25th week of 2019 patent applcation highlights part 79 |
Patent application number | Title | Published |
20190190861 | NOTIFICATIONS FOR UNAVAILABLE USERS OF A SOCIAL NETWORKING SYSTEM IMPLEMENTED USING A DATABASE SYSTEM - Disclosed are some implementations of systems, apparatus, methods and computer program products for providing notifications of unavailable users of a social networking system. Prior to sharing a message with a contact via a social networking system, a user may be notified of the unavailable status of the contact. In addition, backup contacts may be suggested so that the message may be shared with users who are available to respond. | 2019-06-20 |
20190190862 | FITNESS ACTIVITY RELATED MESSAGING - In one embodiment, a method for generating a message to a friend of a user is provided, comprising: processing activity data of a first user measured by an activity monitoring device to update a value of an activity metric for the first user; identifying a change in an inequality relationship between the value of the activity metric for the first user and a value of the activity metric for a second user; in response to identifying the change in the inequality relationship, prompting the first user to generate a message to the second user. | 2019-06-20 |
20190190863 | METHOD, APPARATUS, AND COMPUTER PROGRAM PRODUCT FOR DETERMINING ACCESS CONTROL PARAMETER DISCREPANCIES IN GROUP-BASED COMMUNICATION CHANNELS WITH A GROUP-BASED COMMUNICATION SYSTEM - This disclosure describes a group-based communication system comprising a group-based communication server and a group-based communication repository. The group-based communication server manages access control parameter discrepancies between a group-based communication channel and a requested resource that is disposed in communication with the group-based communication channel. | 2019-06-20 |
20190190864 | EMBEDDING ACTIONABLE CONTENT IN ELECTRONIC COMMUNICATION - Embedding actionable content in electronic communication comprises associating an embedding gadget with an electronic message and modifying the electronic message based on the embedding gadget. | 2019-06-20 |
20190190865 | MESSAGE SHARING METHOD FOR SHARING IMAGE DATA REFLECTING STATUS OF EACH USER VIA CHAT ROOM AND COMPUTER PROGRAM FOR EXECUTING SAME METHOD - A message sharing method includes: receiving image data captured via an imaging unit; receiving text input by a user via the input unit; analyzing, by a processor, the text and the image data and extracting a first object related to the user by using at least one of a result of analyzing the text, a result of analyzing the image data, and a sensed value obtained from a sensor unit; editing the image data to further include the extracted first object, and converting the edited image data to a thumbnail format; sharing the converted image data and the text with another user via a chat room. | 2019-06-20 |
20190190866 | Multi-Tiered Anti-Spamming Systems and Methods - Embodiments are provided for reducing unwanted messages or spam within a real-time social networking service. According to certain aspects, a synchronous analysis module may operate in coordination with an asynchronous analysis module. Each of the synchronous analysis module and the asynchronous analysis module analyzes an incoming message from a user account to determine whether the incoming message has characteristics of spam, whereby the synchronous analysis is at a lower latency than the asynchronous analysis. The asynchronous analysis is afforded the ability to identify certain spam characteristics that the synchronous analysis may identify during its lower latency analysis. | 2019-06-20 |
20190190867 | SMART MESSAGE DELIVERY BASED ON TRANSACTION PROCESSING STATUS - A method for message delivery to a transaction processor is presented. The method may include receiving a message having transaction information. The method may also include determining if the received message is prohibited from delivery based on comparing the transaction information with a blacklist, wherein the blacklist is used to block messages. In response to determining that received message is prohibited from delivery, the method may then include refusing message delivery or delaying message delivery. In response to determining that the received message is not prohibited from delivery, the method may further include enqueuing the message in a request queue. The method may also include receiving a reply message with a transaction status update from the transaction processor. The method may then include updating the blacklist based on the received reply message with the transaction status update. | 2019-06-20 |
20190190868 | LINK WITH PERMISSION PROTECTED DATA PREVIEW - Aspects of the present disclosure relate to systems and methods for providing a preview of protected content in a user interface to an email client. An email client may receive an email message including a uniform resource locator (URL) linked to at least one item stored in a data service. The email client may send the URL to an email server to determine whether a recipient of the URL has permissions to the at least one item stored in the data service. When it is determined that the recipient of the URL has permissions to the at least one item stored in the data service, content for a permission protected preview of the at least one item may be received at the email client. The email client may render the permission protected preview of the at least one item in a user interface to the email client. | 2019-06-20 |
20190190869 | SYSTEMS AND METHODS FOR SHARING CONTENT - Systems, methods, and non-transitory computer-readable media can provide a messaging interface that includes at least an option for sending ephemeral messages to users of a social networking system and an option for sending non-ephemeral messages to users of the social networking system; and send a message through the social networking system, wherein the message is sent through an ephemeral message thread or a non-ephemeral message thread as designated by a user operating the computing device. | 2019-06-20 |
20190190870 | SYSTEMS AND METHODS FOR SHARING CONTENT - Systems, methods, and non-transitory computer-readable media can provide a messaging interface that includes a first option for exchanging ephemeral messages with users of a social networking system and a second option for exchanging non-ephemeral messages with users of the social networking system; determine that a user operating the computing device has selected the first option for sending an ephemeral message; and cause the ephemeral message to be sent through the social networking system. | 2019-06-20 |
20190190871 | SYSTEMS AND METHODS FOR SHARING CONTENT - Systems, methods, and non-transitory computer-readable media can provide a messaging interface, the messaging interface including a first region and a second region, the first region being segmented from the second region; provide one or more options in the first region for sending and receiving ephemeral messages through a social networking system; and provide one or more options in the second region for sending and receiving non-ephemeral messages through the social networking system. | 2019-06-20 |
20190190872 | SYSTEMS AND METHODS FOR SHARING CONTENT - Systems, methods, and non-transitory computer-readable media can provide a messaging interface, the messaging interface including a first region and a second region, the first region being segmented from the second region; provide access to one or more ephemeral message threads in the first region, the ephemeral message threads being ranked according to one or more criteria; and provide access to one or more non-ephemeral message threads in the second region, the non-ephemeral message threads being ranked according to one or more criteria. | 2019-06-20 |
20190190873 | CONTINUED INFLUENCED THREADS - A method and system for continued influenced threads, and more specifically, for augmenting a thread on a channel based on affinity. Other threads on different channels are monitored by analyzing content being discussed in the threads. An affinity with the other threads is identified, in order to establish an association between the threads, based on the analyzed content, wherein the association may be established by determining whether the analyzed content is shared between the threads. The thread is then modified based on the identified affinity, by copying at least a portion of the other threads. | 2019-06-20 |
20190190874 | People Matching for Social Activities on an Online Social Network - In one embodiment, a method includes identifying multiple users of an online social network based on one or more affinity coefficients between the users and a geographical location associated with each of the users and sending a message corresponding to an activity recommendation to each of the users. The method also includes receiving one or more responses to the message from one or more users of the multiple users, respectively, where each response indicates whether the respective user is interested in the recommended activity. The method further includes, if the response from each of at least two of the users indicates an interest in the recommended activity, then sending a notification to each of the users who indicated an interest in the recommended activity identifying the other users who also indicated an interest in the recommended activity. Otherwise, the method includes deactivating the activity recommendation. | 2019-06-20 |
20190190875 | SHARING CONTENT TO MULTIPLE PUBLIC AND PRIVATE TARGETS IN A SOCIAL NETWORK - Described herein is a technique to facilitate the sharing of a content item presented in a content feed of a social networking service. Upon detecting that a member has selected an option to share a content item, a content sharing interface is presented. The content sharing interface includes options share the content item publically via a content feed, and privately via a messaging service. The content sharing interface provides a ranked list of recommended recipients, where the recommended recipients in the list are selected and ordered based on several factors, including factors relating to the relationship between the sharing member and the recommended recipients, as well as factors relating to the subject matter of the content item and the likelihood that a recommended recipient would be interested in the content item. | 2019-06-20 |
20190190876 | MANAGEMENT OF MEMBERS OF SOCIAL NETWORK CONVERSATIONS - Disclosed are some implementations of systems, apparatus, methods and computer program products for managing members of online social network conversations. A user can access a list of members of an online social network conversation by interacting with a user interface element of a graphical user interface (GUI). The list of members can be modified directly via interaction with the list. | 2019-06-20 |
20190190877 | INVERTED FAN-OUT FOR RELEVANT NOTIFICATION OF ACTIVITY - Techniques for reducing delay in broadcasting content over a network using an inverted fan-out process are disclosed herein. In some embodiments, a computer-implemented method comprises: in response to an activity associated with content being performed by a user on an online service, detecting that the activity has been performed: identifying a plurality of recipient users in response to the detecting; and for each one of the plurality of recipient users, transmitting a notification of the activity to a destination associated with the recipient user in response to the identifying of the recipient users, the notification comprising an indication of the content, and the transmitting of the notification of the activity being performed without waiting for the recipient user to navigate to a web page of the online service on a computing device or for the recipient to open a mobile application of the online service on a mobile device. | 2019-06-20 |
20190190878 | Bi-Directional Multi-Channel Social Media Brokering - The present disclosure provides a detailed description of techniques used in systems, methods, and in computer program products for bi-directional social media broker services that connect multiple social media sites using a common management framework. The claimed embodiments address the problem of efficiently scaling and managing bidirectional interaction with multiple social media publishing channels. More specifically, the claimed embodiments are directed to approaches for a computing platform having multiple message broker modules that enable bi-directional communication of messages between a common resource manager and a plurality of social media sites. The message broker modules can receive messages in a unified message format from the common resource manager, queue the messages for asynchronous processing, translate the messages from the unified message format to a site-specific format, and deliver the translated messages to multiple social media sites. | 2019-06-20 |
20190190879 | METHODS AND SYSTEM FOR DISTRIBUTING INFORMATION VIA MULTIPLE FORMS OF DELIVERY SERVICES - A content distribution facilitation system is described comprising configured servers and a network interface configured to interface with a plurality of terminals in a client server relationship and optionally with a cloud-based storage system. A request from a first source for content comprising content criteria is received, the content criteria comprising content subject matter. At least a portion of the content request content criteria is transmitted to a selected content contributor. If recorded content is received from the first content contributor, the first source is provided with access to the received recorded content. The recorded content may be transmitted via one or more networks to one or more destination devices. Optionally, a voice analysis and/or facial recognition engine are utilized to determine if the recorded content is from the first content contributor. | 2019-06-20 |
20190190880 | TARGET OBJECT SELECTION METHOD, SERVER, AND COMPUTER STORAGE MEDIUM - A target object selection method, a server, and a computer storage medium are disclosed. The method includes selecting a first one candidate user meeting a first condition in a target area, the first condition characterizing a user who has appeared in the target area; extracting a first social relationship chain of the at least one candidate user in the target area, the social relationship chain comprising a first related user who has a social relationship with the candidate user; and selecting a first one target user in the target area based on the first social relationship chain and sending information to the first target user. | 2019-06-20 |
20190190881 | SOCIAL MEDIA INTEGRATION FOR TRANSPORT ARRANGEMENT SERVICE - A computing system can receive a pick-up request including a carpool service preference from a requesting user. The system can access user data of the requesting user and a plurality of potential carpool riders, and determine one or more common links between the requesting user and each of one or more carpool riders of the plurality of potential carpool riders. The system may then select the one or more carpool riders to ride with the requesting user in the carpool vehicle, and transmit a notification to the requesting user to indicate the one or more common links between the requesting user and each of the one or more carpool riders. | 2019-06-20 |
20190190882 | CONNECTION ESTABLISHMENT FOR NODE CONNECTED TO MULTIPLE IP NETWORKS | 2019-06-20 |
20190190883 | DNS SERVER AND CONFIGURATION LOADING METHOD, DNS NETWORK SYSTEM, AND DOMAIN NAME RESOLUTION METHOD AND SYSTEM - The present disclosure provides an DNS server and configuration loading method, an DNS network system, and a domain name resolution method and system. The present disclosure relates to the field of network communication technologies. The DNS server configuration loading method includes: dividing at least two NS partitions according to network carriers and/or regions; based on an IP address of an DNS server, obtaining an NS partition on which the DNS server has a traffic; from local records or database, filtering out domain name configuration information belonging to the NS partition corresponding to the DNS server; and loading the filtered-out domain name configuration information into a memory of the DNS server. The present disclosure significantly reduces the amount of DNS configuration; increases the efficiency for the DNS server to load the domain name configuration information; reduces the loading time; and reduces the memory resource consumption of the DNS server. | 2019-06-20 |
20190190884 | DEVICE IDENTIFICATION SYSTEMS - Methods and systems for a device identification system may be provided. The device identification system may determine an identity of a user device associated with a transaction. The identity may be determined by network address information, hard link information, soft link information, and/or other such information. The network address information may include IPv4 information, IPv6 information, a device ID, and/or other such information. The identity of the user device may be determined and a transaction conducted from the user device may be assigned a fraudulent transaction risk score according to the information. Transactions that are determined to be at a high risk of fraud may be reviewed or otherwise flagged and/or canceled. | 2019-06-20 |
20190190885 | DATA NETWORK ADDRESS SHARING - A connection ( | 2019-06-20 |
20190190886 | METHOD AND APPARATUS FOR PROVIDING OVER THE TOP STREAMING - Various implementations described herein are directed to technologies for providing over the top streaming for one or more clients of a network. A network is formed among the network among customer premises equipment. The customer premises equipment may include at least a gateway and the one or more clients. A user selection for over the top (OTT) content is received. The OTT content is received and includes one or more cue points. The gateway is marked as a proxy server in response to receiving the one or more cue points. Proxy data is received from the gateway corresponding to the one or more cue points. | 2019-06-20 |
20190190887 | Wireless Mesh Access Point with User-Space Tunneling - This document describes methods, devices, systems, and means for a wireless mesh access point with user-space tunneling. A first wireless mesh network access point (WMAP) determines that a frame from a first device is destined for a second device associated with a second WMAP. The first WMAP encapsulates the frame to produce an encapsulated frame that includes an Internet Protocol (IP) header and a payload, the Internet Protocol (IP) header including an IP destination address of the second WMAP and an IP source address of the first WMAP, and the payload including a header and payload data from the frame. The first WMAP sends the encapsulated frame to the second WMAP using a station mode interface of the first WMAP, which causes the second WMAP to forward the frame to the second device. | 2019-06-20 |
20190190888 | AUTOMATED HOST-BASED FIREWALL CONFIGURATION MANAGEMENT - In an example, a computing system is configured to monitor for changes to a cloud environment that includes a configuration management system and one or more nodes to operate one or more first host-based firewall configurations, respectively, the host-based firewall configuration(s) generated based on code provided by the configuration management system; in response to a detection of a change, increment a version count associated with the cloud environment; identify a request from one of the nodes, the request including version information for a corresponding one of the host-based firewall configuration(s); compare the version information from the request to a current value of the version count; and in response to the comparison indicating a mismatch, control the node associated with the request to converge with the configuration management system to cause the node associated with the request to operate with a second host-based firewall configuration. | 2019-06-20 |
20190190889 | AGENT-LESS MICRO-SEGMENTATION OF A NETWORK - The technology disclosed herein enables the micro-segmentation of a network without agents. In a particular embodiment, a method provides, in a packet-handler controller of a virtual computing environment, determining one or more policies in a first format that identify one or more packet characteristics and how packets with the one or more packet characteristics should be handled within the virtual computing environment. The method further provides converting the one or more policies from the first format to a second format used by a domain controller for one or more computing systems outside of the virtual computing environment. Also, the method provides distributing the one or more policies in the second format to at least one of the one or more computing systems. | 2019-06-20 |
20190190890 | DATA SANITIZATION SYSTEM FOR PUBLIC HOST PLATFORM - The example embodiments are directed to a system and method for managing blockchain transaction processing. In an example, the method includes one or more of receiving a message transmitted from a client device, the message including a predefined structural format for processing by a service providing computing system, determining a type of the message and detecting one or more sensitive fields within the message based on the determined type of the message, anonymizing values of the one or more sensitive fields within the message while leaving the predefined structural format intact, and transmitting the anonymized message including the one or more anonymized values with the predefined structural format remaining intact to the service providing computing system. The system can anonymize data from a private network before it is transmitted to a public service. | 2019-06-20 |
20190190891 | SECURE COMMUNICATION PROTOCOL PROCESSING - Example methods are provided for secure communication protocol processing in a network environment. The method may comprise, in response to detecting a first transport protocol packet that is addressed from a first endpoint to a second endpoint and includes unencrypted payload data and a first sequence number, generating and sending a first secure communication protocol packet that includes encrypted payload data and a second sequence number. The method may also comprise, in response detecting a second transport protocol packet that includes the first sequence number, determining that the second transport protocol packet is a retransmission of the first transport protocol packet. The method may further comprise generating and sending a second secure communication protocol packet that includes the second sequence number associated with the first sequence number. | 2019-06-20 |
20190190892 | Offloading communication security operations to a network interface controller - Computing apparatus includes a host processor, which runs a virtual machine monitor (VMM), which supports a plurality of virtual machines and includes a cryptographic security software module. A network interface controller (NIC) links the host processor to a network so as to transmit and receive data packets from and to the virtual machines and includes a cryptographic security hardware logic module, which when invoked by the VMM, applies the cryptographic security protocol to the data packets while maintaining a state context of the protocol with respect to each of the virtual machines. Upon encountering an exception in applying the cryptographic security protocol, the NIC transfers the data packet, together with the state context of the cryptographic security protocol with respect to the given virtual machine, to the cryptographic security software module for processing. | 2019-06-20 |
20190190893 | SECURE MESSAGE INCLUDING A VEHICLE PRIVATE KEY - An example apparatus comprises a memory resource configured to store a private key associated with a vehicle and store a data matrix comprising data corresponding to operation of the vehicle. The apparatus may further include a processing resource configured to generate a first secure message comprising data corresponding to the vehicle, transmit the first secure message, receive a second secure message comprising an updated data matrix, and update the data matrix based, at least in part, on the updated data matrix. | 2019-06-20 |
20190190894 | SECURE DOMAIN NAME SYSTEM TO SUPPORT A PRIVATE COMMUNICATION SERVICE - Described herein are systems, methods, and software to enhance secure communications between computing systems. In one implementation, a private domain name system (DNS) receives a DNS lookup request from a computing system of a plurality of computing systems associated with a private communication group, and forwards the DNS lookup request to a public DNS. The private DNS further receives a public address associated with the DNS lookup request from the public DNS, translates the public address to a private address, and transfers the private address to the requesting computing system. | 2019-06-20 |
20190190895 | METHOD OF CONTROL OF ONLINE SHARING OF DIGITAL PHOTOGRAPHS AND VIDEO - A method for authorizing online sharing of content including a digital photograph or video, includes receiving, at an electronic device, the content, identifying an image of a person in the content, identifying authorization conditions associated with the person, identifying an image of an object or audio in the content, based on both the image of the person identified and the image of the object or audio identified, determining if the authorization conditions associated with the person are met, and in response to determining that the authorization conditions are met, providing online access to the digital photograph or video. | 2019-06-20 |
20190190896 | Protecting sensitive data in a distributed ledger system using a blockchain channel hierarchy - A blockchain hierarchy comprises an arrangement of blockchain channels organized such that a blockchain channel at a lower level feeds data to another blockchain channel, e.g., a relatively higher level. At least one blockchain channel comprises a private autonomous subset of peers in the set of peers that comprise the blockchain network. Within that particular subset, one of the peers is elected as a leader entity, which has the capability of also joining another private or public blockchain channel, e.g., one at a higher level in the hierarchy. The leader entity includes a capability to enforce a data protection policy within the blockchain channel that it leads. To this end, the leader filters or declassifies data based on some task-specific (or blockchain channel-specific) data protection policy, and it then makes that data available to one or more other blockchain channels in the hierarchy (directly or indirectly). | 2019-06-20 |
20190190897 | METHODS AND SYSTEMS FOR TRANSFERRING SECURE DATA AND FACILITATING NEW CLIENT ACQUISITIONS - Methods and systems for directly and securely transferring encrypted medical data between two remote locations, such as an imaging site and a diagnostic site, wherein the diagnostic site is not within a data transfer network utilized by the imaging site. The invention allows the diagnostic site to receive medical data and view the data using a thin client viewer, and allows the diagnostic site to register as an in-network site. | 2019-06-20 |
20190190898 | METHODS AND SYSTEMS FOR MANAGING INTERNET PREFERENCES - Methods, systems, and apparatuses for managing internet preferences include a personal portal web service with a preferred website uploader that uploads internet preferences such as bookmark data that identifies preferred websites for a user on a remote device. A data store stores the internet bookmark data and a graphical user interface is generated that enables the user to connect to the preferred websites specified by the internet bookmark data. An authentication data store stores authentication data such as usernames and passwords for websites that the user accesses. A credential applier automatically enters the authentication data into an application accessed through the graphical user interface of the personal portal. The personal portal web service can be set up to function as a home page for the user and accessed from any type of web browser or device. Restricted access is provided to data collected concerning usage of the service. | 2019-06-20 |
20190190899 | SECURE STORAGE OF MONOTONIC ODO VALUE INSIDE A SECURE HARDWARE ELEMENTS UPDATE COUNTER - A system for securely storing data, such as an odometer value in a vehicle, includes a non-transitory computer readable medium to store instructions of the system and a processor configured to execute the instructions. The processor is configured to use a master key to update a key and use a first key to store a value. The processor is further configured to use a second key for hiding the data and use a third key for securing the data. | 2019-06-20 |
20190190900 | APPARATUS, METHOD, AND COMPUTER PROGRAM FOR ENABLING A TRANSPORTATION VEHICLE COMPONENT AND VEHICLE-TO-VEHICLE COMMUNICATION MODULE - A device, method and computer program for enabling a vehicle component and a vehicle-to-vehicle communication module. The device includes at least one interface for communication with a second vehicle component of the transportation vehicle. The second vehicle component is part of a secured cluster of vehicle components of the transportation vehicle. The device includes a control module to control the at least one interface and to receive at least one message from the second vehicle component via the at least one interface. The control module legitimates the second vehicle component based on the at least one message received from the second vehicle component. The control module enables the first vehicle component in response to the at least one received message implying that the second vehicle component has been enabled and in response to the legitimation of the second vehicle component being successful. | 2019-06-20 |
20190190901 | ADAPTIVE AUTHENTICATION SYSTEMS AND METHODS - An embodiment includes a method executed by at least one processor comprising: determining a first environmental factor for a mobile communications device; determining a first security authentication level based on the determined first environmental factor; and allowing access to a first module of the mobile communications device based on the first security authentication level. Other embodiments are described herein. | 2019-06-20 |
20190190902 | METHOD AND SYSTEM FOR CREATING A UNIQUE IDENTIFIER - Method and apparatus for creating a second unique identifier for a user in a second system based on a first unique identifier for a user in a first system. A first authentication process is initiated based on a first unique identifier associated with the user in the first system. Responsive to the user successfully authenticating during the first authentication process, the second unique identifier for a user in the second system is generated. The second unique identifier is based on user data associated with the first unique identifier in the first system, and the second unique identifier is different from the first unique identifier. | 2019-06-20 |
20190190903 | Multi Factor Authentication - A method and system of authenticating a user are provided. A request for a resource is received by a server, from a user device. A predefined number is received from the user device. A first number and a second number are created. The first number is sent to the user device. A first discrete logarithm is determined based on a challenge code and the first number and sent to the user device. A first pass code is calculated via a second discrete logarithm based on the first discrete logarithm, the predefined number, and the first number. A second pass code based on the second discrete logarithm, is received from the user device. The first pass code is compared to the second pass code. Upon determining that the first pass code is identical to the second pass code, the user device is allowed access a resource associated with the computing device. | 2019-06-20 |
20190190904 | Multi Factor Authentication - A method and system of authenticating a user are provided. A request for a resource is received from a user device. A predefined number is received. A first number and a second number are created. A first discrete logarithm based on the first number and the predefined number is determined and sent to the user device, together with the second number. A second discrete logarithm is received from the user device. A first pass code is calculated via a third discrete logarithm, based on the second discrete logarithm, the first number, and the predefined number. A second pass code is received via a fourth discrete logarithm, based on the first discrete logarithm, the third number, and the predefined number. Upon determining that the first pass code is identical to the second pass code, the user device is allowed to access a resource associated with the computing device. | 2019-06-20 |
20190190905 | System and Method for Mobile Single Sign-On Integration - Improved methods and systems for integrating client-side single sign-on (SSO) authentication security infrastructure with a mobile authorization protocol are disclosed that provide clients with secured SSO mobile access to third-party services. Embodiments of the present invention leverage SSO authentication protocols that are utilized at many client-side systems already and integrate these SSO authentication protocols with a mobile SSO authorization protocol, thereby effectively extending the SSO framework to mobile service requests of web services at third-party service provider systems. Embodiments of the present invention provide a secure and automated solution which may be implemented in any existing client-side SSO frameworks with minimum cost and time, while providing a lightweight and secure solution that provides users using either native applications or mobile web application to access third-party web services. | 2019-06-20 |
20190190906 | METHOD AND SYSTEM TO ENABLE A VIRTUAL PRIVATE NETWORK CLIENT - Aspects of the subject disclosure may include, for example, a method comprising transmitting, by a controller comprising a processor, a request to a server to enable initiation of a virtual private network session on behalf of devices other than the controller. The controller transmits authentication information to enable the server to validate the request, and receives a first list of computing devices. The controller transmits a first selection of a target device from the first list to cause the server to initiate the virtual private network session between the target device and a service node providing services to the target device via the virtual private network session. The controller receives a second list of applications executable on each of the computing devices, and transmits to the server a second selection of an application from the second list that is executable by the target device. Other embodiments are disclosed. | 2019-06-20 |
20190190907 | SYSTEM AND METHODS FOR CLIENT IDENTIFICATION AND VERIFICATION - A system and computer-implemented method for client identification and verification includes a memory device for storing data and a processor communicatively coupled to the memory device. The processor is programmed to receive merchant identification data corresponding to a merchant. The merchant identification data includes identification data relating to the identity of the merchant and a primary authorized user for the merchant. The processor is also programmed to generate a merchant profile from the merchant identification data for the merchant, and generate an activation code for the primary authorized user based on the merchant profile. The activation code is transmitted to the primary authorized user. The processor receives, from the primary authorized user, one or more biometrics of the authorized user, validates the biometrics of the authorized user, and upon validation of the biometrics, activates a merchant account. | 2019-06-20 |
20190190908 | SYSTEMS AND METHODS FOR AUTOMATIC MEETING MANAGEMENT USING IDENTITY DATABASE - Embodiments of the disclosure provide a system for managing an access control a meeting. The system may include a communication interface that receives video and audio of the meeting. The system may also include a processor that executes instructions to generate a biometric characteristic for an attendee based on at least one of the video and the audio, and to associate identity information of the attendee with the biometric characteristic based on a comparison of the biometric characteristic with stored biometric characteristics of known users. The processor may also execute the instructions to generate a data stream that includes at least one of the video and the audio of the attendee, to tag the data stream with the identity information based on the associated biometric characteristic, and to selectively cause the data stream to be shown on a display based on selection of the tag. | 2019-06-20 |
20190190909 | BIOMETRIC AUTHENTICATION OF INDIVIDUALS UTILIZING CHARACTERISTICS OF BONE AND BLOOD VESSEL STRUCTURES - Biometric authentication of a subject utilizing bone and/or blood vessel (vein or artery) structures is provided. A vertice profile is generated from a non-invasive, multi-dimensional image scan of a subject or a portion thereof. The vertice profile is generated by identifying relative locations of divots and peaks on a surface of a bone structure or by identifying branch intersections and traversals of blood vessels. Additional varication techniques can be used for proof of life (verification of human subject). If authenticated, access to physical or digital/virtual assets is allowed. | 2019-06-20 |
20190190910 | END-TO-END SECURITY COMMUNICATION METHOD BASED ON MAC PROTOCOL USING SOFTWARE DEFINED-NETWORKING, AND COMMUNICATION CONTROLLER AND COMPUTER PROGRAM FOR THE SAME - An end-to-end security communication method includes, when receiving a security key generation request packet from a first host, generating, by a communication controller, a security key for end-to-end security communication between the first host and a second host, transmitting the generated security key to each of the first host and the second host, and setting a forwarding rule for transmission of a packet destined for a Media Access Control (MAC) address of the first host or a MAC address of the second host to a first switch and a second switch connected respectively to the first host and the second host. According to the end-to-end security communication method, the communication controller performs the process of generating a security key that will be shared between hosts using Software Defined-Networking (SDN), so that MAC security communication technology can be applied to communication between hosts belonging to different networks. | 2019-06-20 |
20190190911 | METHODS, APPARATUS, AND SYSTEMS FOR IDENTITY AUTHENTICATION - An identity authentication method is provided. The method comprises receiving request information transmitted by an online terminal device for determining neighbor network devices and determining at least one neighbor network device of the online terminal device according to the request information, identifying at least one credible neighbor network device of the online terminal device from the at least one neighbor network device and identifying at least one weighted neighbor network device of the online terminal device from the at least one neighbor network device, and computing a credibility score of the online terminal device according to a number of the credible neighbor network device and a number of the weighted neighbor network device, generating authentication notification information according to the credibility score, the authentication notification information indicating whether the online terminal device passes identity authentication, and transmitting the authentication notification information to the online terminal device. | 2019-06-20 |
20190190912 | SERVICE IDENTITY PROPAGATION BETWEEN APPLICATIONS AND REUSABLE SERVICES - A request from a User for a Service is received by an Application. An Open Authorization (OAUTH) Client of the Service is requested from a Service Instance of the Service. A copy OAUTH Client of the Service specific to the User is provided based on a clone OAUTH Client associated with the Service Instance. A Token is obtained to access the Service by providing the copy OAUTH Client to a User Account and Authorization (UAA) entity. Access to the Service is obtained by providing the Token. | 2019-06-20 |
20190190913 | SYSTEMS, DEVICES, AND METHODS FOR AUTHENTICATION IN AN ANALYTE MONITORING ENVIRONMENT - Systems, devices, and methods are provided that allow the authentication of devices within analyte monitoring systems. The analyte monitoring systems can be in vivo systems and can include a sensor control device with a sensor and accompanying circuitry, as well as a reader device for communicating with the sensor control device. The analyte monitoring systems can interface with a trusted computer system located at a remote site. Numerous techniques of authentication are disclosed that can enable the detection of counterfeit components, such as a counterfeit sensor control device. | 2019-06-20 |
20190190914 | SECURE INTERNAL DATA NETWORK COMMUNICATION INTERFACES - A system, method, and apparatus for providing secure communications to one or more users through an unclassified network. The system may include a network access management device may have a plurality of internal data network communications interfaces configured to communicate with at least one classified computing device using a National Security Agency (NSA) Commercial Solution for Classified (CSfC) comprised solution and an external data network communications interface configured to communicate with an unclassified network. A network access management device may use an inner NSA CSfC approved tunneling technology, an outer NSA CSfC approved tunneling technology, and a processor configured to perform processing and routing protocols associated with interconnecting the internal data network communications interface and the external data network communications interface. | 2019-06-20 |
20190190915 | METHOD AND APPARATUS TO CONFIGURE AND REGULATE NETWORK ACCESS OF DEVICES - Different embodiments to improve configuring and/or regulating network access. For example, one embodiment could receive rules set by a parent via her mobile device, and access data from external systems via their corresponding APIs. Based on rules from the parent, and one or more sets of data from the APIs, the embodiment could send control signals to a local device to regulate the network access of a child's electronic device. Other Embodiments can operate to configure a network device for use on a local (e.g., home) wireless network. The configuration can be facilitated by a remote server (e.g., cloud-based server) that can be used to interact with a local wireless modem. | 2019-06-20 |
20190190916 | SYSTEMS AND METHODS FOR MANAGING PRIVACY SETTINGS OF SHARED CONTENT - A system for managing privacy of shared content. The system includes a terminal device and a server device. The terminal device includes a content receiving device configured to receive content, a storage configured to store content by the content receiving device, a privacy setting determiner, a content obfuscator; and a transmitter configured to transmit obfuscated content. The server device includes a receiver configured to receive the obfuscated content from the transmitter of the terminal device, a publisher configured to publish the obfuscated content, and a de-obfuscator configured to, based on the received request to change privacy settings, de-obfuscate the at least a portion of the received content to generate de-obfuscated content. | 2019-06-20 |
20190190917 | MULTI-TENANT SUPPORT USER CLOUD ACCESS - Disclosed herein are system, method, and computer program product embodiments for generating support user permissions to allow access to a cloud computing platform. In an embodiment, a host system may host a cloud computing platform and may provide access to the cloud computing platform to a tenant system. The tenant system may then facilitate access to the cloud computing platform to users. The tenant system may maintain a list of authorized users separate from the host system. In an embodiment, if the tenant system requests support from the host system to fix a problem, the host system is able to generate access for support users to access the cloud computing platform to troubleshoot the problem. In an embodiment, even though the tenant system maintains a separate list of authorized users, the host system is able to generate support user permissions. | 2019-06-20 |
20190190918 | REMOTE PROFILE SECURITY SYSTEM - A method comprises storing, at the server computer system, user profile information for the remote user. The user profile information for the remote user (or a link to the user profile information) is encrypted using authentication information. The user profile information is associated with user identification information, at the server computer system, using the authentication information, which is selectively made available by the remote user via the network to the server computer system in order to enable the server computer system to associate the user profile information with the user identification information. | 2019-06-20 |
20190190919 | AUTOMATIC WHITELISTING USING WILDCARDING - A computer security system provides for auto-populating process-connection whitelists using process wildcarding and connection wildcarding. Process wildcarding involves grouping process-connection requests together in a process* group without regard to the presence of distinct process arguments; in contrast, some process-connection requests may be separated both by process and by argument into process argument groups. The process-connection requests may then be analyzed on a group-by-group basis to determine which processes can be mapped to wildcarded connection in a respective process-connection whitelist. | 2019-06-20 |
20190190920 | DEVICE AUTHENTICATION USING SYNCHRONIZED ACTIVITY SIGNATURE COMPARISON - A system, method and program product for authenticating a device. An authentication service is provided having: a data management system for periodically collecting and storing signature data from each of a set of registered devices, wherein the signature data includes a plurality of data points, and wherein at least one of the data points includes a device usage characteristic; a system for obtaining a temporal signature state (TSS) vector of a device in response to a transaction request from the device, wherein the TSS vector includes values for a selected subset of the data points forming the signature data; and an authenticator for comparing the TSS vector of the device with stored signature data in order to authenticate the device. | 2019-06-20 |
20190190921 | DISTRIBUTED COMPUTATIONAL ANALYTIC SHARING ARCHITECTURE - Described are systems and methods for securely distributing computational analysis across analytics nodes. In some embodiments, a system includes a plurality of analytics nodes with each analytics node managing access to its own data sources. The system includes an analytics controller configured to interact with a user to generate an analytic request including a selection of one or more analytics and a selection of one or more data sources determined based on the one or more selected analytics. The generated analytic request is transmitted to one or more analytics nodes corresponding to the one or more selected data sources. Each analytics node that receives the analytic request is configured to execute the analytic request to generate a result. The result from each analytics node of the one or more analytics nodes can be transmitted to the user issuing the analytic request. | 2019-06-20 |
20190190922 | USER ABSTRACTED RBAC IN A MULTI TENANT ENVIRONMENT - A method and system for improving efficiency and security of a role based access control (RBAC) identity management system. A service provider owner requests an addition of a service provider identity dataset to a role dataset in the RBAC identity management system. The role dataset includes permissions to the individual users within the service provider identity dataset to access a secured resource of the RBAC identity management system and to perform the service on the secured resource. Addition of the service provider identity dataset to the role dataset is granted and is periodically revalidated which includes receiving an instruction to maintain or delete the service provider identity dataset from the role dataset. Access to the secured resource is based on the service provider identity dataset in the role dataset, instead of being based on the individual users, which improves the efficiency and security of the RBAC identity management system. | 2019-06-20 |
20190190923 | SECURE, NON-DISRUPTIVE FIRMWARE UPDATING - Firmware updates for, e.g., thin client devices may be achieved in a seamless, non-disruptive manner using a two-stage firmware loader, including a base loader pre-installed on the device and a caching loader downloaded, by the base loader, from a firmware server and thereafter responsible for downloading and updating other firmware application packages. | 2019-06-20 |
20190190924 | METHOD AND SYSTEM FOR IDENTIFYING NETWORK LOOPS - Identifying network loops is disclosed including determining a first data packet having a time to live (TTL) that at least meets a first condition, the first data packet having a destination internet protocol (IP) address; within a time period after the determining of the first data packet, identifying a plurality of second data packets that are to be transmitted to the destination IP address; and determining whether a network loop exists for the destination IP address based on TTLs of the plurality of second data packets. | 2019-06-20 |
20190190925 | AUTOMATED SECURITY POLICY GENERATION FOR CONTROLLERS - In one implementation, a method for automatically generating a security policy for a controller includes receiving, by a security policy generation system and from a controller development environment, code for a device controller; selecting middleware that enforces a security policy; analyzing the code for the device controller; based at least in part on the analyzing, automatically generating the security policy; and providing the selected middleware along with the generated security policy. | 2019-06-20 |
20190190926 | METHOD AND SYSTEM FOR VEHICLE CYBER-ATTACK EVENT DETECTION - A vehicle cyber-attack detection system includes at least one first tier security module coupled to at least one onboard system of a respective vehicle and being configured so as to receive system log data generated by the at least one onboard system of the respective vehicle. The first tier security module extracts extracted features from the system log data with natural language processing and includes a first cyber-attack anomaly detection module that identifies a first cyber-attack based on system entropy measurements determined from the extracted features, and a second cyber-attack anomaly detection module that includes a deep learning component that identifies a second cyber-attack based on classification of the extracted features. A cyber-attack alert module is coupled to the first tier security module for generating a notification of one or more of the first cyber-attack and the second cyber-attack to effect cyber-attack diagnostics and remediation by vehicle personnel. | 2019-06-20 |
20190190927 | ANALYSIS OF COMPLEX RELATIONSHIPS AMONG INFORMATION TECHNOLOGY SECURITY-RELEVANT ENTITIES USING A NETWORK GRAPH - A filter is selected from one or more filters defined for an ETD Network Graph. Events are fetched from the selected log files based on the selected filter and entities identified based on the fetched Events. Relationships are determined between the identified entities, and the determined relationships and identified entities are displayed in the ETD Network Graph. An identified entity is selected to filter data in an ETD Event Series Chart. An Event is selected in the ETD Event Series Chart to display Event Attributes in an Event Attribute Dialog. An Event Attribute is selected in the Event Attribute Dialog to filter Events in the ETD Event Series Chart. | 2019-06-20 |
20190190928 | CORRELATING ENDPOINT AND NETWORK VIEWS TO IDENTIFY EVASIVE APPLICATIONS - In one embodiment, a service receives traffic telemetry data regarding encrypted traffic sent by an endpoint device in a network. The service analyzes the traffic telemetry data to infer characteristics of an application on the endpoint device that generated the encrypted traffic. The service receives, from a monitoring agent on the endpoint device, application telemetry data regarding the application. The service determines that the application is evasive malware based on the characteristics of the application inferred from the traffic telemetry data and on the application telemetry data received from the monitoring agent on the endpoint device. The service initiates performance of a mitigation action in the network, after determining that the application on the endpoint device is evasive malware. | 2019-06-20 |
20190190929 | ELECTRONIC MAIL SECURITY USING ROOT CAUSE ANALYSIS - Electronic communications passing through a communication gateway or similar device for an enterprise can be monitored for indicators of malicious activity. When potentially malicious activity is identified, a user-based inquiry can be employed to identify potential sources of the malicious activity within the enterprise network. More specifically, by identifying a user that sourced the communication, instead of or in addition to a network address, devices within the enterprise network associated with the user can be located, analyzed, and remediated as appropriate. | 2019-06-20 |
20190190930 | Method and System For Detecting Movement of Malware and Other Potential Threats - Methods and systems, including devices, which allow for the rapid detection of malware and other threats, such as malicious intrusions and attacks, are disclosed. These methods and systems, including devices, detect malware and other threats by detecting and analyzing lateral movement of the malware and other threats, once having entered a network, such as an enterprise network. | 2019-06-20 |
20190190931 | DETECTION OF BOTNETS IN CONTAINERIZED ENVIRONMENTS - A method and system for runtime detection of botnets in containerized environments. The method includes creating a domain name system (DNS) policy for a software container, wherein the DNS policy defines at least a plurality of allowed domain names for the software container, wherein the DNS policy is created based on historical DNS queries by the software container; detecting a botnet based on traffic to and from the software container, wherein the botnet is detected when at least a portion of the traffic does not comply with the DNS policy, wherein the botnet is implemented via communication with a bot executed in the software container; and blocking at least one DNS query in the at least a portion of traffic, wherein each blocked DNS query is to a domain having a domain name that does not match any of the plurality of allowed domain names for the software container. | 2019-06-20 |
20190190932 | DYNAMIC CONFIGURATION OF SETTINGS IN RESPONSE TO DDOS ATTACK - A system can monitor the server for indications of an attack and adjusts server settings accordingly. In response, the system can increase server tolerance in a systematic way to deal with DDoS by adjusting server settings appropriately. Conversely, when the server is not under attack, the settings can be adjusted to those for standard operations (e.g., adjusted downward), as they are more optimal for normal, non-attack operations. | 2019-06-20 |
20190190933 | BEHAVIORAL AND ACCOUNT FINGERPRINTING - Activity specifications of a plurality of activities to be monitored are received. Each activity specification of the activity specifications identifies properties of a corresponding activity of the activities to be monitored. A fingerprint specification of a computer security risk fingerprint is received. The fingerprint specification identifies a combination of two or more of the activities to be detected. A log of activities to identify occurrences of the activities to be monitored is analyzed. Based on the analysis, the computer security risk fingerprint in the log of activities is detected, including by detecting an occurrence of at least a portion of the combination of the activities identified by the fingerprint specification. A computer security action based on the detection of the computer security risk fingerprint is performed. | 2019-06-20 |
20190190934 | MITIGATING AGAINST MALICIOUS LOGIN ATTEMPTS - Techniques are disclosed for mitigating against malicious login attempts. In some examples, a computer system receives a plurality of login attempts to the system, the plurality of login attempts being originated from an Internet Protocol (IP) subnet. The computer system determines a ratio of successful login attempts to unsuccessful login attempts of the plurality of login attempts. Then, in response to determining that the ratio of a number of successful login attempts to total login attempts is below a predetermined threshold, the computer system denies a future login attempt to the system that is associated with the IP subnet for a first time period. | 2019-06-20 |
20190190935 | DISPLAYING A SERIES OF EVENTS ALONG A TIME AXIS IN ENTERPRISE THREAT DETECTION - One or more entities are selected for which logged Events are to be displayed in an Event Series Chart. One or more filters and a timeframe are selected. Events are fetched from one or more selected log files based on the one or more selected filters and the timeframe. The fetched Events are displayed in an Event Series Chart according to an associated timestamp and identification Event property value associated with each fetched Event. | 2019-06-20 |
20190190936 | ELECTRONIC MAIL SECURITY USING A HEARTBEAT - Electronic communications passing through a communication gateway or similar device for an enterprise can be monitored for indicators of malicious activity. When potentially malicious activity is identified, a user-based inquiry can be employed to identify potential sources of the malicious activity within the enterprise network. More specifically, by identifying a user that sourced the communication, instead of or in addition to a network address, devices within the enterprise network associated with the user can be located, analyzed, and remediated as appropriate. | 2019-06-20 |
20190190937 | APPARATUS METHOD AND MEDIUM FOR TRACING THE ORIGIN OF NETWORK TRANSMISSIONS USING N-GRAM DISTRIBUTION OF DATA - A method, apparatus, and medium are provided for tracing the origin of network transmissions. Connection records are maintained at computer system for storing source and destination addresses. The connection records also maintain a statistical distribution of data corresponding to the data payload being transmitted. The statistical distribution can be compared to that of the connection records in order to identify the sender. The location of the sender can subsequently be determined from the source address stored in the connection record. The process can be repeated multiple times until the location of the original sender has been traced. | 2019-06-20 |
20190190938 | ANOMALY DETECTION METHOD, LEARNING METHOD, ANOMALY DETECTION DEVICE, AND LEARNING DEVICE - An anomaly detection method includes: extracting, for each of a plurality of learning packets obtained, all possible combinations of N-grams in the payload included in the learning packet; counting a first number which is the number of occurrences of each combination in the payloads of the learning packets; calculating, as anomaly detection models, first probabilities by performing smoothing processing based on a plurality of the first numbers; and when the score calculated for each of a plurality of packets exceeds a predetermined threshold that is based on the anomaly detection models stored in a memory, outputting information indicating that the packet having the score has an anomaly. | 2019-06-20 |
20190190939 | PACKET ANALYSIS BASED IOT MANAGEMENT - Data packets transmitted to and from an IoT device are obtained and at least one of the data packets are analyzed using deep packet inspection to identify transaction data from payload of the at least one of the data packets. An event log is generated for the IoT device from the transaction data, the event log, at least in part, used to generate a historical record for the IoT device. The IoT device is profiled into a device profile based on the historical record for the IoT device. The event log is updated in real-time to indicate current operation of the IoT device. Abnormal device behavior of the IoT device is determined using the event log and the device profile. The device profile is updated to indicate the abnormal device behavior of the IoT device. | 2019-06-20 |
20190190940 | METHODOLOGY FOR INTELLIGENT PATTERN DETECTION AND ANOMALY DETECTION IN MACHINE TO MACHINE COMMUNICATION NETWORK - The present invention relates generally to network communications, and more particularly to machine-to-machine (M2M) data communications. The present invention provides for a method, apparatus and computer program product for detecting performance event data across a machine-to-machine (M2M) network indicative of anomalous performance of data and thereafter alerting users of performance issues in real-time or near real-time. | 2019-06-20 |
20190190941 | Network Quarantine Management System - A method for managing quarantines. A quarantine triggered by a network access policy is detected by a computer system. A determination is made by the computer system of whether to enforce a quarantine rule for the quarantine utilizing a quarantine enforcement model trained utilizing a machine-learning process to classify quarantine rules in response to detecting the quarantine rule. The quarantine is deactivated by the computer system when the quarantine rule is classified as inappropriate such that a risk of a threat is balanced with a group of operational considerations. | 2019-06-20 |
20190190942 | Systems and Methods for Distributed P25 LMR Radio Vulnerability Management and Real-Time Interference Monitoring - A threat monitoring and vulnerability management system is disclosed. The system includes one or more sensors configured to scan a frequency spectrum of a project 25 (P25) network and to collect data on the P25 network. The system further includes a server coupled to the sensors and configured to receive the collected data from the plurality of sensors, compare the collected data with previously stored historical data to determine whether an anomaly exists within data patterns of the collected data, responsive to determining that the anomaly exists, determine at least one of: whether use of a cloned radio that mimics an authorized connection occurs, whether jamming of a radio frequency (RF) communication occurs, or whether jamming of a voice communication occurs within the P25 network by comparing the collected data with preset thresholds, and send a real-time alert to a dispatch and control console unit coupled to the server and the P25 network in response to determining that some of the collected data exceeds at least one of the preset thresholds, such that the dispatch and control console unit provides one or more corrective actions to the P25 network. | 2019-06-20 |
20190190943 | Methods, Systems and Media for Evaluating Layered Computer Security Products - Methods, systems and media for evaluating layered computer security products are provided. In some embodiments, the method comprises: (a) identifying portions of attack data associated with an attack; (b) linking the portions of attack data; (c) testing security products using the linked attack data, at least two of the security products using different portions of the linked attack data; (d) storing the results of the testing; (e) repeating (a)-(d) for multiple attacks; receiving information identifying a subset of the security products from a remote computing device; identifying a first set of detected attacks for each of the plurality of security product using the stored results; determining a number of attacks in a union of each of the first sets of identified attacks; determining a detection rate for the identified security products based on the union and the number of tested attacks; and causing the detection rate to be presented. | 2019-06-20 |
20190190944 | SYSTEMS AND METHODS FOR ATTACK SIMULATION ON A PRODUCTION NETWORK - The disclosure is directed towards systems and methods for improving security in a computer network. The system can include a planner and a plurality of controllers. The controllers can be deployed within each zone of the production network. Each controller can be configured to assume the role of an attacker or a target for malicious network traffic. Simulations of malicious behavior can be performed by the controllers within the production network, and can therefore account for the complexities of the production network, such as stateful connections through switches, routers, and other intermediary devices. In some implementations, the planner can analyze data received from the controllers to provide a holistic analysis of the overall security posture of the production network. | 2019-06-20 |
20190190945 | Corroborating threat assertions by consolidating security and threat intelligence with kinetics data - A cognitive security analytics platform is enhanced by providing a computationally- and storage-efficient data mining technique to improve the confidence and support for one or more hypotheses presented to a security analyst. The approach herein enables the security analyst to more readily validate a hypothesis and thereby corroborate threat assertions to identify the true causes of a security offense or alert. The data mining technique is entirely automated but involves an efficient search strategy that significantly reduces the number of data queries to be made against a data store of historical data. To this end, the algorithm makes use of maliciousness information attached to each hypothesis, and it uses a confidence schema to sequentially test indicators of a given hypothesis to generate a rank-ordered (by confidence) list of hypotheses to be presented for analysis and response by the security analyst. | 2019-06-20 |
20190190946 | DETECTING WEBPAGES THAT SHARE MALICIOUS CONTENT - Methods and systems for detecting webpages that share malicious content are presented. A first set of webpages that hosts a web account checker is identified. A baseline page structure score and a baseline language score are calculated based on the identified first set of webpages. Content from a second set of webpages is collected and analyzed based on the calculated baseline page structure and the calculated baseline language scores. One or more of the second set of webpages is flagged as malicious based on the analyzing of the content collected from the second set of webpages. | 2019-06-20 |
20190190947 | PREDICTIVE CROWDSOURCING-BASED ENDPOINT PROTECTION SYSTEM - A three-component computer security system focused around crowdsourcing. Users may install the software, at which point it may access the users' computers or hosts, identify certain behaviors as suspicious, and ask for confirmation from the user. The user may then manually edit the report to remove or add behaviors. The system may then prepare a report to deliver to a central system, which may perform malware detection, expert evaluation, and deep learning on the received reports. When the host program's assessment and the user's assessment conflict, the program may be flagged for expert analysis. This use of crowdsourced information may then be used to develop detection, mitigation, and prediction protocols, which may be based on machine learning, and may further be used to manage hackbacks if authorized and desired. | 2019-06-20 |
20190190948 | SELECTIVE SINKHOLING OF MALWARE DOMAINS BY A SECURITY DEVICE VIA DNS POISONING - Techniques for selective sinkholing of malware domains by a security device via DNS poisoning are provided. In some embodiments, selective sinkholing of malware domains by a security device via DNS poisoning includes intercepting a DNS query for a network domain from a local DNS server at the security device, in which the network domain was determined to be a bad network domain and the bad network domain was determined to be associated with malware (e.g., a malware domain); and generating a DNS query response to the DNS query to send to the local DNS server, in which the DNS query response includes a designated sinkholed IP address for the bad network domain to facilitate identification of an infected host by the security device. | 2019-06-20 |
20190190949 | SYSTEM FOR DISTRIBUTING VIRTUAL ENTITY BEHAVIOR PROFILING IN CLOUD DEPLOYMENTS - A system for distributing virtual entity behavior profiling in cloud deployments is disclosed. In particular, the system may include conducting entity behavior profiling closer to where data and data logs are generated, such as at a hypervisor server, in a distributed fashion. By doing so, the system may reduce bandwidth consumption typically associated with transferring data to a central processing system, may be able to use more data collected closer to sources of data generation, and may provide faster reaction times because of the faster processing of data enabled by the system. Additionally, the system may assist with reducing false positives associated with malware detection and other compromises associated with entities by aggregating the results of distributed computations at different sites. | 2019-06-20 |
20190190950 | Bot detection in an edge network using Transport Layer Security (TLS) fingerprint - This disclosure describes a technique to fingerprint TLS connection information to facilitate bot detection. The notion is referred to herein as “TLS fingerprinting.” Preferably, TLS fingerprinting herein comprises combining different parameters from the initial “Hello” packet send by the client. In one embodiment, the different parameters from the Hello packet that are to create the fingerprint (the “TLS signature”) are: record layer version, client version, ordered TLS extensions, ordered cipher list, ordered elliptic curve list, and ordered signature algorithms list. Preferably, the edge server persists the TLS signature for the duration of a session. | 2019-06-20 |
20190190951 | HONEYPOT ADAPTIVE SECURITY SYSTEM - A Honeypot Adaptive Security (HAS) system is described that determines whether a pre-loaded partner or third-party (PP-TP) application executed on a client device has gained over-privileged access to confidential client or network (CCN) data, or over-privileged use of client account features or information provided by a telecommunications service provider. The HAS system may selectively generate and deploy a policy solution or transmit an alert to address instances of over-privileged access or over-privileged use. The HAS system may retrieve client data associated with a PP-TP application executed on the client device, and further develop a PP-TP application data model to determine a probability of the PP-TP application gaining over-privileged access to CCN data or over-privileged use of client account features on a client device. Responsive to the determined probability, the HAS system may parse a portion, or substantially all, client data to identify instances of over-privileged access or over-privileged use. | 2019-06-20 |
20190190952 | SYSTEMS AND METHODS FOR DETECTING A CYBERATTACK ON A DEVICE ON A COMPUTER NETWORK - Systems and methods are described herein for detecting a cyber-attack on a device on an organization's computer network. | 2019-06-20 |
20190190953 | CLOUD SECURITY ASSESSMENT SYSTEM USING NEAR-NATURAL LANGUAGE COMPLIANCE RULES - A cloud security assessment (CSA) system configured to identify and remedy a workflow executing in a cloud web service environment is provided. The CSA system includes a network interface configured to connect the CSA system to the cloud web service environment, wherein the cloud web service environment is defined by a cloud account; and a processor in operative communication with the cloud web service environment configured to receive a cloud account compliance rule for the cloud account in a structured near natural language, the compliance rule being applied by the CSA system on at least an instance of the cloud web service environment, wherein is processor is further configured to perform a remediation action based on a policy of the cloud account upon determination of a violation of the compliance rule. | 2019-06-20 |
20190190954 | Policy Deployment Method, Apparatus, System and Computing System of Trusted Server - A method, an apparatus, a system and a computing system for policy deployment of a trusted server are provided. The method includes sending a metric policy of at least one metric object and a verification policy of at least one verification object in a process of policy deployment of a trusted server to a service center; the trusted server receiving reminder information returned by the service center, wherein the reminder information is used for representing a reminder to the trusted server to redeploy a metric algorithm and a verification algorithm that are consistent if a metric algorithm of a metric object is detected to be inconsistent with a verification algorithm of a corresponding verification object. The present disclosure solves the technical problems of poor independence and flexibility due to the use of a same metric algorithm for all metric objects by existing trusted server policy management solutions. | 2019-06-20 |
20190190955 | METHODS AND SYSTEMS FOR MONITORING NETWORK SECURITY - A computer-implemented method for monitoring the security of a computing network which includes a plurality of hosts and a plurality of edges which link connected hosts. The method comprises capturing and storing first and second network state information at first and second times respectively. The method comprises comparing the first and second network state information to detect a change in the security of the network during the time window between the first and second times. The method further comprises storing security change data which is indicative of the change in the security of the network during the time window for a user to monitor the change in the security of the network. | 2019-06-20 |
20190190956 | ENDPOINT AGENT FOR ENTERPRISE SECURITY SYSTEM - An endpoint security agent facilitates a security policy on an endpoint computing device. The endpoint agent comprises an engine and one or more plugins that each provide a particular security feature. The endpoint agent receives a policy from a cloud server specifying one or more plug-ins used by the policy and configuration of those plug-ins. The endpoint agent retrieves, installs, and configures the one or more plugins. The endpoint agent updates a communication table with command subscription information obtained from each installed plugin indicating command types subscribed to by each plug-in. When a command is received, a lookup of the command type is performed in the table, and the command is sent to the subscribing plugin. | 2019-06-20 |
20190190957 | PROVIDING PRIVILEGED ACCESS TO NON-PRIVILEGED ACCOUNTS - The disclosed embodiments include systems and methods for dynamically managing privileged access for non-privileged accounts. Operations may include receiving a request from a computer device associated with a network account to access a privileged resource, wherein the network account lacks any privileged account membership enabling the network account to access the privileged resource. Operations may include authenticating the network account, and assigning, based on the authentication, privileged on-demand membership for the network account, wherein the privileged on-demand membership enables the network account to access the privileged resource. Operations may also include identifying that the network account should no longer have access to the privileged resource, and removing, based on the identification, the privileged on-demand membership for the network account. | 2019-06-20 |
20190190958 | Independent Encryption Compliance Verification System - A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker to obtain an original data and a data stored on the storage. The system further comprising a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator. | 2019-06-20 |
20190190959 | AUTHORIZATION POLICY OPTIMIZATION METHOD AND APPARATUS, AND STORAGE MEDIUM - An authorization policy optimization method being performed by a computing device comprising at least one processor, includes receiving an authorization policy to be used to perform an authentication on a data access right of a user, obtaining authorization log information of a first preset authorization policy, from the authorization policy, extracting a log information feature, from the authorization log information, generating an authorization policy optimization model, using the log information feature, performing a policy reasonableness prediction on the authorization policy, using the authorization policy optimization model, to obtain a predicted reasonableness value corresponding to the authorization policy, and performing an optimization processing on the authorization policy, based on the predicted reasonableness value. | 2019-06-20 |
20190190960 | SELECTIVE INFORMATION EXTRACTION FROM NETWORK TRAFFIC TRACES BOTH ENCRYPTED AND NON-ENCRYPTED - A system and method are described for information extraction from network traffic traces that are both encrypted and non-encrypted. The system includes a client computer and a remote computer, where the client computer communicates data over a network. The client computer sets a session key log file environment variable, such that when the client computer launches a supported browser, a session key log file (KLF) is created, computer network traffic traces are captured by retrieving data from encrypted traffic, and the KLF and captured traffic are periodically transferred to a remote server. A remote computer performs traffic mining to analyze the captured traffic traces and extract sensitive pieces of information. | 2019-06-20 |