Abstract: Systems and methods are provided for training a machine learning model to generate a score indicating a level of discrepancy between a commit message and a corresponding code change. The computing system receives a commit comprising a given commit message and a given corresponding code change and analyzes, using the trained machine learning model, the given commit message and given corresponding code change to generate a score indicating the level of discrepancy between the given commit message and the given corresponding code change of the received commit.

Abstract: Systems and methods are provided for training a machine learning model to generate a score indicating a level of discrepancy between a commit message and a corresponding code change. The computing system receives a commit comprising a given commit message and a given corresponding code change and analyzes, using the trained machine learning model, the given commit message and given corresponding code change to generate a score indicating the level of discrepancy between the given commit message and the given corresponding code change of the received commit.

Abstract: Distributed vector representations of source code commits, are generated to become part of a data corpus for machine learning (ML) for analyzing source code. The code commit is received, and time information is referenced to split the source code into pre-change source code and post-change source code. The pre-change source code is converted into a first code representation (e.g., based on a graph model), and the post-change source code into a second code representation. A first particle is generated from the first code representation, and a second particle is generated from the second code representation. The first particle and the second particle are compared to create a delta. The delta is transformed into a first commit vector by referencing an embedding matrix to numerically encode the first particle and the second particle. Following classification, the commit vector is stored in a data corpus for performing ML analysis upon source code.

Abstract: Distributed vector representations of source code commits, are generated to become part of a data corpus for machine learning (ML) for analyzing source code. The code commit is received, and time information is referenced to split the source code into pre-change source code and post-change source code. The pre-change source code is converted into a first code representation (e.g., based on a graph model), and the post-change source code into a second code representation. A first particle is generated from the first code representation, and a second particle is generated from the second code representation. The first particle and the second particle are compared to create a delta. The delta is transformed into a first commit vector by referencing an embedding matrix to numerically encode the first particle and the second particle. Following classification, the commit vector is stored in a data corpus for performing ML analysis upon source code.

Abstract: A front end receives a request for data specifying a data type. A query handler retrieves data of the data type comprising a plurality of data records from at least one database. The query handler assigns a classification attribute to each data record using a pre-defined classification policy stored in a policy store. A discrimination detection engine statistically evaluates the classification attributes for the data to identify a mutual information metric. The query handler generates a listing of one or more discriminatory attributes and corresponding mutual information metric contributing to discriminatory data patterns based on the mutual information metric.

Abstract: Systems and methods are provided for retrieving a set of code changes to source code from a source code repository, analyzing the set of code changes to generate a vector representation of each code change of the set of code changes, analyzing the vector representation of each code change of the set of code changes using a trained security-relevant code detection machine learning model, receiving a prediction from the security-relevant code detection machine learning model representing a probability that each code change of the set of code changes contains security-relevant changes, analyzing the prediction to determine whether the prediction is below or above a predetermined threshold, and generating results based on determining whether the prediction is below or above a predetermined threshold.

Abstract: Data is received that characterizes source code requiring a security vulnerability assessment. Using this received data, an input node of a vulnerability context graph is generated. Subsequently, at least one node is resolved from the input node using at least one of a plurality of resolvers that collectively access each of a knowledge base, a source code commit database, and at least one online resource. Additionally nodes are later iteratively resolved at different depth levels until a pre-defined threshold is met. The vulnerability context graph is then caused to be displayed in a graphical user interface such that each node has a corresponding graphical user interface element which, when activated, causes complementary information for such node to be displayed.

Abstract: Systems and methods are provided for retrieving a set of code changes to source code from a source code repository, analyzing the set of code changes to generate a vector representation of each code change of the set of code changes, analyzing the vector representation of each code change of the set of code changes using a trained security-relevant code detection machine learning model, receiving a prediction from the security-relevant code detection machine learning model representing a probability that each code change of the set of code changes contains security-relevant changes, analyzing the prediction to determine whether the prediction is below or above a predetermined threshold, and generating results based on determining whether the prediction is below or above a predetermined threshold.

Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrix

Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrix

Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrix.

Abstract: A front end receives a request for data specifying a data type. A query handler retrieves data of the data type comprising a plurality of data records from at least one database. The query handler assigns a classification attribute to each data record using a pre-defined classification policy stored in a policy store. A discrimination detection engine statistically evaluates the classification attributes for the data to identify a mutual information metric. The query handler generates a listing of one or more discriminatory attributes and corresponding mutual information metric contributing to discriminatory data patterns based on the mutual information metric.

Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrix

Abstract: A report handler may receive abuse reports from reporters alleging policy violations of network use policies by at least one potential victim, and a source analyzer may determine at least one subset of the reporters. A content analyzer may determine a reference to the at least one potential victim in network activities of the at least one subset, and a review requester may generate a notification of a potential coalition attack against the at least one potential victim, based on the reference in the context of the at least one subset.

Abstract: The method includes determining, using an in-memory database, a privacy risk associated with a resultant dataset of a query, returning, by the in-memory database, an anonymized dataset if the privacy risk is above a threshold value, the anonymized dataset being based on an anonymization, by the in-memory database, of the resultant dataset, and returning, by the in-memory database, the resultant dataset if the privacy risk is below a threshold value.

Abstract: The invention concerns a data anonymity measuring device for selectively transmitting an anonymized database to a third party comprising: calculation means (402) coupled to at least one memory, the memory storing an original database (204) and said anonymized database (206), said calculation means arranged to calculate the conditional entropy for each entry in said anonymized database based on entries in said original database; comparing means (406) arranged to compare at least one of said conditional entropies with a threshold value; and output means (410) arranged to transmit said anonymized database based on the result of said comparison.

Abstract: The embodiments encompass an apparatus for generating security checks including a model editor configured to annotate at least one element in an architectural source model with security requirement information and countermeasure information. The security requirement information identifies the at least one element and provides a textual description of a corresponding security requirement, and the countermeasure information identifies the at least one element and indicates a countermeasure type to the corresponding security requirement. The apparatus also includes a code generation engine configured to generate a security check for the countermeasure information based on the countermeasure type.

Abstract: The method includes determining, using an in-memory database, a privacy risk associated with a resultant dataset of a query, returning, by the in-memory database, an anonymized dataset if the privacy risk is above a threshold value, the anonymized dataset being based on an anonymization, by the in-memory database, of the resultant dataset, and returning, by the in-memory database, the resultant dataset if the privacy risk is below a threshold value.

Abstract: A report handler may receive abuse reports from reporters alleging policy violations of network use policies by at least one potential victim, and a source analyzer may determine at least one subset of the reporters. A content analyzer may determine a reference to the at least one potential victim in network activities of the at least one subset, and a review requester may generate a notification of a potential coalition attack against the at least one potential victim, based on the reference in the context of the at least one subset.

Abstract: The embodiments encompass an apparatus for generating security checks including a model editor configured to annotate at least one element in an architectural source model with security requirement information and countermeasure information. The security requirement information identifies the at least one element and provides a textual description of a corresponding security requirement, and the countermeasure information identifies the at least one element and indicates a countermeasure type to the corresponding security requirement. The apparatus also includes a code generation engine configured to generate a security check for the countermeasure information based on the countermeasure type.