A system and method detecting and prevent unauthorized access to a computer. The method is configured to control access to the computer. The computer operates in a learning mode including listing, in a whitelist in a memory of the computer, an executable application in the computer, and operating the computer in a protected mode. During operation of the computer in the protected mode, the method detects a first application in the computer, wherein the first application is transferred from a first external resource operatively connected to the computer, suspend execution of the first application, determine whether the first application is in the whitelist, and if the first application is in the whitelist, allowing the first application to be executed, thereby controlling the access of the first application to the computer. The system implements the method using a monitoring sub-system in the computer.

A computing device according to an embodiment includes one or more processors, a memory in which one or more programs to be executed by the one or more processors are stored, a queue manager configured to receive a security detection request including a detection target file, a plurality of detectors configured to perform a security detection operation on the target detection file, and an operation distributor configured to acquire detection policy information related to the detection target file and distribute the detection target file received from the queue manager to one or more of the plurality of detectors based on the detection policy information.

One example method of operation may include determining one or more of a file type and a code segment accessed during a code access event, identifying code origin information appended to the code segment during previous code access events, appending an updated code access location to the code segment identifying the current code access event and a current code location, and applying one or more code access restrictions to the code segment based on the current code location.

A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

Systems, methods, and computer-readable media are provided for generating a unique ID for a sensor in a network. Once the sensor is installed on a component of the network, the sensor can send attributes of the sensor to a control server of the network. The attributes of the sensor can include at least one unique identifier of the sensor or the host component of the sensor. The control server can determine a hash value using a one-way hash function and a secret key, send the hash value to the sensor, and designate the hash value as a sensor ID of the sensor. In response to receiving the sensor ID, the sensor can incorporate the sensor ID in subsequent communication messages. Other components of the network can verify the validity of the sensor using a hash of the at least one unique identifier of the sensor and the secret key.

A system and a method of obtaining a location of a document on a computer network based on a document property. The method may include: receiving at least one basic marker and an encoding function associated with the document property; generating a search term according to the encoding function, based on the at least one basic marker; providing the search term to at least one search engine and obtaining therefrom one or more search results corresponding, where each search result may include one or more references to locations of documents on the computer network; discovering at least one document having the document property from the one or more search results and obtaining a discovered location of the document on the computer network; and performing at least one rule-based action, according to at least one document property of the discovered document.

Systems and methods for attesting an enclave in a network. A method includes receiving, by a first device, proof information from an application provider entity that the enclave is secure, wherein the proof information includes a public part, Ga, of information used by the enclave to derive a Diffie-Hellman key in a key generation process with the application provider entity, processing, by the first device, the proof information to verify that the enclave is secure and ensuring that Ga is authentic and/or valid, deriving, by the first device, a new Diffie-Hellman key, based on Ga and x, wherein x is a private part of information used by the first device to derive the new Diffie-Hellman key, and sending, by the first device, a message including Ga and a public part, Gx, of the information used by the first device to derive the new Diffie-Hellman key to the enclave.

A machine learning model fraud detection system and fraud detection method wherein a license/model management apparatus: generates a test data-trained model by inputting a pre-trained model and test data associated therewith from a licensor apparatus, carrying out learning using the test data on the pre-trained model; stores the test data-trained model in association with the output values obtained when the test data is executed in the test data-trained model; inputs the associated test data into a user model, executes the model when the user model is inputted from a user apparatus using the test data-trained model; compares the output data from the user model with the stored output values from the test data-trained model and detects the fraud if the resulting error is outside tolerance limits.

Techniques are provided for tracking application programming interface (API) requests in a cloud computing environment. For example, a method for tracking API requests is implemented by an API gateway. The API gateway receives an API request which comprises a given API endpoint to access a target service of a computing system. The API gateway determines if the received API request is valid. In response to determining that the received API request is valid, the API gateway accesses at least one API counter associated with the given API endpoint of the received API request, wherein the at least one API counter is configured to count a number of times that the given API endpoint is accessed. The API gateway increments a count of the at least one API counter by one, and the API gateway routes the API request to the target service for execution.

An approach for identifying privileged access to a database is provided. A processor receives a query plan to search the database. A processor determines the query plan includes a request that accesses privileged data. A processor generates an updated query plan with an indication of the request that accesses privileged data. A processor sends the updated query plan for an audit of the query plan.