The present specification provides identity verification and account information updating methods and apparatuses. One method comprises: in response to receiving a request for updating an account, obtaining personal information and information of a network environment associated with an operator of the account; performing risk identification of the personal information to obtain a first risk identification result; performing risk identification of the information of the network environment to obtain a second risk identification result, wherein the second risk identification result identifies security risks associated with the network environment the operator operates in; selecting an identity verification method based on the first risk identification result and the second risk identification result; and performing identity verification of the operator based on the identity verification method.

Provided is a blockchain management apparatus comprising at least one hardware processor configured to implement a block generation order control unit which prevents a block generation node of a plurality of blockchain nodes from generating a new block of a blockchain in response to a determining, by the blockchain management apparatus, that the new block is a block generated by the block generation node within a unit section, wherein the unit section corresponds to a preset number of blocks measured from a current block corresponding to a current block height of the blockchain, and the blockchain management apparatus manages a permission-based blockchain network including the plurality of blockchain nodes.

An operation method of an apparatus for decrypting input data of N*X bits (where N and X are positive integers) encrypted by using a block-level encryption algorithm, includes: receiving the input data and decoding the input data into data of N*Y bits (where Y is a positive integer) whose number is different from a number of N*X bits; performing first decryption operation processing of the block-level encryption algorithm on the data of N*Y bits; encoding the data of N*Y bits on which the first decryption operation processing is performed into intermediate data of N*X bits; and performing a plurality of intermediate round operations of a preset number based on the intermediate data of N*X bits.

A method and system for predicting subsequent cyber-attacks in attack campaigns are provided. The method includes receiving events data related to cyber-attacks occurring in a network during a predefined time window; extracting at least one sequence from the received events data at least one attack vector; generating a sequence signature for each of the at least one extracted sequence; comparing each sequence signature to a representation of historic sequence signatures to determine at least partially matching sequence signature; and based on the matching sequence, determining at least one subsequent cyber-attack in a respective sequence.

Improvements in data security and privacy may be realized by receiving a service request including a social range and a requestor identity; mining a first social network to create a social graph of entities within the social range of the requestor identity, wherein the entities are represented by nodes in the social graph linked to a requestor via one or more edges, wherein a number of edges used to link a given entity to the requestor does not exceed the social range; determining whether the social graph includes at least one person matching personnel included in an organizational chart; and in response to determining that the social graph includes no persons matching the personnel included in the organizational chart, transmitting an acceptance response from a provider-side system to a client-side system.

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for detecting and disabling replay attacks. One of the methods includes receiving a transaction to be completed in a blockchain. A current working section of memory storing transaction information that is designated for use in identifying past transactions already processed is determined, where the memory also stores a backup section providing, when used in combination with the current working section, an alternating memory section storage scheme for the transaction information. From the current working section, whether the transaction has previously been processed is determined. When it is determined that the transaction has previously been processed, the transaction is bypassed. When it is determined that the transaction has not previously been processed the transaction is processed and transaction information for the transaction is written into the current working section.

Methods and systems are presented for dynamically adjusting a risk classification of a risk source based on classifications of one or more other risk sources. The risk engine may first classify a first risk source as a first risk type based on an initial analysis of the first risk source. Subsequent to classifying the first risk source as the first risk type, the risk engine may determine that a second risk source is associated with a second risk type. Based on the determination that the second risk source is associated with the second risk type, the risk engine may re-classify the first risk source as the second risk type. The risk engine may then use the reclassification of the first risk source to improve network security of an online service provider.

Techniques and structures to facilitate identification, authentication, authorization and accounting of a computing device is disclosed. A set of supported algorithms for transmission during a secure shell (SSH) clear packet exchange is received and a cryptographic hash is performed on the set of algorithms to generate a unique fingerprint.

Systems and methods are described for authenticating a user accessing a user account. A behavior event associated with a current user using the user account during a session is obtained. The behavior event comprises of keystroke events and mouse events. The obtained behavior event of the current user is compared with a behavior profile of a registered user associated with the user account. The behavior profile comprises keystroke events and mouse events associated with the registered user. The current user is authenticated during the session, when the current user is determined to be the same as the registered user based on the comparison.

Provided is a closed-loop, referral-based, information-exchange in which end-users control, and in some cases can be rewarded for divulging, their personal information.