The present invention relates to methods, processes, and systems for monitoring security policy violations in a computer network. Details of such monitoring include creating a rule according to a security policy, determining if the rule is violated by a value of a variable, and recording security events and comparing the number of events to a threshold.

The present invention relates to methods, processes, and systems for monitoring security policy violations in a computer network. Details of such monitoring include creating a rule according to a security policy, determining if the rule is violated by a value of a variable, and recording security events and comparing the number of events to a threshold.

The disclosure is directed towards proxy services for the secure uploading of file-system tree structures. A method includes receiving, at a web security service, an indication that client device to upload content to a storage cloud provider. The proxy service performs a security scan of the content while the content is stored on the client device. A security and/or a privacy concern is identified in the content stored on the client device. A security and/or privacy mitigation action is performed in response to identifying the security and/or privacy concern.

The main objective of Certificate Transparency (CT) is to detect mis-issued certificates or rouge certificate authorities. It has been observed that phishing sites have been increasingly acquiring certificates to look more legitimate and reach more victims, thus providing an opportunity to predict phishing domains early. The present disclosure provides systems and methods for early detection of phishing and benign domain traces in CT logs. The provided system may predict phishing domains early even before content is available via time-, issuer-, and certificate-based characteristics that are used to identify sets of CT-based inexpensive and novel features. The CT-features are augmented with other features including passive DNS (pDNS) and domain-based lexical features.

The main objective of Certificate Transparency (CT) is to detect mis-issued certificates or rouge certificate authorities. It has been observed that phishing sites have been increasingly acquiring certificates to look more legitimate and reach more victims, thus providing an opportunity to predict phishing domains early. The present disclosure provides systems and methods for early detection of phishing and benign domain traces in CT logs. The provided system may predict phishing domains early even before content is available via time-, issuer-, and certificate-based characteristics that are used to identify sets of CT-based inexpensive and novel features. The CT-features are augmented with other features including passive DNS (pDNS) and domain-based lexical features.

Disclosed herein are systems and methods for synchronizing anonymized linked data across multiple queues for SMPC. The systems and methods guarantee that data is kept private from a plurality of nodes, yet can still be synced within a local queue, across the plurality of local queues. In conventional SMPC frameworks, specialised data known as offline data is required to perform key operations, such as multiplication or comparisons. The generation of this offline data is computationally intensive, and thus adds significant overhead to any secure function. The disclosed system and methods aid in the operation of generating and storing offline data before it is required. Furthermore, the disclosed system and methods can help start functions across multi-parties, preventing concurrency issues, and align secure input data to prevent corruption.

Disclosed herein are systems and methods for synchronizing anonymized linked data across multiple queues for SMPC. The systems and methods guarantee that data is kept private from a plurality of nodes, yet can still be synced within a local queue, across the plurality of local queues. In conventional SMPC frameworks, specialised data known as offline data is required to perform key operations, such as multiplication or comparisons. The generation of this offline data is computationally intensive, and thus adds significant overhead to any secure function. The disclosed system and methods aid in the operation of generating and storing offline data before it is required. Furthermore, the disclosed system and methods can help start functions across multi-parties, preventing concurrency issues, and align secure input data to prevent corruption.

A data storage device and method for detecting malware on a data storage device. The device includes a non-volatile storage medium configured to store at least one file system control block and user data block(s) to store user data. The file system control block comprises at least one reference data structure. The data storage device further comprises a buffer to temporarily store user data. The data storage device further comprises a controller to scan each write command in the user data to be transferred for protocol commands or malicious data. The controller also stops the data transfer of user data from the buffer to the non-volatile storage medium if at least one of protocol commands or malicious data is detected in at least one write command.

A vehicle diagnostic system includes: a vehicle diagnostic device including a communication unit that communicates with a vehicle which drives autonomously, and a diagnostic unit that performs, via the communication unit, diagnosis as to whether the vehicle is being hacked; and electrical apparatuses that communicate with the vehicle diagnostic device via a network. The diagnostic unit performs the diagnosis when an operational state of at least one electrical apparatus among the electrical apparatuses changes.

Methods, systems and apparatus, e.g., non-transitory machine readable medium having stored thereon instructions, for providing a value indicating a judgment of whether a human or an autonomic computer application operating a client computer is interacting with a server, by operations comprising: receive data from the client computer including active data relating to interactions of the client computer with a website of the server and passive data of the client computer; analyze received data from the client computer for indication of a human operating the client computer, wherein the analyzing includes analyzing the received data in conjunction with model data based on human interactions from a prior session with the same website and developing a first analysis value; and provide a request for further data from the client computer when the first analysis value fails to meet the first analysis predetermined criteria.