Methods and systems for authenticating users based on user application activities are described herein. One or more questions and one or more answers may be generated and stored based on a history of user application activities associated with a user. The one or more questions and one or more answers may be generated randomly, and may relate to one or more other users. A request for access to a service may be received. Based on the request, a question associated with the history of user application activity may be selected and presented to the user. A candidate answer may be received from the user, and the user may be authenticated based on comparing the candidate answer to an answer associated with the question presented.

Methods, systems, and devices supporting network and container level traffic analysis and correlation are described. An application server may receive network traffic data from a network-level data capture system and receive container-level application traffic data from a container-level data capture system. The application server may then hash the destination addresses, the time stamp information, and the data amount information from the network traffic data to create a first set of hash values and hash the destination addresses, the time stamp information, and the data amount information from the application traffic data to create a second set of hash values. The application server may then identify matching hash values from the first set of hash values and the second set of hash values and then merge into a data queue the corresponding network traffic with metadata associated with the corresponding application traffic data to create a merged data set.

Implementations of this specification provide for monitoring time certificate generation requests. An example method performed by a database service that stores data in a blockchain includes, in response to receiving a time certificate generation request, determining a starting block height H1 and an ending block height H2 of a target ledger of the blockchain corresponding to the time certificate generation request; in response to determining that the starting block H1 of the target ledger is greater than a block height H of time authenticated data blocks maintained by the database service, executing the time certificate generation request; and in response to receiving a time certificate generated by a time authentication service for the time certificate generation request, changing a value of the block height H of time authenticated data blocks maintained by the database service to the ending block height H2 of the target ledger.

A comprehensive cybersecurity platform includes a cybersecurity intelligence hub, a cybersecurity sensor and one or more endpoints communicatively coupled to the cybersecurity sensor, where the platform allows for efficient scaling, analysis, and detection of malware and/or malicious activity. An endpoint includes a local data store and an agent that monitors for one or more types of events being performed on the endpoint, and performs deduplication within the local data store to identify distinct events. The agent provides the collected metadata of distinct events to the cybersecurity sensor which also performs deduplication within a local data store. The cybersecurity sensor sends all distinct events and/or file objects to a cybersecurity intelligence hub for analysis. The cybersecurity intelligence hub is coupled to a data management and analytics engine (DMAE) that analyzes the event and/or object using multiple services to render a verdict (e.g., benign or malicious) and issues an alert.

A method applied to a mining machine for limiting computing power includes utilizing a dictionary library and a timestamp to control Nonce combination that can be tried per unit time. If all strings in the dictionary library have been tried, as long as a time difference between time of generating most recent timestamp and the current time is less than a preset threshold, the mining machine must wait in sleep state and cannot resume mining until the time difference exceeds the preset threshold. The present disclosure can avoid a situation that the calculation power of the mining machine is too strong and causes a monopoly of the calculation power.

Techniques for media item display configuration are described. In one embodiment, an apparatus may comprise a media management component operative to retrieve a plurality of contact-associated media items associated with a plurality of contacts for a user account associated with a messaging client by a messaging system; retrieve an engagement score for each of the plurality of contacts; and order the plurality of contact-associated media items based on the engagement score for each of the plurality of contacts; and a user interface component operative to receive a mixed-contact media display interface invocation in the messaging client for the messaging system; and display the plurality of contact-associated media items in a mixed-contact media display interface according to the ordering of the plurality of contact-associated media items. Other embodiments are described and claimed.

A first line card of a first network device may receive packets to be transmitted to a second line card of a second network device. The first line card may predict an earliest satisfaction time for satisfaction of a first packet quantity threshold of one or more packet quantity thresholds. The first line card may transmit the packets to the second line card. The first line card may determine whether a quantity of transmitted packets transmitted by the first line card satisfies the first packet quantity threshold. Based on whether the quantity of transmitted packets satisfies the one or more of the one or more packet quantity thresholds, the first line card may perform one or more actions related to modifying a security key, or may perform one or more other actions related to monitoring transmission of the packets.

Disclosed herein are methods and systems for achieving a consensus. In one exemplary aspect, a method may comprise sending and receiving phase 1 (P1) packets from a plurality of nodes in a blockchain network. The method may comprise forming, from the received P1 packets, neighborhoods each comprising a subset of the plurality of nodes. The method may comprise sending and receiving, from each respective neighborhood node of a respective neighborhood, a phase 2 (P2) packet comprising node state proofs received by the respective neighborhood node from other nodes within the respective neighborhood. The method may comprise comparing received P1 packets and received P2 packets to detect mismatching state information. In response to determining that at least a threshold amount of the nodes of the plurality of nodes have identified the same trusted and suspect nodes (based on the mismatching information), the method may comprise determining that the consensus is achieved.

Systems and methods are provided for persistent login. Such persistent login may be based on linking user identity across accounts of different entities to allow each entity to maintain control over their respective sets of user data, while providing a streamlined user experience that avoids much of the repetitive need to login to different services with different login credentials (e.g., during periods of heavy use). Such persistent login may utilize a set of tokens issued and exchanged between devices of the partnering entities. Such tokens may include an access token, refresh token, and identity token. When a user associated with a first entity requests access to information secured by a second entity, such request may be associated with the access token. If the access token is determined to be expired, the refresh token may be used to refresh the access token, which may also trigger issuance of a new refresh token. The refreshed access token may be used in conjunction with the identity token to access the requested information secured by the second entity.

Examples include systems and methods for managing a network for example, an enterprise network using a distributed ledger. Some examples include maintaining a distributed ledger by a plurality of NMS units in the network. Use of such distributed ledger may allow communication among NMS units of the plurality of NMS units deployed in the network through the distributed ledger.