Disclosed is a security system against an attack and/or cyber threat carried out over an information network having at least one or more hosts and/or one or more clients and possibly connected to an Internet network and/or other types of networks. The security system is able to recognize the attack and/or cyber threat and to implement a consequent countermeasure. The security system constitutes one of the clients and has a connection to the information network, an electrical supply thereof, at least one socket adapted to the electrical connection of one or more of the hosts and/or clients of the same information network and an electrical supply cutoff for the one or more hosts and/or clients connected thereto.

A method for establishing a connection by a terminal, an apparatus, and a system, where the method includes acquiring, by a first wireless terminal, a first media access control (MAC) address of a second wireless terminal, sending, by the first wireless terminal, a first message carrying identifier information such that the second wireless terminal receives the first message carrying the identifier information and verifies the identifier information, where the identifier information is obtained by the first wireless terminal according to at least the first MAC address, receiving, by the first wireless terminal, a first response message that is sent by the second wireless terminal and that carries a second MAC address of the second wireless terminal, and establishing, by the first wireless terminal, a connection to the second wireless terminal according to the second MAC address.

A communication system comprising n transmitters and a receiver, where n is an integer of at least 2, each of said n transmitters comprising a light source and an encoder such that each transmitter is adapted to output an encoded pulse of light, said receiver comprising a first element, the system further comprising a timing circuit, the timing circuit being configured to synchronise the encoded pulses output by the transmitters such that interference between a light pulse sent from the first transmitter and a light pulse from the second transmitter, interfere at the first element, each transmitter further comprising a suppressing element adapted to stop light exiting one of the transmitters such that the system is switchable between a first operation mode where two transmitters output encoded pulses and where both pulses interfere at the interference element and a second mode of operation where just one transmitter transmits light pulses to said receiver, the suppressing element being controlled to stop light exiting the other transmitter.

One embodiment provides a method comprising receiving general private data identifying at least one type of privacy-sensitive data to protect, collecting at least one type of real-time data, and determining an inference privacy risk level associated with transmitting the at least one type of real-time data to a second device. The inference privacy risk level indicates a degree of risk of inferring the general private data from transmitting the at least one type of real-time data. The method further comprises distorting at least a portion of the at least one type of real-time data based on the inference privacy risk level before transmitting the at least one type of real-time data to the second device.

In one embodiment, a computer-implemented method of a DP accelerator performing an encryption or decryption operation includes receiving, by the DP accelerator, a command and input data for the DP accelerator to encrypt or decrypt. The command is one of: encrypt the input data or decrypt the input data. The method further includes encrypting, or decrypting, by the DP accelerator, the input data according to the command; and providing the encrypted or decrypted input data to the host device. The host device and DP accelerator may exchange one or more keys and such keys can be used to establish a secure link between the host device and DP accelerator and/or to use for encryption or decryption. One or more of the keys may be based upon a root key or key pair of the DP accelerator and can be stored in a secure storage of a security unit of the DP accelerator.

One embodiment provide a system and method for detecting eavesdropping while establishing secure communication between a local node and a remote node. During operation, the local node generates a random key and a regular optical signal based on the random key. The local node also generates a quantum optical signal based on a control sequence and a set of quantum state bases, and multiplexes the regular optical signal and the quantum optical signal to produce a hybrid optical signal. The local node transmits the hybrid optical signal to the remote node, sends information associated with the control sequence and information associated with the set of quantum state bases to the remote node, and receives an eavesdropping-detection result from the remote node based on measurement of the quantum optical signal, the information associated with the control sequence, and the information associated with the set of quantum state bases.

A computer implemented method for detecting, alerting and blocking data leakage, eavesdropping and spyware in one or more networked computing devices includes providing a graphical user interface (GUI) and displaying all available hardware device interfaces in each networked computing device. Next, providing a turn-on switch and a turn-off switch for each displayed hardware device interface in each networked computing device. Next, providing a turn-all-on switch and a turn-all-off switch for all displayed hardware device interfaces in each networked computing device. Next, monitoring status of each available hardware device interface and data traffic across each available hardware device interface. Upon detecting an unauthorized change of status of a specific hardware device interface or unauthorized data traffic across a specific hardware device interface providing a warning signal, turning off the specific hardware device interface by activating the turn-off switch for the specific hardware device interface or the turn-all-off switch.

A TCP communication scheme which ensures safe communication up to the communication path near a terminal and eliminates direct attacks from hackers, etc. A terminal (A) and terminal (B) are connected to a relay apparatus (X) and relay apparatus (Y), where the terminal (A) and the terminal (B) are the endpoint terminals positioned at the two ends of a TCP communication connection. The relay apparatuses (X, Y) are each connected to a network (NET). The relay apparatuses (X and Y) are provided so as to be between the terminals (A and B) which had been performing conventional TCP communication, and neither of the relay apparatuses (X and Y) have IP addresses. The relay apparatuses (X and Y) take over the TCP connection between the terminal (A) and the terminal (B), divide the connection into three TCP connections, and establish TCP communication.

A method, including identifying, in network data traffic, multiple scans, each of the scans including an access, in the traffic, of multiple ports on a given destination node by a given source node during a time period. A group of high-traffic ports are identified in the traffic that include one or more ports that receive respective volumes of the traffic that exceed a threshold, and respective signatures are generated for the identified port scans that indicate the ports other than the high-traffic ports that were accessed in each of the port scans. A respective frequency of occurrence of each of the signatures over the set of the port scans is computed, and a whitelist of the signatures for which the respective frequency of occurrence is greater than a threshold is assembled. Upon detecting a port scan for which the respective signature is not whitelisted, a preventive action is initiated.

There is disclosed in one example a gateway apparatus, including: a hardware platform including a processor and a memory; and instructions stored within the memory to instruct the processor to: provide a domain name system (DNS) server, the DNS server to provide an encrypted DNS service, and to cache resolved domain names; receive an outgoing network packet; determine a destination address of the outgoing network packet; and upon determining that the destination address was not cached, apply a security policy.