A method for managing mobile payments in a mobile phone. The method includes receiving data associated with a plurality of issuer specific payment services at a mobile phone, selecting one of the issuer specific payment services, and conducting a transaction using the phone.

Mobile payment management

According to one embodiment, a malware classification scheme operating with an electronic device, configured with one or more hardware processors and a memory that stores the software handling the malware classification scheme that is conducted through analysis of behavior-based rules, is described. This malware classification scheme (i) conducts a determination whether a sequence of rules correspond to potential malicious behaviors detected during analysis of a malware sample within one or more virtual machines, and in response to determining that the sequence of rules corresponds to potential malicious behaviors, (ii) conducts an attempt to classify the malware sample to at least one known malware family based on an analysis of the sequence of rules.

Leveraging behavior-based rules for malware family classification

A method and system for a secure login solution for users logging into computers and systems that require authentication is provided incorporating one-time passwords. The method and system allows a user to establish a login key combination in relation to a login key structure. The login key combination is in association with an identification means, such as a username/ID, and allows the user to generate a one-time passcode in response to a random login key. The method and system is directed at situations where the user desires to log into a system from a computer or other electronic device that may not be secure, including for example from computers or devices other than the user's own and/or by using a communications connection that may not be secure, such as a wireless network connection. The method and system is simple and easy to implement and does not require the use of physical devices.

Method and system for providing a secure login solution using one-time passwords

Authentication data is received, from a first computing device, based on data received by the first computing device from a wireless token device, the authentication data used to authenticate a first user to a particular computing session hosted remote from the first computing device. The first computing device is authenticated to the particular computing session based on the received authentication data. The first computing device is permitted to consume resources of the particular computing session. In some instances, the data received by the first computing device from the wireless token device includes the authentication data.

Wireless token authentication

A first computing device is detected as substantially collocated with a wireless token device, using a short-range wireless communication network and a connection is established between the first computing device and the token device over the short-range wireless network. Authentication data is sent to the first computing device from the token device over the short-range wireless network to authenticate the token device at the first computing device. Authentication of the token device permits data accessible through the first computing device to be made available to a holder of the token device and to be presented on a user interface of the first computing device. In some instances, the wireless token device may otherwise lack user interfaces for presenting the data itself.

Wireless token device

An authentication system causing little load on a user upon authentication and having a high security. A management section (107) of a server device (106) stores a password of a character string consisting of a plurality of digits. A random number generator (108) generates a random number for each digit of the password. A communication section (111) transmits a plurality of random numbers to a terminal device (101). A calculation section (109) calculates an authentication value used for authentication by using a random number and password symbol for each digit of the password. In the terminal device (101), a display section (102) displays a random number for each digit of the password. An input section supplies an input value for the random number of each digit of the password and transmits the input value of each digit via a communication section (105). A judgment section (110) of the server device (106) judges whether the authentication value coincides with the input value for each digit of the password, thereby performing user authentication.

Authentication system, authentication device, terminal device, and authentication method

In a log analysis cooperation system including a logger that collects a log of a communication device and stores the log in a storage device, a SIEM apparatus that detects an attack, and a log analysis apparatus that analyzes the log collected by the logger, a log analysis cooperation apparatus stores an attack scenario in a storage device, receives from the SIEM apparatus warning information including information on the detected attack, computes a predicted occurrence time of an attack predicted to occur subsequent to the detected attack based on the warning information and the attack scenario, and transmits to the log analysis apparatus a scheduled search to search the log at predicted occurrence time computed. The log analysis apparatus transmits a scheduled search to the logger to search the log at the predicted occurrence time.

Attack analysis system, cooperation apparatus, attack analysis cooperation method, and program

In a log analysis cooperation system 1000 including a logger 901 that collects a log of a communication device 904 and stores the log in a storage device, a SIEM apparatus 902 that detects an attack, and a log analysis apparatus 903 that analyzes the log collected by the logger 901, a log analysis cooperation apparatus 1 stores an attack scenario 1104 in a storage device, receives from the SIEM apparatus 902 warning information 1201' including information on the detected attack, computes a predicted occurrence time of an attack predicted to occur subsequent to the detected attack based on the warning information 1201' and the attack scenario 1104, and transmits to the log analysis apparatus 903 a scheduled search 915 to search the log at predicted occurrence time computed. The log analysis apparatus 903 transmits a scheduled search 916 to the logger 901 to search the log at the predicted occurrence time.

Attack analysis system, coordination device, attack analysis coordination method, and program

During a user's transactions over the Internet, there are risks of unauthorised third party transactions carried out on the user's account, using the man-in-the-middle (MITM) attack and Trojan horse. In this paper, we propose a new interactive input method of sensitive information such as credit-card numbers and account numbers against these attacks. The proposing method relatively decides the input value that a user inputs using GUI with two or more cursors which move to different directions simultaneously. The user inputs the information based on a shared secret between the user and a server beforehand, and moves one of the cursors from the shared secret to the input value, and the server changes the cursors' position and asks a question about the value which the users cursors points at. The server can decide the user's input value though the response for the question. This method is strong and does not give any hint about which cursor is used t to the attacker unless both the user and the server expose the shared value and the input value.

Input method against Trojan horse and replay attack

Execute a countermeasure process for vulnerability reliably before an attack aiming at vulnerability occurs. A vulnerability countermeasure processing unit 1233 performs a countermeasure process for vulnerability of a vulnerable library function being a general-purpose library function that has vulnerability among the general-purpose library functions included in a general-purpose library 1230. A countermeasure selection unit 1232, when a call for the vulnerable library function is requested at execution of a Web application 1220, makes the vulnerability countermeasure processing unit 1233 perform the countermeasure process for the vulnerability of the vulnerable library function, and after the countermeasure process is performed by the vulnerability countermeasure processing unit 1233, calls the vulnerable library function.

Shoji Sakurai

Papers

Authentication system, authentication device, terminal device, and authentication method

Attack analysis system, cooperation apparatus, attack analysis cooperation method, and program

Attack analysis system, coordination device, attack analysis coordination method, and program

Input method against Trojan horse and replay attack

Program execution device and program analysis device