407results about How to "Reduce attack" patented technology

A wireless intrusion prevention system and method to prevent, detect, and stop malware attacks is presented. The wireless intrusion prevention system monitors network communications for events characteristic of a malware attack, correlates a plurality of events to detect a malware attack, and performs mitigating actions to stop the malware attack.

A situational awareness system includes a first local network having a plurality of digital communication devices, each device capable of gathering information pertinent to an area in proximity of the device and providing information to a control station capable of collaborating the information and provide such information to the devices on the local network; a first regional network having a plurality of local networks, including the first local network, within an area of responsibility, the first regional network having a regional control station capable of collaborating information from the devices and provide said information to devices on the local network; and a central network having a plurality of regional networks including the first regional network, the central network having a central control station capable of collaborating information from the regional control stations and provide the information to devices on a local network.

A method for selective etching of an SiGe mixed semiconductor layer on a silicon semiconductor substrate by dry chemical etching of the SiGe mixed semiconductor layer with the aid of an etching gas selected from the group including ClF₃ and/or ClF₅, a gas selected from the group including Cl₂ and/or HCl being added to the etching gas.

A method to mitigate attack by an upstream service provider using cloud mitigation services. An edge detection device, which located at the subscriber's network edge, is able to communicate information via status messages about attacks to an upstream service provider. The service provider is then able to mitigate attacks based on the status messages. There is a feedback loop whereby the amount of dropped traffic by the service provider is added to the network traffic to keep the mitigation request open and prevent flapping. Likewise, the detection device includes time-to-engage and time-to-disengage timers to further prevent flapping.

Some of these problems with digital information protection systems may be overcome by providing a mechanism which allows a content provider to encrypt digital information without requiring either a hardware or platform manufacturer or a content consumer to provide support for the specific form of corresponding decryption. This mechanism can be provided in a manner which allows the digital information to be copied easily for back-up purposes and to be transferred easily for distribution, but which should not permit copying of the digital information in decrypted form. In particular, the encrypted digital information is stored as an executable computer program which includes a decryption program that decrypts the encrypted information to provide the desired digital information, upon successful completion of an authorization procedure by the user. In combination with other mechanisms that track distribution, enforce royalty payments and control access to decryption keys, the present invention provides an improved method for identifying and detecting sources of unauthorized copies. Suitable authorization procedures also enable the digital information to be distributed for a limited number of uses and/or users, thus enabling per-use fees to be charged for the digital information.

A lead frame structure, a packaging structure and a lighting unit are disclosed. The lead frame structure includes at least two first lead frame units having a space therebetween, and the two first lead frame units are arranged in an opposite manner. Each the first lead frame unit has a first conducting portion, a second conducting portion, and a first connection portion between the first and the second conducting portions. Moreover, the first connection portion has at least two grooves on a surface thereof.

This disclosure describes a global attacker database that utilizes device fingerprinting to uniquely identify devices. For example, a device includes one or more processors and network interface cards to receive network traffic directed to one or more computing devices protected by the device, send, to the remote device, a request for data points of the remote device, wherein the data points include characteristics associated with the remote device, and receive at least a portion of the requested data points. The device also includes a fingerprint module to compare the received portion of the data points to sets of data points associated with known attacker devices, and determine, based on the comparison, whether a first set of data points of a first known attacker device satisfies a similarity threshold. The device also includes an security module to selectively manage, based on the determination, additional network traffic directed to the computing devices.

Methods and systems are provided for performing and verifying transactions involving authentication with a secure credential, such as a smart card, in an untrusted or semi-trusted environment. An application module, operating in an untrusted or semi-trusted environment can be denied access to sensitive data. The application module can determine a preliminary command to be sent to the credential and transmit the preliminary command to a broker module. The broker module, operating in a trusted environment, can supply sensitive data and transmit the command to the credential. Subsequently, the broker module can extract sensitive data from a response before it is transmitted to the application module. A verification server can audit the transaction to verify that it was carried out properly.

The invention discloses a system and method for initializing a safety indicator of a credible user interface, and relates to the field of mobile intelligent terminals. The system comprises a TSM server, an application store and a mobile intelligent terminal. The mobile intelligent terminal comprises a mobile intelligent terminal operating system and a TEE. The mobile intelligent terminal operating system comprises a client side application module and a TEE client side drive module. The TEE provides a safe operation environment isolated from the mobile intelligent terminal operating system, the interior of the TEE is logically divided into a plurality of safety domains, and mutual isolation and independence of credible applications are guaranteed. Each safety domain is provided with a safety domain management module and a credible application module, and the TEE provides the safe operation environment for the safety domain management modules and the credible application modules. According to the system and method, individualization of the safety indicator in the credible UI provided for the credible application modules can be safely achieved, display credibility of the safety indicator is effectively improved, and the risk that the safety indicator is attacked and intercepted by malicious software is reduced.

Techniques for securely invoking a server-side API from client-side Web application code using AJAX. In one set of embodiments, a request to invoke a server-side API is received from a client-side component of a Web application, where the request is sent asynchronously using AJAX. One or more security handlers are then invoked to process the request in a manner that mitigates various security attacks. In one embodiment, a security handler is invoked to defend against a plurality of different types of Web application/AJAX security attacks. In another embodiment, authentication and authorization security handlers are invoked to authenticate a user of the Web application that originated the request and determine whether the user is authorized to call the server-side API. In yet another embodiment, configuration is implemented at the data storage tier to enforce user-access and data security on data that is retrieved/stored as a result of invoking the server-side API.

A system, method and computer readable storage medium that receives traffic/packets from external devices attempting to access protected devices in a protected network. A determination is made to whether a received packet belongs to one of a plurality of packet classifications. Each packet classification indicative of different classes of IP traffic. Countermeasures are applied to a received packet to prevent attack upon the protected devices. Applying a countermeasure to a received packet determined to belong to one of the plurality of packet classifications includes countermeasure modification/selection contingent upon the determined packet classification for the received packet.

The invention discloses a network defense method based on a honey pot technology. Malicious flor is introduced into a Web application scene honey pot based on Docker via a proxy server, malicious attack of malicious flow is intercepted through the Web application scene honey pot; thus, in the scheme, through deployment of the Web application scene honey pot based on Docker, network attack can be defensed actively, attack to a real goal by an attacker is delayed, the precious attack tracing time is provided for a defender. The Web application scene honey pot based on Docker also can effectivelyovercome the defect of inadaptability to real scenes of a customer, storage space is effectively reduced through a virtual Docker technology, the network is isolated, interference of honey pots is guaranteed, and the stability of the honey pot is guaranteed through continuous integration. The invention also discloses a network defense system based on the honey pot technology. The system also canhave the technical effects.

An authentication system and device including physical unclonable function (PUF) and threshold cryptography comprising: a PUF device having a PUF input and a PUF output and constructed to generate, in response to the input of a challenge, an output value characteristic to the PUF and the challenge; and a processor having a processor input that is connected to the PUF output, and having a processor output connected to the PUF input, the processor configured to: control the issuance of challenges to the PUF input via the processor output, receive output from the PUF output, combine multiple received PUF output values each corresponding to a share of a private key or secret, and perform threshold cryptographic operations. The system and device may be configured so that shares are refreshable, and may be configured to perform staggered share refreshing.

With the objectives of alleviating the property of attacking on the mating member by scratching-off of local agglutinates on the sliding contact surface, achieving improved wear resistance, and achieving improved seizure resistance through restraint of frictional heat generation by a hard phase, a copper based sintered contact material contains shock-resistant ceramics in an amount of 0.05 to less than 0.5 wt % as non-metallic particles composed of one or more substances selected from pulverized oxides, carbides and nitrides. The shock-resistant ceramics are comprised of SiO₂ and/or two or more substances selected from SiO₂, Al₂O₃, LiO₂, TiO₂ and MgO.

The invention relates to the field of stem cells, and discloses novel use of a stem cell exosome, and particularly discloses novel use of a human amniotic mesenchymal stem cell exosome. The experiment result shows that a human amniotic mesenchymal stem cell is capable of promoting growth of HDF cells, improving the activity of SOD (Superoxide Dismutase) enzyme in the cells, reducing attacks and damages to the cells caused by oxygen radicals generated by ultraviolet radiation induction, and reducing the death rate of the cells. The use shows that the human amniotic mesenchymal stem cell exosome has an anti-photoaging effect, and meanwhile, the human amniotic mesenchymal stem cell exosome is free of phototoxicity, so that application of the human amniotic mesenchymal stem cell exosome in preparation of an anti-ageing preparation is provided. The invention also provides an anti-ageing preparation of the human amniotic mesenchymal stem cell exosome.

The present invention provides a method and an apparatus for tracing an attack source in the case of an abnormal network traffic, where said method comprises: from the network node(s) of an attack link, any or multiple said network nodes are selected as a tracing start point(s) and there into, said attack link is a communication link between an attacked target and an attack source. According to said tracing start point(s), a higher-level network node of said attack link is identified stepwise until a final attack source is confirmed. By adopting said technical solution provided by the present invention, the problems that the network security mechanisms in related technologies can only alleviate a network attack rather than position an attack source are solved, thus an effect can be achieved to trace and position the attack source in a reverse direction.

This invention provides a method for coating a ceramic film on a metal, which can form dense films on various bases of metals such as magnesium alloys. The formed ceramic film has excellent abrasion resistance, causes no significant attack against a counter material, and has excellent corrosion resistance. The method comprises electrolyzing a metallic base in an electrolysis solution using the metallic base as a working electrode while causing glow discharge and/or arc discharge on the surface of the metallic base to form a ceramic film on the surface of the metallic base. The electrolysis solution contains zirconium oxide particles having an average diameter of not more than 1 μm, satisfies the following formulae (1) to (3): 0.05 g/L≦X≦500 g/L (1), 0 g/L≦Y≦500 g/L (2), and 0≦Y/X≦10 (3); and has a pH value of not less than pH 7.0. In the formulae (1) to (3), X represents the content of zirconium oxide particles in the electrolysis solution; and Y represents the content of a compound of at least one element selected from the group consisting of Mg and the like, other than zirconium oxide.

The invention discloses a method for planting organic arabian jasmine flowers. The method comprises the steps of seed selection of the arabian jasmine flowers, soil ph adjustment, seedling growing, soil preparation, planting, pruning and cutting, weeding, fertilization and plant disease and insect pest prevention, the method mainly aims to produce the high-quality organic arabian jasmine flowers free of pesticides, hormones and chemical pollution and meet the needs of providing and producing various high-end organic jasmine tea and producing edible fresh and dry arabian jasmine flowers or arabian jasmine flower spices, and the arabian jasmine flowers obtained through the full-ecological technology planting method are purely natural, have fragrance, are free of peculiar smells, and are pure white in color.

Disclosed is a process for the upgrading of heavy oils and bitumens, where the total feed to the process can include heavy oil or bitumen, water, and diluent. The process can include the steps of solvent deasphalting 110 the total feed 105 to recover an asphaltene fraction 116, a deasphalted oil fraction 118 essentially free of asphaltenes, a water fraction 112, and a solvent fraction 114. The process allows removal of salts from the heavy oils and bitumens either into the aqueous products or with the asphaltene product.