Abstract: A computer-implemented method, system and computer program product for recommending design changes in designing a digital integrated circuit. An analysis of the digital integrated circuit being designed is performed, where the result of such an analysis involves violations being identified and stored. A stored violation, such as a cross-domain, cross-hierarchy and multi-cycle violation, may then be analyzed to identify a root cause of the violation using a rule. Such a rule may be used for triaging various failures in the cross-domain, cross-hierarchy and/or multi-cycle violation of the digital integrated circuit. A design change in the design of the digital integrated circuit may then be recommended based on the identified root cause of the violation. In this manner, the root cause of failures are effectively identified in the design of digital integrated circuits using an offline analysis of cross-domain, cross-hierarchy and/or multi-cycle violations using a rules-based approach.

Abstract: The disclosed computer-implemented method for utilizing federated machine-learning to protect against potentially malicious data may include (i) arranging a set of client devices into groups for applying a federated machine-learning model, (ii) determining model updates for each of the groups over a predetermined period, (iii) training one or more recurrent neural networks to derive a low-dimensional representation of the model updates, (iv) calculating a data quality score for each of the client devices based on the model updates, (v) applying the federated machine-learning model to classify data instances on each of the client devices as including clean data or potentially corrupt data, and (vi) performing a security action that protects against the potentially malicious data by tagging the data instances classified as the potentially corrupt data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for generating user profiles may include (i) analyzing a data set of user profiles for services, (ii) detecting a measurement of obfuscation that was applied to a specific attribute across multiple user profiles for a specific service, (iii) applying the measurement of obfuscation to true data for a new user by fuzzing the true data to create a fuzzed value, and (iv) generating automatically a new user profile for the specific service by populating the specific attribute within the new user profile with the fuzzed value. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for preventing decentralized malware attacks may include (i) receiving, by a computing device, node data from a group of nodes over a network, (ii) training a machine learning model by shuffling the node data to generate a set of outputs utilized for predicting malicious data, (iii) calculating a statistical deviation for each output in the set of outputs from an aggregated output for the set of outputs, and (iv) identifying, based on the statistical deviation, an anomalous output in the set of outputs that is associated with one or more of the malicious nodes, the one or more malicious nodes hosting the malicious data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for categorizing security incidents may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including categories that were previously assigned to the security incidents as labels to describe the security incidents, (ii) training a supervised machine learning function on the training dataset such that the supervised machine learning function learns how to predict an assignment of future categories to future security incidents, (iii) assigning a category to a new security incident by applying the supervised machine learning function to a new feature vector that describes the new security incident, and (iv) notifying a client of the new security incident and the category assigned to the new security incident. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for managing computer security of client computing machines may include (i) monitoring a set of client computing devices, (ii) receiving security data on sets of security-related events from each client computing device in the set of client computing devices, (iii) clustering the sets of security-related events by calculating a dissimilarity value, for each set of security-related events, that indicates a uniqueness of the set of security-related events in relation to other sets of security-related events using a dissimilarity function and adjusting the dissimilarity function based on a homogeneity of clusters of sets of security-related events, (iv) determining, based on clustering the sets of security-related events by the dissimilarity value, that a set of security-related events comprises an anomaly, and (v) performing a security action in response to determining that the set of security-related events comprises the anomaly.

Abstract: The disclosed computer-implemented method for personalizing security incident reports may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including response codes that a set of clients previously assigned to the security incidents as labels, (ii) training a supervised machine learning function on the training dataset using the response codes that the set of clients previously assigned to the security incidents, (iii) applying the supervised machine learning function to a feature vector that describes a new security incident on the set of clients to predict that the set of clients will ignore the new security incident, and (iv) personalizing a list of security incidents that is electronically reported to the set of clients by deprioritizing the new security incident. Other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for remediating computer stability issues may include (i) determining that a device has experienced a computer stability problem, (ii) obtaining, from the device, one or more computer-generated log lines that potentially include information pertaining to a cause of the computer stability problem, (iii) directly analyzing text included within the computer-generated log lines, (iv) identifying information relating to the computer stability problem based on the direct analysis of the text, and (v) remediating the device to resolve the computer stability problem. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for categorizing security incidents may include (i) generating, within a training dataset, a feature vector for each of a group of security incidents, the feature vector including features that describe the security incidents and the features including categories that were previously assigned to the security incidents as labels to describe the security incidents, (ii) training a supervised machine learning function on the training dataset such that the supervised machine learning function learns how to predict an assignment of future categories to future security incidents, (iii) assigning a category to a new security incident by applying the supervised machine learning function to a new feature vector that describes the new security incident, and (iv) notifying a client of the new security incident and the category assigned to the new security incident. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for predicting security incidents triggered by security software may include (i) collecting, by a computing device, telemetry data from a set of security products deployed by a set of client machines, (ii) identifying, by the computing device, a selected security product within the set of security products that is missing telemetry data for a target client machine, (iii) building a classifier, by the computing device using the telemetry data, that predicts information about security incidents triggered by the selected security product, (iv) determining, by the computing device and based on the classifier, that the selected security product triggers a new security incident on the target client machine, and (v) performing a security action, by the computing device, to secure the target client machine against the new security incident. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for providing integrated security management may include (1) identifying a computing environment protected by security systems and monitored by a security management system that receives event signatures from the security systems, where a first security system uses a first event signature naming scheme that differs from a second event signature naming scheme used by a second security system, (2) observing a first event signature that originates from the first security system and uses the first event signature naming scheme, (3) determine that the first event signature is equivalent to a second event signature that uses the second event signature naming scheme, and (4) performing, in connection with observing the first event signature, a security action associated with the second event signature and directed to the computing environment. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for detecting security blind spots may include (i) detecting, via an endpoint security program, a threat incident at a set of client machines associated with a security vendor server, (ii) obtaining an indication of how the set of client machines will respond to the detecting of the threat incident, (iii) predicting how a model set of client machines would respond to the threat incident, (iv) determining that a delta exceeds a security threshold, and (v) performing a security action by the security vendor server, in response to determining that the delta exceeds the security threshold, to protect the set of client machines at least in part by electronically notifying the set of client machines of information about the prediction of how the model set of client machines would respond to the threat incident. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Disclosed is a coupler comprising a first structure, a first shaft rotatably supported by the first structure, a second structure supporting the first structure, and a moving device configured to move the first structure relative to the second structure.