Abstract: A system for performing an assessment of the robustness and resilience of an examined original ML model against model extraction attacks includes a computerized device having at least one processor, which is adapted to: train multiple candidate models MC with the external dataset D for each of the specified candidate learning algorithms a in Alg, where each candidate substitute model is trained on a subset of D corresponding to the evaluated ith query limit of the query budget constraint Q; evaluate the performance of each substitute model MC according to different evaluation methods ?Evaluation; and calculate the robustness of each substitute model, where smaller difference or high agreement/similarity rate between the performance of the original model and the substitute model indicates that the original and substitute models are similar to each other.

Abstract: An optimized limited-area WiFi network includes a plurality of Internet connectable devices, a wireless router for facilitating Internet connectivity, and a dynamically positionable signal coverage enhancer configured with an onboard processor, a signal coverage enhancing element, and mobile means. The signal coverage enhancer is repositionable, by the mobile means in response to a command signal transmitted by the processor, to a determined location of the limited-area WiFi network that is sufficiently close to one or more of the devices, such that an amplified signal produced by the signal coverage enhancing element which amplifies a wireless signal transmitted by the router maintains uninterrupted Internet operation of the to one or more devices.

Abstract: A system for testing Machine Learning (ML) and deep learning models for robustness, and durability against adversarial bias and privacy attacks, comprising a Project Repository for storing metadata of ongoing projects each of which having a defined project policy, and created ML models and data sources being associated with the ongoing projects; a Secure Data Repository, for storing training and testing datasets and models used in each project for evaluating the robustness of the each project; a Data/Model Profiler for creating a profile, based on the settings and configurations of the datasets and the models; a Test Recommendation Engine for recommending the relevant and most indicative attacks/tests for each examined model and for creating indicative and effective test suites; a Test/Attack Ontology module for storing all attacks/tests with their metadata and mapping the attacks/tests to their corresponding settings and configurations; an Attack Repository for storing the implemented tests/attacks.

Abstract: Various approaches are described herein for, among other things, detecting and/or neutralizing attacks by malicious code. For example, instance(s) of a protected process are modified upon loading by injecting a runtime protector that creates a copy of each of the process' imported libraries and maps the copy into a random address inside the process' address space to form a “randomized” shadow library. The libraries loaded at the original address are modified into a stub library. Shadow and stub libraries are also created for libraries that are loaded after the process creation is finalized. Consequently, when malicious code attempts to retrieve the address of a given procedure, it receives the address of the stub procedure, thereby neutralizing the malicious code. When the original program's code (e.g., the non-malicious code) attempts to retrieve the address of a procedure, it receives the correct address of the requested procedure (located in the shadow library).

Abstract: A method of compressing short text messages, comprising: generating an index code comprising an association of keywords in the text messages with indices, the index code is logically divided into segments of variable size, each segment comprising at least one bucket, being a constant range of indices; adjusting the index code according to a natural keyword frequency distribution and to statistical analysis of the text messages; associating short indices with frequent keywords in the text messages; converting the text messages into compressed text messages in which at least some of the keywords are replaced by the associated indices; and updating the association between the indices and the keywords, updating the segments, and updating the updating frequency in respect to a usage keyword frequency distribution and temporal changes thereof.

Abstract: A device for protecting a network environment from cyber security threats includes a processing unit and a non-transitory memory having processor-executable instructions stored thereon. The processing unit is configured to execute the processor-executable instructions to: (a) perform one or more auditing stages for examining and analyzing network devices by retrieving information, via a network adapter, from each of the network devices, so as to enable automatically monitoring, scanning and learning the network environment and its security configurations; (b) generate a cyber-security check report that reflects the results of the one or more auditing stages; and (c) give recommendations according to the report in order to increase a security level of the network.

Abstract: Various approaches are described herein for, among other things, detecting and/or neutralizing attacks by malicious code. For example, instance(s) of a protected process are modified upon loading by injecting a runtime protector that creates a copy of each of the process' imported libraries and maps the copy into a random address inside the process' address space to form a “randomized” shadow library. The libraries loaded at the original address are modified into a stub library. Shadow and stub libraries are also created for libraries that are loaded after the process creation is finalized. Consequently, when malicious code attempts to retrieve the address of a given procedure, it receives the address of the stub procedure, thereby neutralizing the malicious code. When the original program's code (e.g., the non-malicious code) attempts to retrieve the address of a procedure, it receives the correct address of the requested procedure (located in the shadow library).

Abstract: A device for protecting a network environment from cyber security threats includes a processing unit and a non-transitory memory having processor-executable instructions stored thereon. The processing unit is configured to execute the processor-executable instructions to: (a) perform one or more auditing stages for examining and analyzing network devices by retrieving information, via a network adapter, from each of the network devices, so as to enable automatically monitoring, scanning and learning the network environment and its security configurations; (b) generate a cyber-security check report that reflects the results of the one or more auditing stages; and (c) give recommendations according to the report in order to increase a security level of the network.

Abstract: The present invention discloses a method for matching products sale promotions for users while using an application in a computer device. The method comprising the steps of: tracking user usage of application and/or usage of the computer device, including at least path of navigation, activities and context when using an application, aggregating and analyzing usage data of each user in relation to at least one application for identifying behavior pattern, user characteristics and user preferences, updating user profile based on identifying behavior pattern user characteristics and user preferences and matching product commercial in real-time to user while using the application, based on his updated profile and current usage of the application according to predefined triggering rules.

Abstract: A system for task modeling interactive sequential applications for one or more mobile devices has a software tool for defining a generic meta-model of the target applications. The generic meta-model has a static model of application components, and a dynamic model of identifiers of application screens and connections; a passive Task Model database for storing the generic meta-model for future reuse, which further comprises static instances of the generic meta-model specifically generated for a variety of mobile devices; a tracker module for real-time monitoring and creating unique identifier for each application's screen visited by the user of the mobile device, wherein created identifiers are used for generating active models of the user actual use; and an active Task Model database for storing the active models, wherein data transferring and storing is minimized to screen identifier numbers.

Abstract: The present invention discloses a method for discovering and activating an application in a computer device. The method comprising the steps of: defining at least one application based on its functionality including at least one action which is enabled by the application, identifying a required action to be performed by the user and searching loading a relevant application for the identified action, wherein the process of defining and identifying are performed by at least one processor unit.

Abstract: A system for task modeling interactive sequential applications for one or more mobile devices, which comprises a software tool for defining a generic meta-model of the target applications, wherein the generic meta-model consist of a static model of application components, and a dynamic model of IDs of application screens and connections; a passive TM database for storing the generic meta-model for future reuse, which further comprises static instances of the generic meta-model specifically generated for a variety of mobile devices; a tracker module for real-time monitoring and creating unique ID for each application's screen visited by the user of the mobile device, wherein created IDs are used for generating active models of the user actual use; and an active TM database for storing the active models, wherein data transferring and storing is minimized to screen ID numbers.