A detection apparatus includes processing circuitry configured to store attack information including detection time, attack attribute, and communication destination of a DDoS attack, and extract, from a collection of the attack information, a combination of the attack information according to the detection time, the attack attribute, and the communication destination as a coincident attack, an intermittent attack, or an identical target attack.

Secure electronic devices and methods are disclosed. A method may include: using a transceiver, a computer program capturing a current connectivity fingerprint comprising at least one current wireless network or device in a current environment for an electronic device; the computer program retrieving a home connectivity fingerprint for a home environment comprising at least one home wireless network or device that fingerprint was captured when the electronic device was in a home environment; the computer program comparing the current connectivity fingerprint to the home connectivity fingerprint; and the computer program storing the current connectivity fingerprint in response to a threshold number of the current wireless networks or devices in the current connectivity fingerprint are not present of the home connectivity fingerprint.

A method and system for certification and authentication of objects is disclosed herein. The method and system use multiple attestations along with digital ledger technology to provide a digital certificate of authenticity for an object such as a work of art, collectible, or a non-fungible token (NFT).

The present disclosure provides various embodiments of systems and methods to securely authenticate a user. More specifically, the present disclosure provides embodiments of multi-factor authentication methods that improve both security and user convenience by using trusted secondary devices or peripherals (hereinafter “trusted devices”) to provide additional authentication factor(s) for verifying user presence/identity after an initial authentication factor has been used to verify user presence/identity. Unlike conventional multi-factor authentication methods, the additional authentication factor(s) provided by the trusted devices do not require user input or intervention.

An authorizing party determines an authorization record set that needs to be revoked, where an authorization record included in the authorization record set corresponds to a token that is issued to an authorized party after the authorizing party grants access to the authorized party, and where each authorization record includes an authorization validation moment for a corresponding token. A time validity attribute of the authorization record set is configured. For a specific point-in-time, a value associated with the time validity attribute is set. A determination is performed as to whether the authorization record is revoked based on the authorization validation moment and the value associated with the time validity attribute.

In some examples, a system balances a number of positive data points and a number of negative data points, to produce a balanced training data set, where the positive data points comprise features associated with authentication events that are positive with respect to an unauthorized classification, and the negative data points comprise features associated with authentication events that are negative with respect to the unauthorized classification. The system trains a plurality of models using the balanced training data set, wherein the plurality of models are trained according to respective different machine learning techniques. The system selects a model from the trained plurality of models based on relative performance of the plurality of models.

Secure operations can be performed using security module instances offered as a web service through a resource provider environment. State data and cryptographic material can be loaded and unloaded from the instance as needed, such that the instance can be reused for operations of different customers. The material and data can be stored as a bundle encrypted using a key specific to the hardware security module and a key specific to the resource provider, such that the bundle can only be decrypted in an instance of that type of security module from the associated manufacturer and operated by that particular resource provider. The customer is then only responsible for the allocation of that instance during the respective cryptographic operation(s).

The invention relates to a method of binding a digital representation of an actual event with the real time of the occurrence of the actual event. The method comprises acquiring a source event data S-ED of an actual source event SE, and sending a representation of the source data ED to an immutable database (203) for storing and real-time timestamping, calculating a hash code HC using hash functions having on the input at least: a data describing state of the immutable database (203), the source data S-D and the timestamp of the source data S-D, converting the hash code HC to a representation of a hash code HC and storing the method used to perform the conversion, presenting a representation of the hash code HC in real time so to incorporate said representation into the realm of the source event SE, in order to create a confirmation event CE, the confirmation event CE being a source event SE with physically present representation of the hash code HC and acquiring a confirmation event data C-ED of the confirmation event CE and sending a representation of the confirmation data C-D to the immutable database (203) for storing and instant timestamping.

An example apparatus includes: at least one memory; instructions in the apparatus; and processor circuitry to execute the instructions to: determine whether a census impression record corresponds to a panelist impression record by: comparing a first internet protocol (IP) address of the panelist impression record with a second IP address of the census impression record; and comparing a first timestamp of the panelist impression record with a second timestamp of the census impression record; and send a comparison result to a computer of an audience measurement entity, the comparison result indicative of a match confirming the census impression record corresponds to the panelist impression record of the audience measurement entity.

Described is a system (and method) for securely authorizing service level access to a backup system using an access key. The service level access (or access via a service account) may provide a user with an enhanced set of privileges to perform troubleshooting operations on the backup system. Such privileges may be unlocked by allowing a user to perform operations using an unrestricted interface of the backup system such as an operating system shell. To authorize such access, the system may provide a limited (or specialized) access key. The access key may be narrowly tailored to only provide access to a particular backup system and only remain viable for a limited duration. Accordingly, the access key may be configured to embed a system identifier, a timestamp, and a digital signature, which may be independently verifiable by the backup system before granting service level access.