Abstract: In multi-threaded or multi-processor computing systems, a deadlock may occur when two or more processes or threads are unable to proceed because they are each waiting for a resource that the other holds. As a result, progress is halted because conflicting entities are stuck in a circular dependency, and none can release the resources they hold to let the others continue. Systems and methods are provided wherein a resource reservation is carried out in two steps. The first step causes query nodes to add an identifier to a queue and, upon a request and the identifier being in a first position, a non-sharable resource is reserved. As a result, non-sharable resources are reserved in order and when needed, thereby preventing deadlocks.

Abstract: A system includes a processor and a memory. When executed by the processor, the processor is caused to receive a document including at least one of structured data, semi-structured data, and unstructured data, analyze the metadata in the structured format to generate features enhancing the metadata in the structured format, produce classification data for the document based on the features enhancing the metadata in the structured format and the content in the unstructured format, automatically classify the document based on the classification data and store the classification data in a database structure. The classification data is used to effectively search for the document. The structured data includes metadata about the document in a structured format, the semi-structured data includes content of the document in an unstructured format and metadata about the document in the structured format and the unstructured data includes the content of the document in the unstructured format.

Abstract: A training corpus for training a similarity algorithm is retrieved. For example, the training corpus may be source code of a software application. The similarity algorithm is trained using the training corpus. A network is crawled to identify data. For example, the Internet may be randomly crawled to identify source code. The data is run through the similarity algorithm to determine a likely match between the training corpus and the identified data on the network. In response to determining the likely match between the training corpus and the identified data on the network, an action is taken. For example, the action may be to identify a particular website as containing illegally copied source code of the software application.

Abstract: Systems and methods are disclosed to develop and use a tool to enable an application package to be instrumented with automatic real user monitoring (RUM) without accessing the original source code. A package, such as Android application bundle (AAB) or Android package kit (APK), is imported and decoded and a generated source code file and/or manifest is obtained. Instrumentation is then added at a location corresponding to a code signature in the generated source code file (e.g., an operation to be instrumented before and/or after the operation). The generated source code file is then compiled and packaged into an APK and/or AAB file. The resulting application package is available for downloading, installation, and use on user devices with the instrumentation having been automatically added and without access to the original source code.

Abstract: A current software tool is identified. The current software tool is used to manage and/or create a current corresponding software. For example, the current software tool may be a compiler and the current corresponding software may be a binary executable. A current mapping is generated between code provided to the current software tool and the current corresponding software using a first Artificial Intelligence (AI) algorithm. A comparison between the current mapping and a learned mapping is made to determine if the current software tool is manipulating the current corresponding software in an abnormal way. The learned mapping is based on historical code input into historical software tools and corresponding historical code output from the historical software tools. In response to determining that the current software tool is manipulating the current corresponding software in an abnormal way, the current software tool is identified as being compromised or likely compromised.

Abstract: A security orchestration, automation, and response (SOAR) playbook is often selected to address an incident, such as a fault or attack (e.g., malware, a phishing attack, etc.) on a computer system or component. However, when the incident is new, manual resolution is often utilized to address the incident. By utilizing a neural network trained to identify similarities in a new incident, the neural network can select a SOAR playbook and optionally automatically deploy the playbook to address the incident.

Abstract: Containerized platforms like Kubernetes, OpenShift, EKS (Elastic Kubernetes Service), etc., containerize and orchestrate applications. There are mature solutions for discovering and modeling applications running in physical and virtualized machines, and for containerized platforms, there are solutions for discovering and modeling infrastructure like namespaces, controllers, and pods. While beneficial, such models are incomplete. Accordingly, systems and methods are provided herein for discovering applications and modeling resources utilized for the applications or product suites. As a result, version mismatches or unplanned changes may be detected and corrected.

Abstract: A first device transmits a request message to a proxy device to forward to a second device. The request message includes a public key. The second device transmits a response message to the proxy device to forward to the first device. The response message includes a cryptographic nonce and is encrypted with the public key. The first device decrypts the response message, and generates a session key based on the nonce and a pre-shared password. The first device generates a session key and transmits a challenge response encrypted with the session key to the proxy device to forward to the second device. The second device generates the session key and decrypts the challenge response with the session key. Upon the second device confirming the challenge response such that a secure session is established, the first and second devices communicate with one another over the secure session.

Abstract: Data of a plurality of channels of a spread-spectrum network are received. For example, the data of the plurality of channels of the spread-spectrum network may be captured by a spread-spectrum router (e.g., a WiFi router). The data of the plurality of channels of the spread-spectrum network is analyzed to identify an anomalous cross-channel pattern across the plurality of channels of the spread-spectrum network. For example, the attack may be a sequential attack across each of the channels of the spread-spectrum network. In response to identifying the anomalous cross-channel pattern across the plurality of channels of the spread-spectrum network, an action is taken to protect the spread-spectrum network. For example, the action may be to notify an administrator of the spread-spectrum network that a potential attack is occurring on the spread-spectrum network or to block access to the spread-spectrum router.

Abstract: Text screen description data for a terminal-based application is received. For example, the text screen description data may be received via an Application Programming Interface (API) call. The text screen description data comprises a screen description and one or more text field descriptions associated with the screen description. The one or more text field descriptions are associated with one or more text fields. The text screen description data is based on Basic Mapping Support (BMS) mappings. Image data of a screen for the terminal-based application is captured. The captured image data of the screen of the terminal-based application is correlated to the text screen description data for the terminal-based application to identify the one or text fields. As a result, a test script is automatically generated to test the one or more text fields based on the correlation.

Abstract: Method and system to improve keyboard input in an automated test environment. The method includes determining a keyboard layout. The method also includes receiving an input, wherein the input comprises a plurality of characters. The method further includes processing the input to determine an input delay between each character of the plurality of characters and entering each character of the plurality of characters with the determined input delay between each character.

Abstract: One or more characters are input into an auto-complete field. Text of a displayed list of one or more candidate items is retrieved. The text of the displayed list of the one or more candidate items is compared to a predefined candidate item. In response to the text of the displayed list of one or more candidate items not having the predefined candidate item or not being withing a defined ranking, test results are flagged where the predefined candidate item is missing from displayed list of the one or more candidate items or is not withing the defined ranking. This allows the for automated testing of the auto-complete fields.

Abstract: A device, system, and method are provided. In one example, a method for polling for server events is described that includes storing, on a server, a list of events. The method also includes polling, by a client, the server for the list of events. The method includes receiving the list of events stored on the server. The method further includes broadcasting each event in the list of events received to an associated component; and requesting, by each component that receives at least one associated event, component related event data for each associated event.

Abstract: A watermark is generated. The generated watermark is specific to an individual owner of a media. The media may be any type of electronic media, such as, an image, a document, a movie, an audio file, a software application, and/or the like. The watermark is inserted into the media. The watermark in the media is changed when ownership of the media is changed. For example, as the media is sold to a new owner, the new owner's watermark is added to the media so that a chain of title can be verified directly from the media. In addition, the chain of title may also be verified via a blockchain.

Abstract: Large language models (LLMs) are versatile in responding to user questions on a wide variety of topics. However, LLMs suffer from several drawbacks, such as hallucinations, incomplete information, and inability to cite original sources of information. Disclosed herein are systems and methods for using an LLM in a restricted manner to respond to queries regarding document corpora, e.g., documents related to a set of products, such that the impact of these drawbacks is minimized. Information retrieval is coupled with LLMs to build a question and answer (Q&A) system on the text corpora. Complex retrieved information, incorporating human feedback, and recommendations in the Q&A system are provided.

Abstract: An input regarding security characteristics of a project is received. For example, a security characteristic of a project may be insecure storage of data related to confidentiality. The project is scanned for one or more security requirements based on the received security characteristics. A list of security requirements is built for the project based on the received first input. A machine learning process is used to identify addition of one or more security requirements and/or removal of one or more security requirements from the list of security requirements. A first security vulnerability scan is run using the list of security requirements with the one or more additional security requirements and/or the removed one or more security requirements. Results for the first security vulnerability scan are generated and displayed to a user.

Abstract: According to examples, an apparatus may include a processor and a non-transitory computer-readable medium on which is stored machine readable instructions that may cause the processor to receive a prompt for a large language model (LLM). The received prompt may include a query to perform a task on computing data through in-context learning in the LLM. The LLM may be fine-tuned on the computing data. In response to the received prompt, the processor may cause the LLM to learn the task via the in-context learning in the LLM. The processor may cause the LLM to output a completion in response to the query for the task. The completion may be generated by performing the learned task on the computing data in the LLM.

Abstract: Embodiments of the disclosure provide systems and methods for detecting malicious software packages. Detecting malicious software packages can include collecting information identifying one or more known malicious software component classifiers, collecting information identifying one or more known suspicious community behavior classifiers associated with the one or more known malicious software component classifiers and receiving a software package including software components.

Abstract: Source code for a type of malware is received. For example, the source code may be source code from a type of computer virus. An Artificial Intelligence (AI) algorithm is identified. For example, the AI algorithm may be ChatGPT. The source code of the type of malware is run through the AI algorithm to produce mutated source code for the type of malware. A prediction algorithm is used to predict a signature of the mutated source code for the type of malware. For example, the prediction algorithm is trained using existing source code of different types of malware to generate a prediction model. The signature of the mutated source code for the type of malware is then compared to a signature of a potentially new type of malware to determine if the signatures are similar.

Abstract: A current thread pattern is identified. For example, a thread pattern of a running software application is identified. Current resource information associated with the current thread pattern is identified. For example, the current resource information may include disk usage, packets sent, ports used, accounts created, etc. The current thread pattern and the current resource information associated with the current thread pattern are compared to an existing malicious thread pattern associated with a type of malware and existing malicious resource information associated with the existing thread pattern. A determination is made if the comparison meets a threshold. For example, if the current thread pattern is 90% similar to the existing malicious thread pattern and the current resource information is within 75% of the existing malicious resource information, the threshold is met. In response to the comparison meeting the threshold, an action is taken to mitigate the type of malware.