459 results about "Hacker" patented technology

The invention relates to a mobile terminal digital certificate electronic signature method. According to the method, based on the characteristics of public keys and private keys and on the premise of not violating the rules prescribed by the electronic signature law, for example, a private key should be generated in a user terminal and should not leave the user terminal, a private key should not be transmitted via the network, and the like, a private key is discarded and locally and discretely stored after encryption, and the cloud uses strategies such as storing the public key and certificate to ensure that the private key is not locally cracked. In the transport layer, strategies such as double key and one-time pad are adopted to ensure that important information is not intercepted and decoded in network transmission. The identity of a certificate applicant is verified through the interface of an issuing bank, the user identity verification result of the bank counter is inherited, and therefore, remote online certificate issuing is realized in the system. The method not only can ensure that all the links of certificate applying, certificate issuing, certificate storing and certificate using are safe, but also can prevent hackers and Trojans from stealing certificate files, prevent network package-capture parsing, prevent password intercepting through screen capture and prevent an algorithm from being known through software decompiling.

A system and method are disclosed that overcome deficiencies of prior art IEEE 802.11 WEP key management schemes. Preferred embodiments of the present system and method update WEP keys and rotate transmission key indices in a synchronized manner and on a frequent basis making it impractical for a hacker to gather sufficient network traffic using any one WEP key to decrypt that key and without disrupting communications. Preferred embodiments of the present system and method do not require changes in access point or mobile unit hardware, radio drivers, or firmware and are therefore compatible with existing or legacy network infrastructure or components. The disclosed system and method may be used to facilitate secure communications between one or more access points and one or more mobile units and / or groups of two or more mobile units engaging in peer-to-peer associations.

Hash numbers are assigned to each individual ballot choice made by a particular voter and a hash total, establishing the voter's set of ballot choices, is recorded and a printed receipt is issued to the voter, bearing the voter's identification number, to assure him that his vote was correctly recorded along with his hash total. If the voter presents his receipt, to deny that he voted as shown on the receipt, an unfavorable comparison of the previously recorded hash total, with the hash total on the receipt, proves that the receipt was forged, and each such tampering attempt and voter ID is recorded. Recounts are unnecessary, unless the number of such recorded attempts at tampering exceed a predetermined number. A hacker attempt to change a recorded vote will fail because the hash totals of the altered ballot won't match the correct hash total because the hash encoding algorithm is secret.

The present invention relates to a deep-learning-based intrusion detection method, a system and a computer program for web applications, and more particularly, to a method, a system and a computer program for detecting whether the traffic is a hacker attack, based on an output from a deep neural network (DNN) model after setting network traffic flowing into a server farm as an input of the model. The present invention provides an effective intrusion detection system by utilizing deep neural networks in the form of complicated messages of the Web service protocol (hypertext transfer protocol (HTTP)), which is most general and representative for a company, among various application-layered services. In particular, the present invention provides a web application threat detection method, a system and a computer program implementing the same that are configured to determine security threats bypassing and intruding the detection scheme of the signature-based security system.

This invention relates to security protocols for RFID systems. Systems and methods are presented to protect the system from hackers attempting to compromise the RFID system. Also, methods and systems for improving RFID security are disclosed. The systems utilize mechanisms to determine the authenticity of the RFID tags used in such systems. The systems and methods also reduce unauthorized access to the RFID system. A system and method to make tags more difficult to compromise or counterfeit is also described.

Various embodiments for predicting which software vulnerabilities will be exploited by malicious hackers and hence prioritized by patching are disclosed.

The DigiPass for the Web provides security for internet communication greater than that achieved by the use of a static password without requiring the user to install any software or to possess or use dedicated hardware of any kind. The user merely access an appropriate website which downloads an applet to the user's browser. This is a conventional function which is handled by the browser and does not require any expertise on the part of the user. The browser relies on a password known only to the user for authenticating the user to the browser / applet. The browser / applet interacts with the server to create an authentication key which is then stored on the user's computer. The user can invoke the authentication key dependent on the user's presentation to the browser / applet of the password. Since the password is not used outside the user-browser / applet interaction it is not subject to attacks by hackers. The authentication key is also protected from attacks by encryption although the user need not memorize any information other than the password.

The invention discloses a method for hacker behavior discovery and analysis based on linkage of intrusion detection and vulnerability scanning. Through linkage of an intrusion detection technology and a vulnerability scanning technology, an attack is accurately positioned or a suspicious hacker behavior is discovered, so that the hacker intrusion behavior is timely intervened to avoid loss before the hacker intrusion behavior is successful, and furthermore, an attack source is analyzed and discovered through an attack source tracking technology, and the subsequent attack behavior of the attack source is prevented by utilizing the technologies, such as blacklist.

A method of identity authentication and fraudulent phone call verification uses an identification code of a communication device and a dynamic password. The “dynamic password” is directly sent to an Internet user via a dynamic web-page of a specific website instead of by means of a traditional telephone short message. Thus, the “dynamic password” cannot be copied from the spyware infected communication device of the Internet user. Furthermore, even if the “dynamic password” is intercepted or otherwise discovered by a hacker or intruder, authentication is still secure because the dynamic password must be sent back to the specific website via a short message or the like from the same communication device having the corresponding identification code that was initially input by the Internet user in order to generate the dynamic password.

Data surveillance techniques are presented for the detection of security issues, especially of the kind where privileged data may be stolen by steganographic, data manipulation or any form of exfiltration attempts. Such attempts may be made by rogue users or admins from the inside of a network, or from outside hackers who are able to intrude into the network and impersonate themselves as legitimate users. The system and methods use a triangulation process whereby analytical results pertaining to data protocol, user-behavior and packet content are combined to establish a baseline for the data. Subsequent incoming data is then scored and compared against the baseline to detect any security anomalies. The above data surveillance techniques are also applied for detecting intentional or unintentional exfiltration / leak of privileged data / assets between unauthorized users / groups of the organization.

The utility model discloses an isolation method for bidirectional protocols in network and the specialized equipments of the method. The utility model really realizes the protocol isolation between the internal network and the external network; the safety of the internal network is ensured; hackers cannot build direct dialogue with the internal network; the function of the core isolation card of the utility model is not programmable; content review and DNS protection are provided, which can resist hostile attack; data bidirectional transmission is possible, and not only good safety is provided to users, the data access of users is also facilitated.