A configurable, customizable privacy protecting software agent operates on behalf of a user to control the dissemination and use of the user's personal data. The software agent is guided by a personal/corporate privacy charter specified by the user (or an enterprise manager), which charter is adapted dynamically based on user and site conditions. The agent engages with digital service provider (DSP) sites/apps on users' behalf, and notifies them of privacy incompatibilities, issues, etc. associated with the DSPs, along with recommended alternatives if available or possible. The agent can also tag user data and monitor unauthorized uses to report on DSP compliance with user specified policies.

An image capture system and methods for auto-recording media data are herein disclosed. A method includes selecting an activity-specific monitor based on an activity type. The activity-specific monitor defines one or more auto-recording conditions that, when satisfied, cause the image capture system to record data. The auto-recording conditions are based on an audio profile, a video profile, a motion profile, or any combination thereof. The auto-recording conditions include one or more scene descriptions that correspond to the activity type.

Systems, computer program products, and methods are described herein for secure access control using dynamic resource replication. The present invention is configured to electronically receive, from a computing device of a user, a request to generate a resource access path to access a resource; determine one or more resource requirements associated with the resource; determine an authentication level associated with the user; initiate a resource replication engine on the one or more resource requirements and the authentication level associated with the user; determine, using the resource replication engine, that the one or more requirements and the authentication level associated with the user meets one or more conditions for a replication process; and generate, using the resource replication engine, the resource access path and a plurality of replicate resource access paths.

Methods and systems for removing sensitive information from a digital image. An instruction to share a digital image is received. It is then determined that the digital image contains a depiction of a corporate display medium that is classified as sensitive based on a policy and, based on the determination that the digital image contains the depiction of the corporate display medium that is classified as sensitive based on the policy, the digital image is processed to modify the depiction. The digital image is shared.

A method of securing a virtual address space against unauthorized access from an unauthorized agent includes generating a superimposed address space corresponding to the virtual address space, dilating the superimposed address space by inserting dununy memory at a plurality of locations in the superimposed address space, and displacing the superimposed address space by shifting a segment of the superimposed address space by a d-bit key. A computer processor includes a memory and a dedicated functional unit in a stage of a pipeline of the computer processor, the computer processor including an instruction that when executed by the dedicated functional unit causes the computer processor to translate one or more pointers between displaced and dilated address spaces of the memory and virtual address spaces of the memory.

Ransomware attacks may be prevented by monitoring file access requests. When a process requests a directory listing, the results provided may be modified based on whether the process is trusted or not. For trusted processes, the results provided are the actual directory listing, while the results provided to processes that aren't trusted may be modified to include seeded files. Access to the seeded files may be monitored to determine if the process is associated with a ransomware attack, and steps taken to mitigate an attempted ransomware attack. Ransomware may also be prevented by ensuring that only trusted processed are allowed to access certain files. In order to provide an improved user experience, the processes can be determined automatically from a system structure and their trustworthiness determined.

A method for obfuscation of operations using minimal additional hardware is presented herein. The method can begin by executing a first iteration of a set of computations, the execution of the set of computations resulting in a first iteration output. The method can continue by executing a second iteration of the set of computations, wherein the second execution is distinct from the first iteration but should satisfy a matching condition. The distinction can be a rearrangement of sub-operations, insertion of dummy sub-operations, or a combination of the two. After the iterations are complete, the iteration outputs can be compared. If the comparison of the first iteration output and the second iteration output satisfy the matching condition, the process result can be output. If the matching condition is not satisfied, an error detected signal can be output.

A method is provided that includes reading data in a storage medium, detecting, during the reading of the data in the storage medium, by a controller a change in an encryption/decryption scheme used to read and write the data in the storage medium, in response to detecting the change in encryption/decryption scheme in the data, causing, by the controller, a logical block address to return an indication of being written in zeros when a physical block address associated with the logical block address encrypted using an first encryption/decryption scheme, and causing, by the controller, a write channel to write zeroes using a second encryption/decryption scheme to the physical block address.

Disclosed are systems, methods, and non-transitory computer-readable media for secure authentication using puncturing. An authentication system receives an encoded obfuscated authentication credential as part of an authentication request and accesses a stored authentication credential. The authentication system performs a puncturing of the encoded obfuscated authentication credential. The resulting punctured authentication credential includes a subset of individual values from the encoded obfuscated authentication credential. The authentication determines whether the punctured encoded data input corresponds to at least a portion of the stored authentication credential. In response to determining that the punctured encoded data input corresponds to at least a portion of the stored authentication credential, the authentication system approves the authentication request.

Provided is a method for bypassing an analysis evasion technique, which includes: loading a dummy DEX file; parsing a dummy method containing a dummy code from the dummy DEX file; a bypass point identifying step of determining whether a function to be currently called is a bypass target function to which the analysis evasion technique is applied; a branch target point changing step of changing information according to the determination result so that the dummy code is executed instead of the call target function; and a dummy code executing step of transmitting the dummy code to a framework of the application, so that a modulated framework is executed with a bypass code.