60 results about "Adversary" patented technology

A system and method is provided for identifying and analyzing cyber-attacks and profiling adversaries responsible for such attacks. The system and method allows for the quantitative measurement of adversary attack behavior. The system and method is able to extract quantitative data from raw attack data and compare the quantitative data to a database of quantifiable metrics associated with known adversaries. This allows for the possible linking of a cyber-attack to a known adversary or known adversary behavior.

A quantum key distribution protocol is provided that reduces the maximum value of the leaked information amount over the same distance when an adversary makes a photon number splitting attack more than the reduction by the BB84 protocol and the SARG protocol, by making use of the advantages of the BB84 protocol and the SARG protocol. By properly proportioning the existing BB84 protocol and the SARG protocol in accordance with the rate determined by the communication distance between the sender and the receiver of the coherent light, a protocol that is more robust against photon number splitting attack than the known existing protocols can be realized, and long distance quantum key distribution, which was not possible until now, becomes possible.

The One-Qubit Pad (OQP) protocol and its generic implementing device constitute a novel, maximally efficient scheme for encryption of quantum information with a quantum key of just a single qubit in an arbitrary unknown quantum state. The OQP enables encryption of the quantum information of n qubits register with a single qubit key upon provision of a multi-qubit entanglement between the single qubit key and the n qubits of the quantum message by the iterative application of the CNOT gate on the same key qubit (control input) and subsequent qubits of the message (target input). This results in an entanglement of all n+1 qubits, which locks original quantum information qubits and the single qubit of the key in a jointly entangled state that cannot be disentangled without the single qubit key. In order to decrypt the quantum message (by its disentanglement) one needs to have the qubit key and either reverse the protocol (applying CNOT operations in the reversed order) or simply measure the entangled key qubit and then depending on the outcome either straightforwardly obtain the decrypted quantum message or its quantum negation (dealt with by again applying quantum negation on all of the message qubits thus restoring their original states). The OQP protocol and its implementing device is proposed one hundred years after the classical One-Time Pad (Vernam cipher) was invented in 1917. The main differences between two schemes show how much quantum and clasical information differ. It is of course impossible to unconditionally securely encrypt classical sequence of n bits with just 1 bit of a key or guarantee that the random key that can be used for this purpose of n bits length (same as of the message) could not be copied. In contrast both these features are possible for the quantum information as described upon the proposed invention. The main characteristic of the OQP protocol to use only a single qubit as the key to enable information-theoretic security of n qubits quantum information encryption follows from the introduction in the invention of the multi-qubit entanglement, which is a non-local, topological and non-classical phenomenon giving quantum information significant edge over its classical counterpart. The main application of the OQP protocol and its implementing generic device is to lock quantum information with the single key qubit in order to prevent any unauthorized access to it (not only a classical access upon a measurement, but more importantly a quantum access by a quantum information processing device). This application can be also extended to communication scenario jointly with the Quantum Teleportation, which without OQP requires pre-sharing of n pairs of Bell states between Alice and Bob to securely communicate n qubits long quantum message, whereas in contrast with the OQP protocol just one pair of Bell state is required to securely teleport only the single qubit key for the OQP encrypted quantum message sent through an insecure quantum channel and still be access-protected from Eve (an adversary).

Apparatus and an accompanying method, for forming and embedding a highly tamper-resistant cryptographic identifier, i.e., a watermark, within non-marked executable code, e.g., an application program, to generate a “watermarked” version of that code. Specifically, the watermark, containing, e.g., a relatively large number of separate executable routines, is tightly integrated into a flow pattern of non-marked executable code, e.g., an application program, through randomly establishing additional control flows in the executable code and inserting a selected one of the routines along each such flow. Since the flow pattern of the watermark is highly intertwined with the flow pattern of the non-marked code, the watermark is effectively impossible to either remove from the code and / or circumvent. The routines are added in such a manner that the flow pattern of resulting watermarked code is not substantially different from that of the non-marked code, thus frustrating third party detection of the watermark using, e.g., standard flow analysis tools. To enhance tamper-resistance of the watermarked code, each such routine can provide a pre-defined function such that if that routine were to be removed from the marked code by, e.g., a third party adversary, then the marked code will prematurely terminate its execution.

Embodiments of the present invention concern detecting Test-Time Evasion (TTE) attacks on neural network, particularly deep neural network (DNN), classifiers. The manner of detection is similar to that used to detect backdoors of a classifier whose training dataset was poisoned. Given knowledge of the classifier itself, the adversary subtly (even imperceptibly) perturbs their input to the classifier at test time in order to cause the class decision to change from a source class to a target class. For example, an image of a person who is unauthorized to access a resource can be modified slightly so that the classifier decides the image is that of an authorized person. The detector is based on employing a method (similar to that used to detect backdoors in DNNs) to discover different such minimal perturbations for each in a set of clean (correctly classified) samples, to change the sample's ground-truth (source) class to every other (target) class. For each (source, target) class pair, null distributions of the sizes of these perturbations are modeled. A test sample is similarly minimally perturbed by the detector from its decided-upon (target) class to every other (potential source) class. The p-values according to the corresponding null distributions of these test-sample perturbations are assessed using the corresponding nulls to decide whether the test sample is a TTE attack.

Protecting the security of an entity by using passcodes is disclosed. A user's passcode device generates a passcode. In an embodiment, the passcode is generated in response to receipt of user information. The passcode is received by another system, which authenticates the passcode by at least generating a passcode from a passcode generator, and comparing the generated passcode with the received passcode. The passcode is temporary. At a later use a different passcode is generated from a different passcode generator. In these embodiments, there are asymmetric secrets stored on the passcode device and by the administrator. This adds more security so that if the backend servers are breached, the adversary cannot generate valid passcodes. In some embodiments, the passcode depends on the rounded time.

Methods for choosing groups for a static Diffie-Hellman key agreement protocol to inhibit active attacks by an adversary are provided. In mod p groups, an even h is chosen of value approximately ( 9 / 16)(log2n)2, values r and n are determined using sieving and primality testing on r and n, and a value t is found to compute p=tn+1 wherein p is prime. In elliptic curve groups defined over a binary filed, a random curve is chosen, the number of points on the curve is counted and this number is checked for value of 2n wherein n is prime and n−1 meets preferred criteria. In elliptic curve groups defined over a prime field of order q, a value n=hr+1 is computed, wherein n is prime and n−1 meets preferred criteria, and a complex multiplication method is applied on n to produce a value q and an elliptic curve E defined over q and having an order n.

A routing protocol is used to transmit messages from a sender to a receiver over a network of nodes, where adversaries can control links between the nodes and can also control the behavior of a large number of nodes. Various techniques can be used, along or in combination, to combat these effects. In one approach, certain trigger conditions are identified, the occurrence of which signals malicious behavior within the network. When signaled, the sender requests status reports from the intermediate nodes in an effort to determine which nodes are malicious. The information for the status reports is generated by nodes as packets are passed from one node to the next.

Different targets (c0, N1) of a digital certificate are mapped into a “super-target” using methods allowing a certificate validity verifier (110) to compute the super-target. The certificate includes the super-target instead of the targets. Also, a certificate with multiple targets can be signed with a redactable signature by the certification authority (CA 120). When the certificate's owner provides the certificate to a verifier together with a validity proof, the owner redacts the certificate to delete unnecessary targets. A single validity proof (ci(F)) may be provided to certificate owners for a set (F) of the certificates via a multicast transmission if a multicasting group (2010) is formed to correspond to the set. A verifier (110) may decide to cache the validity proof for a set provide the cached proof to other parties. The caching decision is based on the caching priority of the set F. The priority may depend on the number of certificates in the set F, the sum of the remaining validity periods for the certificates in the set, and other factors. In the setup phase, the CA generates validation proof data structures for greater time than the maximum validity period of any certificate. Therefore, new certificates can be added to the existing data structures after the setup phase. A distributed certificate authority includes a CA and a number of Sub-CAs (2610). The Sub-CAs have secret certificate validation data, but different data are provided to different Sub-CAs for each certificate. If a Sub-CA is compromised, the Sub-CA validity proof will be withheld by the CA to alert the verifiers not to use the data from this Sub-CA. Also, the secret data are encrypted when distributed to the Sub-CAs. A decryption key (DK.j.k) for each “partition” of time is distributed to each Sub-CA at or shortly before the start of the partition. A compromised Sub-CA can be reactivated at the end of the partition because the adversary does not get the decryption keys for the future partitions.

A protocol with constant-time complexity solves the problem of private identification of tags in low-cost, large-scale radio frequency identification (RFID) systems—assuming that an adversary has complete control over the communication channel. Each RFID tag has an internal counter, c, and is preloaded with a unique pseudonym, ψ, and a secret key, k. A RFID reader attempting to identify and authenticate a tag within its range generates and transmits a random nonce to the RFID tag, which returns a first hash of its current pseudonym and counter, and a second hash that is a function of the secret key. The reader uses the returned data to identify the RFID tag and its secret key by reference to a database and returns other hash values that authenticate the reader to the RFID tag. The most expensive operation that RFID tags are required to perform is a hash function.

Identifying cyber adversary behavior on a computer network is provided. Individual security events are received from multiple threat intelligence data sources. A security incident corresponding to an attack on at least one element of the computer network, the security incident being described by the individual security events received from the multiple threat intelligence data sources, is matched to a defined cyber adversary objective in a structured framework of a plurality of defined cyber adversary objectives and a related technique associated with the defined cyber adversary objective used by a cyber adversary in the attack. A set of mitigation actions is performed on the computer network based on matching the security incident corresponding to the attack on the computer network to the defined cyber adversary objective and the related technique.

A method for operation of a communication network reduces leakage of data to an adversary that can observe signals transmitted through the communication network. The method includes generating a ranking to order operation of a plurality of nodes that exchange data in a group cryptographic key exchange process based on a leakage map of the nodes. The ranking minimizes leakage of data through a shared communication medium during the group cryptographic key exchange process. The method includes transmitting the ranking to the plurality of nodes through the shared communication medium, and performing, with the plurality of nodes, the group cryptographic key exchange process in an order of operation specified in the ranking to enable the plurality of nodes to exchange a shared cryptographic keythrough the shared communication medium while minimizing leakage of data.

A method for privacy-preserving inventory matching may include: (1) receiving a plurality of axe submissions; (2) arranging the parties into data structures based on a direction in the party's axe submission; (3) sending each party's commitment to the other party; (4) receiving, from each party, output secret-shares of an arithmetized comparison circuit; (5) verifying that the output secret-shares of the arithmetized comparison circuit received from the parties match commitments to the output secret-shares sent by the respective opposite party; (6) identifying a minimal party based on the outputs of the arithmetized comparison circuit; (7) generating and sending a proof of the minimal party identification to the minimal party; (8) receiving a minimal quantity integer from the minimal party; (9) revealing the minimal quantity integer to the first party and the second party; and (10) executing the trade for the minimal quantity integer.

Described is a system for prediction of adversary movements. In an aspect, the system includes one or more processors and a memory, the memory being a non-transitory computer-readable medium having executable instructions encoded thereon, such that upon execution of the instructions, the one or more processors perform operations of computing relative positions of multiple objects of interest, generating a feature representation by forming a matrix based on the relative positions, predicting movement of the multiple objects of interest by applying clustering to the feature representation and by performing canonical correlation analysis, and controlling a device based on the predicted movement of the multiple objects of interest.

Various embodiments of the present invention relates generally to an integrated circuit, and more particularly, to systems, devices and methods of incorporating a tamper detection countermeasure into a security ASIC to deter physical attacks. The tamper detection countermeasure architects an active mesh to cover a sensitive area in the security ASIC. A plurality of time-varying random numbers is generated by a random number generator (RNG), and the active mesh is driven and configured according to these random numbers. During tamper detection cycles, the active mesh is monitored with respect to the plurality of random numbers that is directly provided by the RNG. Upon a tampering attempt, a flag signal is generated and used to initialize subsequent anti-tampering actions. The active mesh may be controlled and monitored based on time-varying codes, and therefore, an adversary may not easily bypass the active mesh and attack the sensitive area.