of requesting, from a remote server configured to register and provision connected devices, a provisioning of credentials of the electronic device. The method further includes a step of verifying, by the remote server, the electronic device credentials. The method further includes a step of registering, by the remote server, the electronic device. The method further includes a step of transmitting, from the remote server to the electronic device, a device certificate. The method further includes steps of installing the transmitted device certificate within the secure element of the electronic device, and provisioning the electronic device according to the installed device certificate.

Abstract: A software and/or hardware facility that can be used by content owners to assert ownership of content so that copyright friendly websites and services can take action against copyright piracy effectively, efficiently and is scalable is disclosed. The facility makes available to all content owners watermarking/fingerprinting technology so an identifier (e.g., a unique code) can be embedded in the content (e.g., video/audio portion of each video content asset). The facility utilizes blockchain technology to add information related to each unique identifier in a database and allows an authorized user (e.g., the owner) to update the information through a blockchain transaction.

Abstract: In an aspect, a system for dynamic data injection is presented. A system includes a computing device. A computing device is configured to receive at least a digital media file. A digital media file includes at least a segment comprising a plurality of display quanta. A computing device is configured to select a portion of at least a segment of at least a digital media file as a function of a randomization engine. A computing device is configured to encode identifying data in a selected portion of at least a segment. Encoding includes modifying at least a display quanta of a plurality of display quanta of a selected portion of at least a segment. A computing device is configured to display at least a segment to a user.

Abstract: A management apparatus (20) includes: a storage unit (21) which stores user attribute information that associates a user who manages information related to crises and an attribute of the user with each other, correspondence information that associates the attribute and an external system of which the attribute is login-enabled with each other, and login information with respect to each external system; an external login information processing unit (223) which, when receiving a login request to an external system from a user, refers to the user attribute information, the correspondence information, and the login information stored in the storage unit, acquires an attribute of the user, and acquires information on an external system to which the acquired attribute is login-enabled; and an external login processing unit (224) which executes a login to an external system to which a login has been requested among the login-enabled external systems.

Abstract: An authentication method for a telecommunications system comprising a computer network and a telephone network that includes receiving, at an Authentication System across the computer network, data indicative of an authentication request. The request is typically made by a provider in connection with a user (e.g. by a provider to obtain authentication from a user as the result of an authentication trigger detected by a provider system). A telephone call is establishing by the telephone network between the Authentication System and a telephone device with a telephone number associated with the user. A PIN is received from the user at the Authentication System during the telephone call. It is then determined if the received PIN is valid. The authentication request is authenticated if the PIN is determined to be valid.

Abstract: The embodiment of the disclosure provides an unlocking control method and related products. The method includes: acquiring an environmental parameter; acquiring first biometric information; determining a first biometric control parameter and second biometric control information corresponding to the environmental parameter; performing a first biometric recognition on the first biometric information according to the first biometric control parameter; when the first biometric information is recognized, acquiring second biometric information and performing a second biometric recognition on the second biometric information according to the second biometric control information; performing a next unlocking process when the second biometric information is recognized. Thus, control parameters of recognition processes can be set suitable for the environment, and recognition processes are controlled based on these control parameters, thereby improving the pass rate and the efficiency of the multi-biometric recognition.

Abstract: A system, device and method for fingerprint authentication using a watermarked digital image is provided. A device includes a display device including a touch screen configured to detect fingerprints; and, a controller. The controller: generates, at the display device, an image that includes, in one or more given areas, image-embedded fingerprint information; detects, at one or more portions of the touch screen respectively corresponding to the one or more given areas, user-fingerprint information representing a fingerprint; implements a comparison between the user-fingerprint information and the image-embedded fingerprint information; and when the comparison between the user-fingerprint information and the image-embedded fingerprint information is successful, implement an access process.

Abstract: A light-emitting device includes a light diffusing member that diffuses light emitted from a light source so that an object to be measured is irradiated with the light; and a holding unit that holds the light diffusing member and is provided on a wire connected to the light source so as to be located in an uncoated region of the wire.

Abstract: A continuous authentication system and related methods are provided. The system detects requests to perform user actions. A security value is associated with each user action. The system determines a subsequent session security level in response to an adjustment to a session security level by a security value of a requested user action. The requested user action is permitted and the session security level is adjusted based on the security value of the requested user action in response to a determination by the system that the subsequent session security level is greater than or equal to a threshold session security level. A user authentication challenge is caused (e.g., prompted) in response to a determination by the system that the subsequent session security level is less than the threshold session security level.

Abstract: Systems, apparatuses and methods may provide for technology to identify image data, identify eye data from the image data, where the eye data includes one or more of an eye movement of a user or a point of gaze of the user on a display, and determine whether to authenticate the user based on the one or more of the eye movement or the point of gaze.

Abstract: The invention relates to a method for controlling a security system of a charging station for charging electric vehicles, the security system comprising the following elements: a charging plug, the charging plug comprising a sensor unit for recording biometric data of a user that are used for authenticating the user on the security system, and a control unit for evaluating biometric data of the user. For this purpose, according to the invention, the control unit extracts a plurality of features from the biometric data of the user, and the control unit evaluates the features of the biometric data in a plurality of stages.

Abstract: A system for a configurable device environment, the system comprising a computing device configured to receive remote data corresponding to a subject and a plurality of signals from at least a sensor proximate to the subject, retrieve a biometric profile of the subject, identify a pattern of accessory device states for a plurality of accessory devices, wherein identifying includes determining a coordinated state change for a group of accessory devices of the plurality of accessory devices as a function of the remote data and the biometric profile and identifying the pattern of accessory device states as a function of the coordinated state change, determine an automation rule for the group of accessory devices as a function of the pattern of accessory device states, and transmit, to the group of accessory devices, the automation rule.

Abstract: Methods and systems for creating a digital association are provided. The method includes obtaining a first user-generated item comprising identifiable features of a first user and a second user. The method also includes obtaining a second user-generated item comprising the identifiable features of the first user and the second user. The method also includes cross-confirming that the first and second user-generated items are valid to verify the digital association.

Abstract: In some implementations, an authorization device generate a decision to reject an authorization request that includes a credential associated with a user based on one or more inconsistencies between entity information provided in the authorization request and authorized entity information associated with the credential. The authorization device may transmit, to a biometric-enabled device associated with the user, a message that causes the biometric-enabled device to display a prompt indicating the one or more inconsistencies between the entity information provided in the authorization request and the authorized entity information associated with the credential. In some implementations, the prompt may further enable the user to provide a biometric input to authorize the entity information provided in the authorization request.

Abstract: Examples are directed toward a system and method relating to mobile screening. For example, a mobile screening vehicle includes a passenger scanner that performs security scanning of a passenger on the mobile screening vehicle. The mobile screening vehicle also includes a verification system that verifies, consistent with the security scanning of passengers, that passengers on the mobile screening vehicle are approved to proceed to a secure area of a travel venue.

Abstract: A user authentication device includes a user authentication setter that enables or disables a predetermined plurality of authentication methods, and a user authenticator that accepts user authentication by the authentication method that the user authentication setter enables, and a controller that controls the user authentication setter and the user authenticator. When the user authentication setter accepts a setting that enables a single authentication method among the plurality of authentication methods, the controller controls the user authentication setter to disable all authentication methods other than the single authentication method, and the user authenticator accepts only user authentication by the single authentication method.

Abstract: Provided is relative multifactor authentication for interactions between users and one or more entities. Relative multifactor authentication includes monitoring a set of attributes associated with a user during an interaction between the user and the entity. The set of attributes include at least two of a behavioral attribute, a health attribute, a geospatial attribute, and a device attribute. Relative multifactor authentication also include comparing respective parameters of attributes of the set of attributes with expected parameters and determining an authentication status based on the comparison and weighted values assigned to respective attributes of the set of attributes. The user is selectively authenticated to begin to continue the interaction based on the authentication status.

Abstract: A system, method, and computer program to implement Public Key Infrastructure (“PKI”)-based access controls on a computing device independently of the operating system's user identification and authorization system. A software application on a standalone, non-networked computing device detects a “smart card” with a PKI certificate identifying the card holder. The identity of the card holder is verified against a registry stored on the computing device separately from the operating system's user identification and authorization system. Verification of the identity of the card holder results in setting the state of the computer system as “authorized” or “unauthorized.” In the unauthorized state, user input and viewing of information is prevented. The software application may thus identify individual smart card holders and provide secure access to data and resources, and track authorized and unauthorized access on computing devices that must remain in an “always logged in” state.

Abstract: Systems, methods, and apparatuses relating to performing an attachment of an input-output memory management unit (IOMMU) to a device, and a verification of the attachment. In one embodiment, a protocol and IOMMU extensions are used by a secure arbitration mode (SEAM) module and/or circuitry to determine if the IOMMU that is attached to the device requested to be mapped to a trusted domain.

Abstract: A system provides resource monitoring and transmitting electronic alerts using event-based triggers. The system may determine, based on a user's identity, that the user requires additional security and monitoring products and/or services with respect to the user's account. In this regard, the system may continuously monitor the user's activity (e.g., to monitor a resource associated with the user account). The system may further define user events which may trigger the transmission of electronic alerts sent to computing devices of the user and/or third parties associated with the user.

Abstract: Global identity contexts are established for unique constituents to interact with a cloud architecture through a variety of relationships. The global identity context enables a particular constituent to access services from different cloud-service providers in a secure and simplified manner. Authenticating one account can provide access to services associated with other accounts linked to the global identity context for the authenticated account. In some embodiments, the global identity platform includes an account management application and an identity management application. The account management application is configured to register one or more accounts for each constituent. The identity management application is configured to perform individualization to establish an individual identifier for each unique constituent and map each account to a particular individual identifier and one or more local identifiers.

Abstract: Online user account access control with authentication challenge level adjustable based on a level of match between observed attributes of a present login attempt and corresponding recorded attributes for the authentic user for the entered user identifier (UID). Login candidates whose attributes sufficiently closely match the recorded attributes for the entered UID are allowed to select an authentication graphic pattern registered for the UID from a set of alternatives, with the degree of complexity of such selection-based authentication increasing according to the degree of difference between the observed attributes of the present login attempt and the corresponding recorded values for the UID, while by default, login candidates are requested to produce the registered authentication graphic pattern from blank slate.

Abstract: Methods, systems, and devices for techniques for instruction perturbation for improved device security are described. A device may assign a set of executable instructions to an instruction packet based on a parameter associated with the instruction packet, and each executable instruction of the set of executable instructions may be independent from other executable instructions of the set of executable instructions. The device may select an order of the set of executable instructions based on a slot instruction rule associated with the device, and each executable instruction of the set of executable instructions may correspond to a respective slot associated with memory of the device. The device may modify the order of the set of executable instructions in a memory hierarchy post pre-decode based on the slot instruction rule and process the set of executable instructions of the instruction packet based on the modified order.

Abstract: An example method includes receiving an indication of a selection of a first application environment that includes a first virtual environment associated with a first security domain and is configured to isolate execution of software applications within the first application environment, suspending execution of a second application environment that includes a second virtual environment associated with a second security domain different from the first security domain, initiating execution of the first application environment, identifying information associated with the first security domain and provided by the first application environment that is to be sent to an external computing device associated with the first security domain, selecting communication network(s) from one or more communication networks that are each available to the mobile computing device for data communication, encrypting, based on the first security domain and network(s), the information, and sending, to the external computing device via

Abstract: Embodiments of the present invention provide a system for employing a smart device for secure and authenticated event. The system may include a smart assistant device that receives an audible request from a user for an event with a merchant. The smart assistant device then establishes a secure active session with a mobile device associated with the user over a wireless network. The smart assistant device determines a digital voice ID for the received audible request for the event and transmits the digital voice ID and event information to the mobile device of the user. A smart assistant application of the mobile device validates the digital voice ID based on stored reference data. Event information and additional user execution information is then provided to an event processing system for asynchronous processing.

Abstract: Systems, methods, and media for detecting the presence of return-oriented programming (ROP) payloads are provided, comprising: identifying a potential gadget address space; determining if a piece of the data corresponds to an address of the potential gadget address space; and in response to determining that the piece of the data corresponds to an address of the potential gadget address space: determining whether a plurality of operations, each associated one of a plurality instructions beginning at the address, indicates that an ROP payload is present in the data, and indicating that an ROP payload is present in the data in response to making a determination that a plurality of operations indicates that an ROP payload is present in the data a given number of times.

Abstract: Some examples relate generally to managing and storing data, and more specifically to the real-time detection of ransomware, system (or insider) threats, or the misappropriation of credentials by using file system audit events.

Abstract: Disclosed herein are methods and systems for detecting malicious files. An exemplary method comprises: selecting a file from a database of files used to perform training of a model for detecting a malicious file, forming one or more behavior patterns from intercepted one or more commands and parameters during execution of the file, forming a detection model, wherein the detection model selects a method of machine learning and is initialized with one or more hyper-parameters, training the detection model by calculating the one or more hyper-parameters based on the one or more behavior patterns to form a group of rules for calculating a degree of maliciousness of a resource and calculating a degree of maliciousness of another file based on the trained detection model.

Abstract: A semiconductor device and the like for maintaining a required function while suppressing unauthorized accesses are provided. The semiconductor device 100 includes a main control device 110 and a sub-control device 120. The main control device 110 includes a main memory 112 for storing main programs for receiving external signals, and a trigger signal output circuit 115 for outputting a trigger signal when an abnormal signal process differs from preset signal processing is performed. The sub-control device 120 is coupled to the main control device 110, and includes a trigger signal obtaining circuit 121 for obtaining a trigger signal, and a sub-program outputting circuit 123 for outputting a sub-program to the main control device 110 based on the obtained trigger signal.

Abstract: A management system detects a change at the target device. The management system transmits a request message to authorization devices of the authorization users of the multi-user authorization pool to from the authorization users an indication of whether the detected change is approved. The management system receives a plurality of response messages from authorization devices of the multi-user authorization pool indicating whether the detected change is approved by the corresponding authorization user, and based on at least three of the plurality of response messages indicating a disapproval, that the detected change is disapproved. In response to the determination that the change is disapproved, an instruction message is sent to a target managed device to instruct the target managed device to rollback to an earlier state.

Abstract: Methods, machine readable media and systems for performing side channel analysis are described. In one embodiment, a method can determine, from a gate level representation of a circuit in a layout on a die of an IC, a first set of paths through the circuit that process security related data during operation of the circuit, the circuit including a second set of paths that do not process security related data; and the method can further determine, in a simulation of power consumption in the first set of paths but not the second set of paths, power consumption values in the first set of paths to determine potential security leakage of the security related data in the circuit. The method can further determine, from the power consumption values, positions in the layout for inserting virtual probes on the die for use in measuring security metrics that indicate potential leakage of the security related data. The insertion of the virtual probes is relative to the actual simulated layout of the die.

Abstract: A method or apparatus detects a memory corruption of at least one portion of memory during run-time and corrects the memory corruption of the at least one portion of memory by replacing the at least one portion of memory with a backup of the at least one portion of memory. In this way, memory corruption can be corrected in a timely fashion while minimizing security risks.

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed that improve detection of malware based on ecosystem specific data. An example apparatus includes a feedback weight controller to apply, with a machine learning model, a weight to feedback associated with a sample, the feedback obtained from at least a customer ecosystem and including endpoint feedback, human feedback, infrastructure feedback, and global feedback; and a sample conviction controller to, in response to a score based on the weighted feedback satisfying a threshold for a classification, indicate to a user, with the machine learning model, that the classification for the sample is malicious.

Abstract: The present invention relates to systems and methods for providing and managing a repository of free and/or open source software (FOSS) which is free of malware and/or vulnerabilities. The invention comprises scanning FOSS with a malware scanner and adding the FOSS to an anti-malware package management system when the malware scanner indicates no malicious code and/or vulnerabilities have been detected. The anti-malware package management system is accessible by users as a trusted source to obtain FOSS which is free of malware and believed to be safe to use. The anti-malware package management system is updated over time to keep up with changing FOSS libraries and changing malware detection capabilities so that the anti-malware package management system remains a trusted source for users to obtain FOSS.

Abstract: Disclosed herein are systems and method for blocking malicious script execution. In one exemplary aspect, the method may comprise detecting an execution of a script that creates or modifies a file on a computing device and recording a first report comprising a list of operations involved in the execution of the script, an identifier of the script, and an identifier of the file. The method may comprise determining that the file includes malicious code using a malware scanner and recording a second report comprising an indication that the file includes malicious code and an identifier of the file. In response to determining that identifier of the file is present in both the first report and the second report, the method may comprise generating and storing a first rule that prevents complete execution of any script that shares at least one operation in the list of operations with the script.

Abstract: A game engine sensor of a computing device executing an operating system receives first data from the operating system that represents occurrence of a monitored event. The game engine sensor sends second data corresponding to the monitored event to a game engine logic controller. A first logic block of the game engine logic controller determines, based on the second data and third data representing a system state of the computing device, that a first predicate condition is satisfied. A second logic block of the game engine logic controller determines, based on the second data and the third data, that a second predicate condition is satisfied. A computer security threat is detected based on the first and second predicate conditions being satisfied, and at least one game engine actuator is instructed to perform at least one action responsive to the computer security threat.

Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the unmanaged profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the unmanaged portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.

Abstract: A security device includes an attack detection part, a security risk state determination part, and an execution environment controller. The attack detection part detects a cyber attack on an embedded device controlled by an embedded control device. The security risk state determination part determines a security risk state indicating at least one of a type and degree of risk of threat in a security caused by the cyber attack based on a result of the detection. The execution environment controller is included in the embedded control device, determines a security function against the cyber attack in accordance with the security risk state, and constitutes an execution environment of the security function in the embedded control device so that the embedded control device can execute the security function.