The embodiments of the invention relate to a mining method and device based on a blockchain, and a computer readable storage medium. The method comprises: acquiring behavior data of at least one user within a cycle; determining a value corresponding to each user in the at least one user within the cycle according to the behavior data of the at least one user and a value of a rated quantity within the cycle; and recording an identifier, the behavior data and the value of the at least one user within the cycle in the blockchain, so as to realize more reasonable and more resource-efficient mining.

Novel tools and techniques are provided for implementing monitoring and detection of fraudulent or unauthorized use in telephone conferencing systems or voice networks. In various embodiments, a computing system might monitor call activity through telephone conferencing system or voice network. In response to detecting use of the telephone conferencing system or voice network by at least one party based on the monitored call activity, the computing system might identify incoming and/or outgoing associated with a call initiated by the at least one party. The computing system might analyze the identified incoming and/or outgoing call data to determine whether the call initiated by the at least one party constitutes at least one of fraudulent use or unauthorized use of the telephone conferencing system or voice network. If so, the computing system might initiate one or more first actions.

Representative embodiments of operating a secured device requiring user authentication include receiving a request from a user for operating the device without prior authentication; granting the user temporary access to the device in accordance with a security policy that specifies a predetermined time interval and/or a predetermined number of device operations within which authentication must occur to continue at least some operations of the device; computationally storing an audit trail identifying the temporary access and actions performed during the temporary access; and upon determining that authentication has not been provided within the predetermined time interval or number of device operations, preventing at least some operations of the device and updating the audit trail to specify expiration of the temporary access.

Aspects refresh permission credentials by populating within user profile data sets cached for members an invalidated value and a first timestamp of said populating the invalidated value; selecting user profile data sets including the invalidated value; identifying a second timestamp of time of creation of the permission credential within the selected user profile data sets; and in response to determining that a time elapsed between the first and second timestamps does not exceed a threshold, rebuilding the selected user profile data sets to include an updated value of the permission credential and set the second timestamp value to a current time of the rebuild, and cache (store) the rebuilt selected user profile data set within the repository.

Embodiments of the present systems and methods may provide a platform for threat information sharing. For example a method may comprise transmitting an access permission request to a blockchain network, the access permission request requesting permission to access cyber threat information stored in at least one cyber threat information storage system storing cyber threat information from a plurality of organizations, the blockchain network including a blockchain ledger storing access control information from the plurality of organizations, receiving a reference to an access permission token to be used to access the cyber threat information, the access permission token generated by the blockchain network using at least one smart contract, transmitting a transaction request to the cyber threat information server, the transaction request including the reference to the access permission token, and receiving the requested cyber threat information, wherein the requested cyber threat information was retrieved from the cyber threat information server using the access permission token.

Systems and methods to authenticate a vehicle operator for an autonomous vehicle on a vehicle service platform are provided. In one example embodiment, a computer-implemented method includes obtaining authentication request data indicative of an authentication request, the authentication request data including at least an operator identifier associated with the vehicle operator and a vehicle identifier associated with the autonomous vehicle. The method includes providing a service code associated with the authentication request to the autonomous vehicle. The method includes obtaining from a user device in response to providing the service code to the autonomous vehicle, operator data associated with the authentication request, the operator data including the service code. The method includes determining an authentication result associated with the authentication request based at least in part on the service code and the operator data. The method includes providing the authentication result to the user device.

A method for monitoring control systems, a device for monitoring control systems and a corresponding computer program product, wherein the control system has at least one communication network and at least two communication end points connected to the communication network, which communication end points exchange data via the communication network, wherein the data exchanged between the communication end points is acquired and after comparing the currently acquired data with previously acquired data, an alert is raised when new data is acquired. As a result, a monitoring is provided which recognizes errors particularly quickly and reliably in the context of communication in control systems, in particular in industrial control systems. These errors may subsequently be coupled with a quality management to determine whether quality losses correlate with such recognized errors.

Techniques for identifying attack behavior based on scripting language activity are disclosed. A security monitoring system generates a behavior profile for a first client device based on scripting language commands included in a first set of raw machine data received from the first client device, where the first client device is coupled to a network, and the first set of raw machine data is associated with network traffic received by or transmitted from the first client device. The security monitoring system analyzes a second set of raw machine data received from the first client device, where the second set of raw machine data is associated with subsequent network traffic received by or transmitted from the first client device. The security monitoring system detects an anomaly in the second set of raw machine data based on the behavior profile, and initiates a mitigation action in response to detecting the anomaly.

A method includes receiving an ingress Diameter message related to a mobile subscriber from a MME located in a non-home network, sending a RIR message containing a mobile subscriber identifier to a HSS in a home network of the mobile subscriber, receiving identification information identifying a MME in the home network that conducted a most recent attachment of the mobile subscriber, utilizing the identification information to send an IDR message containing the mobile subscriber identifier to the identified MME, receiving an IDA message containing attachment timestamp data corresponding to the most recent attachment of the mobile subscriber in the home network, determining a transit time using the UE attachment timestamp data and timestamp information corresponding to the ingress Diameter message, and analyzing the transit time to determine if the ingress Diameter message is to be designated as a suspicious ingress message.

There is provided a packet monitoring apparatus for monitoring packets copied from an industrial control system (ICS) network, the apparatus being configured to perform an analysis of a plurality of packets copied from the ICS network and generate a digital command signal responsive to the analysis for transmission via a digital input/output channel. There is also provided an active prove that is configured to generate and transmit at least one query packet into the ICS network responsive to a digital command signal, optionally received from the packet monitoring apparatus.