Methods, systems, and computer program products are provided for real-time compromise detection based on behavioral analytics. The detection runs in real-time, during user authentication, for example, with respect to a resource. The probability that the authentication is coming from a compromised account is assessed. The features of the current authentication are compared with the features from past authentications of the user. After comparison, a match score is generated. The match score is indicative of the similarity of the authentication to the user's history of authentication. This score is then discretized into risk levels based on the empirical probability of compromise based on known past compromised user authentications. The risk levels may be used to detect whether user authentication is occurring via compromised credentials.

Methods and systems are provided for blockchain-based credential vault system (CVS). In one novel aspect, the CVS identifies a set of credential of a trustor, verifies each credential, and stores the verified credentials to a CVS blockchain database such that the authorized beneficiary can obtain the trustor credentials from the CVS. In one embodiment, the CVS authenticates a trustor request from a trustor, wherein a trustor record in the CVS is uniquely identified by a trustor identification in a blockchain-based database of the CVS, processes submission from the authenticated trustor to generate a set of canonical credentials using a recurrent neural network (RNN) model, performs credential verification for each generated canonical credential in the authenticated trustor submission, and appends each verified canonical credential to the trustor record in the blockchain-based database of the CVS.

In an industrial system, a data capture apparatus can be configured to operate as a unidirectional communication connection between a private network and a public network. The data capture apparatus can be further configured to time stamp data, for instance digitally sign data with a time stamp, so as ensure data integrity over the unidirectional communication connection, while maintaining physical isolation between the private network and public network.

An integrated circuit device includes encryption circuitry to encrypt a data packet and scheduler circuitry to receive the encrypted data packet from the encryption circuitry. The scheduler circuitry monitors a duration of time associated with egress of the encrypted data packet, holds the encrypted data packet until the duration of time matches a threshold duration of time, and transmits the encrypted data packet in response to the duration of time matching the threshold duration of time.

Some embodiments provide a method of identifying packet latency in a software defined datacenter (SDDC) that includes a network and multiple host computers executing multiple machines. At a first host computer, the method identifies and stores (i) multiple time values associated with several packet processing operations performed on a particular packet sent by a first machine executing on the first host computer, and (ii) a time value associated with packet transmission through the SDDC network from the first host computer to a second host computer that is a destination of the particular packet. The method provides the stored time values to a set of one or more controllers to process to identify multiple latencies experienced by multiple packets processed in the SDDC.

Techniques are described for expediting communications between a first person of an organization associated with a communication platform and a second person not associated with the organization. The first person requests for the communication platform to generate an invitation to communicate with the second person. The first person provides the invitation to the second person directly or via the communication platform. Responsive to receiving an indication that the second person accepts the invitation, the communication platform identifies whether the second person is associated with the communication platform. If the second user is associated with the communication platform, the communication platform modifies an existing user interface associated therewith to enable communications between the first person and the second person. If the second person is not associated with the communication platform, the communication platform generates a limited functionality user interface to enable the communications between the first person and the second person.

Disclosed is an ultra-wideband (UWB) system and, more particularly, a UWB system capable of optimizing UWB operation for vehicles through hopping. The UWB system includes a memory in which a UWB communication program is embedded and a processor which executes the program. The processor performs UWB time-hopping and frequency-hopping to establish a communication channel.

A lossy counter counts distinct network data items. The lossy counter includes a count sketch bounded by a predetermined value to limit the number of distinct network data items included in the count sketch. The count sketch may include counts for a set of distinct network data items. The lossy counter has an associated time interval, and the first set of distinct network data items and the second set of distinct data items include timestamps that coincide with the time interval associated with the lossy counter.

Cryptographically identifying a device to a service includes: providing the cloud service with a cryptographically signed token, the token being embedded in the device when the device was manufactured, the token including first information and second information. The cloud service verifies the token using a public key associated with the second information and determines a user using the first information. The device receives, from the cloud service, provisioning information customized for the user and including a client certificate for communicating with the cloud service.

Novel tools and techniques are provided for implementing monitoring and detection of fraudulent or unauthorized use in telephone conferencing systems or voice networks. In various embodiments, a computing system might monitor call activity through telephone conferencing system or voice network. In response to detecting use of the telephone conferencing system or voice network by at least one party based on the monitored call activity, the computing system might identify incoming and/or outgoing associated with a call initiated by the at least one party. The computing system might analyze the identified incoming and/or outgoing call data to determine whether the call initiated by the at least one party constitutes at least one of fraudulent use or unauthorized use of the telephone conferencing system or voice network. If so, the computing system might initiate one or more first actions.