Abstract: A data processing method includes obtaining at least one first target data object including first target data, the first target data in each first target data object at least including all valid data corresponding to each data processing channel, each first target data corresponding to corresponding position information, the position information indicating a position of second target data corresponding to the first target data, a number of first target data objects being less than a number of data processing channels; obtaining the corresponding second target data from to-be-processed data included in a second data object corresponding to each data processing channel based on the position information corresponding to the first target data; and performing data processing on the first target data and the corresponding second target data.

Abstract: The technology disclosed extracts intensities from sequencing images for base calling target clusters and attenuates spatial crosstalk from neighboring clusters. The technology disclosed accesses a particular section from a plurality of sections of an image output by a sensor, the particular section of the image including at least one pixel depicting intensity emission values from a target cluster and neighboring clusters located across the sensor, and convolves the particular section of the image with a corresponding convolution kernel in a plurality of convolution kernels, to generate a feature map comprising a plurality of feature values. The technology disclosed further assigns a corresponding feature value to the target cluster based on feature values in the plurality of feature values adjoining a center of the target cluster, and processes the corresponding feature value assigned to the target cluster, to base call the target cluster.

Abstract: Techniques for data classification using clustering. A method includes replacing a plurality of portions of metadata for a plurality of data objects with a plurality of replacement characters in order to generate a plurality of replaced strings; clustering the plurality of data objects into a plurality of clusters based on commonalities between the plurality of replaced strings of data objects of the plurality of data objects; classifying a subset of the data objects in each cluster into at least one class; and aggregating classes within at least one cluster of the plurality of clusters, wherein aggregating classes within each of the at least one cluster includes applying the at least one class for the subset of the data objects in each cluster to each other data object within the cluster.

Abstract: A system and method for providing access to third-party software tools as a service. A standardized interface is provided for vendors to communicate with the service. In particular, one or more license information API endpoints allow vendors to provide license provisioning information related to the provisioning of a license to a third-party software tool and/or license information about the license to the service.

Abstract: A method for managing a license on a relay server connected to a cloud server and a license server includes sending to the cloud server a license request, corresponding to the license server and including a certificate of a user corresponding to the license server and an identifier of the license server, receiving, from the cloud server, a license corresponding to the license server and associated with a tool, distributing the license to the license server, obtaining, via the license server, a number of copies of the tool running on a worker server and working durations corresponding to the copies of the tool, and sending the number of the copies of the tool at running and the corresponding working durations to the cloud server. The license is not used to limit how many copies of the tool to be launched.

Abstract: Aspects of the subject disclosure may include, for example, a processing system including a processor; and a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, including requesting a license for software from first equipment of a license holder; receiving a passed ledger associated with the license from the first equipment of the license holder, wherein the passed ledger comprises a latest block; receiving a hash value for the latest block from a software vendor of the software; calculating a hash value for the latest block; and responsive to the hash value provided by second equipment of the software vendor matching the hash value calculated for the latest block: executing the software. Other embodiments are disclosed.

Abstract: A method for unlocking a firmware setup utility of a computer server without a firmware setup utility user password. The method includes booting the server to a firmware setup utility interface and receiving a user request to unlock the firmware setup utility without the password. The method further includes receiving, via a web interface to a baseboard management controller (BMC) of the server, login credentials for accessing a BMC configuration, wherein the login credentials are authenticated by the BMC. The firmware setup utility causes, in response to the request, the BMC to send a nonce code to a registered destination address stored by the BMC. User input containing the nonce code is received through the web interface to the BMC, and the firmware setup utility is unlocked in response to determining that the nonce code received through the BMC web interface matches the nonce code in the message.

Abstract: A method for providing a quantum reflection access credentialing (QRAC) system. The method includes receiving a user login. The user login may include a username and password. The user login may be associated with a known user. The system may include a memory for storing information corresponding to light reflected from the face of the user. The method may further include selecting, or receiving a selection of, a light source from among an array of light sources. The method may also include shining light generated by the selected light source on the user's face. The method may also include scanning the user face to capture a reflection of the light generated by the light source. The method may then include confirming that the information stored in the memory corresponds to the reflection of the light generated by the light source. In response to confirming that the information stored in the memory corresponds to the reflection of the light generated by the light source, the method may credential user access.

Abstract: An information processing system according to one embodiment of the present disclosure is equipped with: an acquisition unit for acquiring first biological information, which is information pertaining to the living body of a user and is retrieved from a user terminal in which certification information is installed, which is information pertaining to a public certificate of the user, and second biological information which is information pertaining to the living body of the user and is associated with the certification information; an authentication unit for subjecting the user to biological authentication on the basis of the first biological information and the second biological information; a registration unit for registering the information pertaining to the user which was authenticated by the biological authentication; and a service provision unit which provides a service to the user according to a request from the user terminal when information pertaining to the user is registered.

Abstract: In some implementations, a device may obtain registration information, associated with an account, including one or more training handwriting samples of a user. The device may detect an initiation of an event associated with the account. The device may provide, to a terminal device associated with the event, the one or more authentication prompts to cause the terminal device to provide the one or more authentication prompts while the event is pending. The device may obtain, from the terminal device, one or more handwriting samples in response to the one or more authentication prompts. The device may determine, using a machine learning model, whether the user is associated with the event based on whether the one or more handwriting samples are in a handwriting of the user. The device may authenticate the event based on determining whether the one or more handwriting samples are in the handwriting of the user.

Abstract: An authentication screen that prevents access to at least one application via the computing device can be rendered on a display of a computing device. The computing device can scan a physical medium that is external to, and independent of, the computing device to acquire challenge data for a user from the physical medium and the computing device can acquire response data from the user. In response to a successful match between the challenge data and the response data, the authentication screen can be removed from the display and access to the at least one application can be granted. Once access to the computing device is granted to the user, the computing device can identify the user and manage the challenge data, response data, SSO sessions, and/or personalized device configurations.

Abstract: A biological data registration support device includes: a control portion configured to acquire a plurality of registration scenarios, each including at least one verification method and associated with respective services, identify a verification method that is commonly included in the plurality of registration scenarios as a common verification method, and acquire one set of biological data for registration regarding the common verification method and one set of biological data for registration regarding the verification method other than the common verification method; and a transmitting portion configured to transmit the biological data for registration and the plurality registration scenarios acquired by the control portion.

Abstract: A biological data registration support device includes: a control portion configured to acquire a plurality of registration scenarios, each including at least one verification method and associated with respective services, identify a verification method that is commonly included in the plurality of registration scenarios as a common verification method, and acquire one set of biological data for registration regarding the common verification method and one set of biological data for registration regarding the verification method other than the common verification method; and a transmitting portion configured to transmit the biological data for registration and the plurality registration scenarios acquired by the control portion.

Abstract: Electronic devices in a system may be controlled by a user. The user may have one or more wearable devices or other devices. A user's device may be used by the user in identifying a target electronic device of interest among the electronic devices in the system. The target electronic device may be identified using a gaze tracking sensor that senses the user's point-of-gaze, an orientation sensor that detects a direction in which the user's device is pointed, or other sensor circuitry. Visual feedback, audio feedback, and/or haptic feedback may be provided to the user to confirm which electronic device has been identified as a target electronic device of interest. User input may be gathered by sensors and used in adjusting operating parameters in the target electronic device of interest. Health monitoring operations and other operations may also be performed.

Abstract: A security system for identifying a security breach of a vehicle is presented. In one exemplary implementation, the security system comprises: an infotainment system, a memory and a controller. The infotainment system has a display and is configured to receive various user inputs. The memory receives and stores data at the infotainment system and is configured to store at least one authorized mobile number associated with the vehicle. The controller (i) determines whether a candidate mobile device has been paired to the infotainment system, (ii) compares a mobile number of the candidate mobile device with the at least one authorized mobile number, (iii) determines a security breach has occurred based on the mobile number of the candidate mobile device not matching at least one authorized mobile number, and (iv) performs a notification action based on the security breach.

Abstract: Systems and methods to authenticate a vehicle operator for an autonomous vehicle on a vehicle service platform are provided. In one example embodiment, a computer-implemented method includes obtaining authentication request data indicative of an authentication request, the authentication request data including at least an operator identifier associated with the vehicle operator and a vehicle identifier associated with the autonomous vehicle. The method includes providing a service code associated with the authentication request to the autonomous vehicle. The method includes obtaining from a user device in response to providing the service code to the autonomous vehicle, operator data associated with the authentication request, the operator data including the service code. The method includes determining an authentication result associated with the authentication request based at least in part on the service code and the operator data. The method includes providing the authentication result to the user device.

Abstract: A system for performing a login process for a user profile at an auxiliary device, the system comprising a first obtaining unit configured to obtain information associated with each of a plurality of image frames displayed by a first device, the first device being logged in with the user profile, a second obtaining unit configured to obtain a plurality of images captured by a camera associated with the auxiliary device, a comparison unit configured to compare the information associated with plurality of image frames displayed by the first device with a plurality of corresponding images captured by the camera to identify a degree of similarity for each corresponding image pair, wherein corresponding images are those associated with a same respective display and capture time, and an authentication unit configured to execute a login to the auxiliary device with the user profile in response to a determination that the degree of similarity meets or exceeds a threshold value for at least a subset of the plurality o

Abstract: A process, system and medium for building a training set and performing supervised training of a Machine Learning (ML) model that determines a risk score used to decide whether to impose stepped up authentication during an authentication journey are described. The process includes selecting examples of completed authentication journeys, including failed and successful authentication outcomes after step-up requirements during the example journeys. The process includes pairing ground truth outcomes from the example journeys with authentication request features initially available prior to imposition of the step-up requirements to produce request feature-outcome pairs. The process includes using at least the request feature-outcome pairs to perform the supervised training of the ML model to determine a risk score that can be used to decide whether to impose the stepped up authentication during an authentication journey. The system and medium are configured to execute the process.

Abstract: Examples relating to implementations of a confidential code execution environment for a code transparency service are provided. In one aspect, a computing system is provided, the computing system comprising a processor and a storage device containing instructions that, when executed, cause the processor to receive code data from a producer, store a code identity artifact comprising the code data on a ledger, wherein the ledger is updatable by an authorized party, receive a code identity endorsement from an auditor for the stored code identity artifact, and store a code identity endorsement artifact on the ledger based on the received endorsement from the auditor, wherein the code identity endorsement artifact is associated with the stored code identity artifact.

Abstract: An apparatus may comprise a controller programmed to establish a connection with an integrated circuit, program a plurality of cross-coupled look up tables of the integrated circuit to generate a plurality of memory cells, each pair of cross-coupled look up tables comprising one memory cell, and associate a plurality of the memory cells with a digital fingerprint of the integrated circuit, a value of each memory cell after startup of the integrated circuit comprising one bit of the digital fingerprint.

Abstract: Disclosed embodiments provide systems and methods that can be used as part of or in combination with autonomous navigation, autonomous driving, or driver assist technology features. As opposed to fully autonomous driving, driver assist technology may refer to any suitable technology to assist drivers in the navigation or control of their vehicles. In various embodiments, the system may include one or more cameras mountable in a vehicle and an associated processor that monitors the environment of the vehicle. In further embodiments, additional types of sensors can be mounted in the vehicle and can be used in the autonomous navigation or driver assist systems. These systems and methods may include the use of a shared cache that is shared by a group of processing units to improve analysis of images captured by the one or more cameras.

Abstract: Disclosed herein are systems and methods for enhancing the security of isolated execution environments of an authorized user. In one aspect, an exemplary method comprises: identifying at least one computer system on which a user is authorized, forming an isolated execution environment for execution of a security application, detecting at least two isolated execution environments using an isolated execution environment of the installed security application on the identified computer system, and forming a secure integration of the identified isolated execution environments using integration rules. In one aspect, the forming of the secured integration is performed by: creating an integration of the identified isolated execution environments, and checking for presence of a data access transit in the created integration.

Abstract: A non-transitory computer readable medium contains instructions that when executed cause one or more processors to perform cybersecurity operations that include detecting an interpreter-based application configured to exhibit native functionality and to generate a plurality of execution contexts following receipt of an original input code. An interpreter-based cybersecurity agent is injected within the detected interpreter-based application, which is itself configured for execution by the interpreter-based application prior to execution of the original input code. Exposed APIs are patched using the injected interpreter-based cybersecurity agent to cause patched APIs to exhibit non-native functionality in order to thwart exploitations.

Abstract: A method includes receiving historical Internet Protocol data packets; storing the packets; training a machine learning model to generate realistic data packets; and providing the generated realistic data packets to an emulated networking environment. A computing system includes: a processor; a network interface controller; and a memory having stored thereon computer-executable instructions that, when executed by the one or more processors, cause the computing system to: receive historical Internet Protocol data packets; store the packets; train a machine learning model to generate realistic data packets; and provide the generated realistic data packets to an emulated networking environment.

Abstract: A non-transitory storage medium includes logic associated with a cybersecurity threat hunting system. Upon execution, the logic analyzes input event data to detect whether the input event data constitutes a cyberthreat. The logic includes a function evaluator, which is configured to extract features from the input event data that is relevant, based on experiential knowledge or past analyses, for use in determining whether one or more cyberthreats are associated with the input event data. The function evaluator includes one or more hunt packs, each of the one or more hunt packs includes one or more hunting functions, and each hunting function of the one or more hunting functions is configured to analyze the input event data received from at least one cybersecurity source.

Abstract: A computer-implemented method includes accessing, by one or more processors of an alerting system, security event data generated by one or more computing devices, computing, by the one or more processors, an identity prioritization score by applying an identity prioritization algorithm to the security event data, computing, by the one or more processors, an asset prioritization score by applying an asset prioritization algorithm applied to the security event data, determining, by the one or more processors, a detection likelihood score of one or more security activities identified in the security event data, by applying a detection likelihood algorithm to the security event data, and computing, by the one or more processors, a risk score of the one or more security activities by applying a risk-based algorithm that is based on the identity prioritization score, the asset prioritization score, and the detection likelihood score of the one or more security activities.

Abstract: An integrated ECU includes: a host virtual machine; an anomaly detector that detects a security anomaly in the host virtual machine; a service list storage that stores a service list indicating a list of a plurality of services executed by the in-vehicle system; a determiner that determines a specific service from among the plurality of services indicated in the service list when the anomaly detector detects the security anomaly, the specific service being a service which needs to be stopped or needs a change in a setting in order to resolve the security anomaly; and an anomaly countermeasures unit that executes an anomaly countermeasures process of stopping the specific service or changing the setting of the specific service, based on a determination result of the determiner.

Abstract: A method for selecting a region of a similarity space in which to locate a file. Numerous files are received, and feature vectors for each of the received files is created, each feature vector comprising values representing corresponding features for the file. A respective similarity space is created for each of the respective number of feature vectors, each respective similarity space comprising several regions. One of the regions of the respective similarity space is selected in which a respective representation of each file is located based on the respective feature vector for the file. A map of relationships between one or more regions of the similarity spaces is then constructed.

Abstract: Various techniques for malicious pattern extraction via fuzzing are disclosed. In some embodiments, a system/process/computer program product for malicious pattern extraction via fuzzing includes receiving a malicious sample (e.g., the malicious sample can be an executable file, such as a binary, script, etc., or a file that includes content for inputting into an application, such as for an office productivity suite or another application); mutating the malicious sample using fuzzing; and generating a signature based on a critical path (e.g., a malware signature can be automatically generated by a cloud security service for detection of the malicious sample, and the cloud security service can distribute the malware signature to a plurality of firewalls and/or other security entities to subscribers of a security service).

Abstract: A detection method for ransomware collaborated with a detection system having a semantic extracting module with multiple semantic extractors is disclosed and includes following steps: receiving a first file with a first ID; importing the first file to the semantic extracting module to output a first semantic feature of the first file; receiving a second file with a second ID; importing the second file to the semantic extracting module to output a second semantic feature of the second file; computing a distance between the first semantic feature and the second semantic feature if the second ID matches the first ID; and, issuing an alarm when the distance exceeds a threshold.

Abstract: Techniques that leverage symbolic execution to automatically analyze and understand malicious XL4 macros is provided. Using symbolic execution, these techniques can automatically infer the “correct” values for environmental inputs that are employed by advanced XL4 malware for obfuscating their malicious payloads, thereby allowing for a complete analysis of such malware.

Abstract: A system that uses machine learning (ML) models—and in particular, deep neural networks—with features extracted from memory snapshots of malware programs to automatically recognize the presence of malicious techniques in such programs is provided. In various embodiments, this system can recognize the presence of malicious techniques that are defined by the MITRE ATT&CK framework and/or other similar frameworks/taxonomies.

Abstract: The technology disclosed herein provides batchwise metric-based malware detection by receiving a plurality of input/output (IO) requests, generating IO trace sequences by combining a number of IO requests, generating batchwise metrics, each of the batchwise metrics corresponding to one of the IO trace sequences and generated based on an operation performed on values of parameters within IO trace sequences, generating inferential model input feature vectors based on the generated batchwise metrics, and training an inferential model based on a plurality of the generated inferential model input feature vectors and ground truth values corresponding to the IO trace sequences, each of the ground truth values indicating whether a corresponding one of the IO trace sequences represents a ransomware attack.

Abstract: Methods and systems are described herein for dynamic rule management without using hard-coded rules. A system may store, for example, in a persistent memory database, a first rule and receive a first request to process first input data using the first rule. In response to the first request, the system may retrieve a first rule template and initiate a first rule engine session. The system may generate, upon initiating first rule engine session, in a non-persistent memory database, a first non-persistent run-time file for validating the first input data using the first rule template. The first input data may be validated using the first non-persistent run-time file. The system may generate, for display, on a user interface, a validation confirmation for the first input data and end the first rule engine session.

Abstract: Secure examination software, systems, and methods for allowing examinees access to specified external electronic document resources stored on one or more remote internet-connected servers during an examination event. In various embodiments, the secure examination software program comprises (a) a secure examination-taking component and (b) a secure web browser component. In various embodiments, the secure web browser component in the secure exam software interface allows access only to specified electronic resources stored on internet-connected servers, while access to all other electronic resources is blocked or otherwise prohibited.

Abstract: An information handling system detects installation of a hardware device that includes software, and transmits a request for a secure boot certificate associated with a hardware identifier of the hardware device and a software version of the software to a remote secure boot service. The secure boot service which maintains a centralized secure boot certificate store queries for the secure boot certificate based on the request and transmits the secure boot certificate to the information handling system. The secure boot service also performs a refinement mapping of the secure boot certificates in the store. Subsequent to receiving the secure boot certificate, the system provisions the secure boot certificate.

Abstract: Malicious activity is identified in a plurality of sequences of computer instructions by identifying a plurality of sequences of computer instructions of interest, and assigning the plurality of sequences of computer instructions into two or more groups. A virtual machine sandbox is executed for each of the two or more groups, and each of the plurality of sequences of computer instructions is executed in the virtual machine sandbox into which the sequence of computer instructions has been assigned. Behavior of the executing instruction sequences is monitored, and is used to determine whether each of the groups has at least one executed sequence of computer instructions that is likely malicious.

Abstract: Techniques are described herein for dynamic service extension to provide risk mitigation upon detecting a threat. In embodiments, such techniques may be performed by a service provider platform and may comprise receiving information about a security threat, identifying one or more components susceptible to the security threat, determining, based on a software bill of materials, at least one data flow that includes a point of delivery (pod) associated with the one or more components, identifying at least one additional service determined to mitigate the security threat, and implementing the at least one additional service in relation to the at least one data flow.

Abstract: One or more systems, devices, computer program products and/or computer-implemented methods provided herein relate to risk assessment for artificial intelligence models, and more specifically, to the generation of customized risk scores and converted comparable scores. In an embodiment, the customized risk assessment scores can be based on a risk profile determined from risk assessment requirements and measurements of an artificial intelligence model. In another embodiment, one or more customized risk assessment scores can be converted to a converted risk assessment score that is comparable to a customized risk assessment score or another converted risk assessment score.

Abstract: Methods and systems for monitoring security of data processing systems throughout a distributed environment are disclosed. To monitor security of data processing systems, a system may include a security manager and one or more data processing systems. The security manager may host a digital twin of each data processing system to simulate operations performed by the corresponding data processing system. The security manager may compare operations performed by a data processing system to operations performed by a digital twin of the data processing system. Differences in the operations performed by the data processing system and the digital twin may indicate the presence of adversarial interference with the data processing system. Data processing systems found to be performing unexpected operations may be subject to further analysis and, if needed, remedial action.

Abstract: Methods and systems for securing deployments are disclosed. The deployments may be secured by generating and deploying security models to components of the deployment. The security models may be obtained through simulation of the operation of the deployment. During the simulation, different types of attacks on its operation and potential defenses to the attacks may be evaluated. The defenses able to defend against the different types of attacks may be used to generate the security models.

Abstract: A system for providing real-time automated security scoring for a data platform. The system collects application log data and threat intelligence data in a variety of formats and normalizes the application log data and threat intelligence data. A risk scoring engine uses the normalized application log data, the normalized threat intelligence data, and a risk mapping matrix to generate security score data. Security risk assessment data including the security score data is stored in a shared database so that consumers of the security scoring data can access the security risk assessment data in real-time.

Abstract: Systems, computer program products, and methods are described herein for deployable software vulnerability testing platform. The present invention is configured to receive, from a user input device, an initial request from a user to generate a deployable software vulnerability testing (SVT) engine; prompt an SVT dashboard for display on the user input device to receive one or more input parameters associated with the first vulnerability in response to receiving the initial request; receive, via the SVT dashboard, the one or more input parameters; generate the SVT engine based on at least the one or more input parameters; receive, from the user input device, one or more deployment parameters associated with a deployment of the SVT engine; and deploy the SVT engine within the distributed technology infrastructure to identify the one or more instances of the first vulnerability based on at least the one or more deployment parameters.

Abstract: Methods and systems are provided for assessing the cybersecurity state of entities based on extended-computer network characteristics. A method can include obtaining, for a plurality of computer networks associated with an entity and not associated with the entity, a first and second network dataset. The first and second network datasets can be combined. A plurality of Internet Protocol (IP) addresses associated with the entity and associated with a plurality of entities can be obtained, where the entity and the plurality of entities each associated with a unique identifier (UID). The method can include determining whether each of the plurality of computer networks not associated with the entity comprises a remote office network. A cybersecurity state of the entity can be determined based on an evaluation of security characteristics of the IP addresses associated with the entity and of one or more IP addresses attributed to the remote office networks.

Abstract: A homomorphic operation system according to an embodiment includes a homomorphic encryption device configured to output a first ciphertext data generated based on a first base, a homomorphic encryption server including a storage device storing base conversion table configured to convert ciphertext data based on the first base into a second ciphertext data based on a second base and the first ciphertext data received from the homomorphic encryption device, and a homomorphic encryption operation device configured to perform a predetermined operation using the base conversion table on the first ciphertext data to convert the first ciphertext data into the second ciphertext data based on the second base.

Abstract: An access client may transmit an access request to a server, and the access request may be an example of a decryption request or an encryption request. The access request may include access information and file information for a file to be accessed. The server may validate the access information and generate an access package that includes a set of access keys and executable code. The access keys may be transmitted to the access client. The access client may execute the executable code and decrypt or encrypt the file. The file may include one or more data packs that include file access policies, ownership information, and file access logs.

Abstract: Systems and methods are described for generating a token for a data recipient and embedding within the token a data directive associated with a data provider. The token may be transmitted to the data recipient, and the token, and a request for user information, may be received from the data recipient. The systems and methods may perform, based on the data directive embedded in the token, filtering of user information data received from the data provider, and transmit the filtered user information data to the data recipient.

Abstract: A method may include receiving an event notification that a user identifier has been added to a project identifier in a database, the user identifier associated with resource access rights for a plurality of resources; querying a datastore for a first resource access patterns associated with the user identifier and the project identifier for a first period of time; inputting the first resource access patterns into a machine learning model; receiving an output from the machine learning model identifying a cluster identifier associated with user identifiers with similar access patterns as the first resource access patterns; and based on the output, modifying the resource access rights for the user identifier with respect to the project identifier

Abstract: A user interface to manage effective permissions on a graph database is disclosed. An input data identifying one or both of a portion of the graph database and a user or role associated with the graph database is received. For each of at least a subset of one or more nodes and one or more relationships comprising an identified portion of the graph database a set of selectable user controls is provided. A user input associated with changing the display state from the selected display state to the not selected display state, or vice versa, is received. A set of access rights data as stored in a memory is updated to associate with the identified user or role said set of one or more access rights with respect to the node or relationship in the identified portion of the graph database.

Abstract: Systems and methods are described for the generation of domain names that may be associated with a particular user device and may be encrypted to obfuscate the domain names of content requested by the user device.