A system and method for detecting replay attacks on secure data are disclosed. A system on a chip (SOC) includes a security processor. Blocks of data corresponding to sensitive information are stored in off-chip memory. The security processor uses an integrity data structure, such as an integrity tree, for the blocks. The intermediate nodes of the integrity tree use nonces which have been generated independent of any value within a corresponding block. By using only the nonces to generate tags in the root at the top layer stored in on-chip memory and the nodes of the intermediate layers stored in off-chip memory, an amount of storage used is reduced for supporting the integrity tree. When the security processor detects events which create access requests for one or more blocks, the security processor uses the integrity tree to verify a replay attack has not occurred and corrupted data.

Disclosed herein are methods, systems, and processes to perform granular and selective agent-based throttling of command executions. A resource consumption threshold is allocated to an agent process that is configured to perform data collection tasks on a host computing device. A desired throttle is generated for the agent process based on the resource consumption threshold allocated to the agent process and execution of the agent process is controlled in polling intervals. For each polling interval, a current throttle level for the agent process is determined based on a run count and a skip count of the agent process, the agent process is suspended if the agent process is active and the current throttle is greater than the desired throttle level, and the agent process is resumed if the agent process is idle and the current throttle level is not greater than the desired throttle level.

A device 1 for managing utilized services, which serves to manage an external service that is utilized when a user website provided by a user server 14 is accessed, is equipped with a CSP tag generation unit 9 for generating a CSP tag, which is a content security policy tag that allows access only to a prescribed domain and is stipulated by the World Wide Web Consortium.

A system and method to filter potentially unwanted traffic from trackers, third-party cookies, malicious websites or other sources and present the aggregated results of said filtering to the VPN user. One of the embodiments enables a VPN user to opt-in or opt-out from the filtering activities while being able to access the aggregated information about filtering. In another embodiment, the user can choose to customize the filtering parameters to add or remove specific targets from the filtering policies.

A switching device is implemented in a network-attachable data transfer device to provide data storage access to other such devices. In some embodiments, network-attachable data transfer devices are arranged in a clustered configuration to provide various computational and storage services. When one or more devices of the cluster fails, various implementations associated with the switching device, via an external data interface, provide operational mitigation, optimized data recovery, and efficient reinstatement of normal operation of the cluster.

Programs written in interpreted languages, such as JavaScript, are distributed in source form, which is helpful to attackers so that they can more easily derive the purposes and effects of a program. As discussed herein, a program's high-level code may be effectively obfuscated by transforming the program's code from its high-level programming language to low-level processor-specific language, such as x86 instructions for x86 processors, JVM bytecode for JVMs, or proprietary opcodes for a corresponding proprietary processor or interpreter. Additional obfuscation techniques can be applied the program's low-level processor-specific code.

Methods and systems for self-certifying secure operation of a cyber-physical system having a plurality of monitoring nodes. In an embodiment, an artificial intelligence (AI) watchdog computer platform obtains, using the output of a local features extraction process of time series data of a plurality of monitoring nodes of a cyber-physical system and a global features extraction process, global features extraction data. The AI watchdog computer platform then obtains reduced dimensional data, generates an updated decision boundary, compares the updated decision boundary to a certification manifold, determines based on the comparison that the updated decision boundary is certified, and determines, based on an anomaly detection process, whether the cyber-physical system is behaving normally or abnormally.

Methods performed by a first sink device, a source device, or a second sink device. The first sink device is connected to a source device via a first communication link and a second sink device via a second communication link, wherein the second sink device is configured to eavesdrop on communications between the first sink device and the source device on the first communication link. The methods include determining an occurrence of a trigger event and modifying an operation of at least one of the first sink device, the second sink device or the source device based at least on the trigger event occurring.

Systems, methods, and software can be used to detect remote application profiling. In some aspects, one computer-implemented method includes receiving, over a network, a request from a network client directed to a particular application executed by an application server; determining whether the received request deviates from a communications profile associated with the particular application; in response to determining that the received request deviates from the communications profile, identifying the network client as an attacker; and in response to identifying the network client as an attacker, performing a defensive response with respect to the network client.

Disclosed in some examples are methods, systems and machine-readable mediums which allow for more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in well-distributed positions determined by the user. These systems secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the well-distributed noise symbols from legitimate credential symbols.