Abstract: Data of a plurality of channels of a spread-spectrum network are received. For example, the data of the plurality of channels of the spread-spectrum network may be captured by a spread-spectrum router (e.g., a WiFi router). The data of the plurality of channels of the spread-spectrum network is analyzed to identify an anomalous cross-channel pattern across the plurality of channels of the spread-spectrum network. For example, the attack may be a sequential attack across each of the channels of the spread-spectrum network. In response to identifying the anomalous cross-channel pattern across the plurality of channels of the spread-spectrum network, an action is taken to protect the spread-spectrum network. For example, the action may be to notify an administrator of the spread-spectrum network that a potential attack is occurring on the spread-spectrum network or to block access to the spread-spectrum router.

Abstract: A first device transmits a request message to a proxy device to forward to a second device. The request message includes a public key. The second device transmits a response message to the proxy device to forward to the first device. The response message includes a cryptographic nonce and is encrypted with the public key. The first device decrypts the response message, and generates a session key based on the nonce and a pre-shared password. The first device generates a session key and transmits a challenge response encrypted with the session key to the proxy device to forward to the second device. The second device generates the session key and decrypts the challenge response with the session key. Upon the second device confirming the challenge response such that a secure session is established, the first and second devices communicate with one another over the secure session.

Abstract: Text screen description data for a terminal-based application is received. For example, the text screen description data may be received via an Application Programming Interface (API) call. The text screen description data comprises a screen description and one or more text field descriptions associated with the screen description. The one or more text field descriptions are associated with one or more text fields. The text screen description data is based on Basic Mapping Support (BMS) mappings. Image data of a screen for the terminal-based application is captured. The captured image data of the screen of the terminal-based application is correlated to the text screen description data for the terminal-based application to identify the one or text fields. As a result, a test script is automatically generated to test the one or more text fields based on the correlation.

Abstract: Method and system to improve keyboard input in an automated test environment. The method includes determining a keyboard layout. The method also includes receiving an input, wherein the input comprises a plurality of characters. The method further includes processing the input to determine an input delay between each character of the plurality of characters and entering each character of the plurality of characters with the determined input delay between each character.

Abstract: One or more characters are input into an auto-complete field. Text of a displayed list of one or more candidate items is retrieved. The text of the displayed list of the one or more candidate items is compared to a predefined candidate item. In response to the text of the displayed list of one or more candidate items not having the predefined candidate item or not being withing a defined ranking, test results are flagged where the predefined candidate item is missing from displayed list of the one or more candidate items or is not withing the defined ranking. This allows the for automated testing of the auto-complete fields.

Abstract: A device, system, and method are provided. In one example, a method for polling for server events is described that includes storing, on a server, a list of events. The method also includes polling, by a client, the server for the list of events. The method includes receiving the list of events stored on the server. The method further includes broadcasting each event in the list of events received to an associated component; and requesting, by each component that receives at least one associated event, component related event data for each associated event.

Abstract: A watermark is generated. The generated watermark is specific to an individual owner of a media. The media may be any type of electronic media, such as, an image, a document, a movie, an audio file, a software application, and/or the like. The watermark is inserted into the media. The watermark in the media is changed when ownership of the media is changed. For example, as the media is sold to a new owner, the new owner's watermark is added to the media so that a chain of title can be verified directly from the media. In addition, the chain of title may also be verified via a blockchain.

Abstract: Large language models (LLMs) are versatile in responding to user questions on a wide variety of topics. However, LLMs suffer from several drawbacks, such as hallucinations, incomplete information, and inability to cite original sources of information. Disclosed herein are systems and methods for using an LLM in a restricted manner to respond to queries regarding document corpora, e.g., documents related to a set of products, such that the impact of these drawbacks is minimized. Information retrieval is coupled with LLMs to build a question and answer (Q&A) system on the text corpora. Complex retrieved information, incorporating human feedback, and recommendations in the Q&A system are provided.

Abstract: An input regarding security characteristics of a project is received. For example, a security characteristic of a project may be insecure storage of data related to confidentiality. The project is scanned for one or more security requirements based on the received security characteristics. A list of security requirements is built for the project based on the received first input. A machine learning process is used to identify addition of one or more security requirements and/or removal of one or more security requirements from the list of security requirements. A first security vulnerability scan is run using the list of security requirements with the one or more additional security requirements and/or the removed one or more security requirements. Results for the first security vulnerability scan are generated and displayed to a user.

Abstract: According to examples, an apparatus may include a processor and a non-transitory computer-readable medium on which is stored machine readable instructions that may cause the processor to receive a prompt for a large language model (LLM). The received prompt may include a query to perform a task on computing data through in-context learning in the LLM. The LLM may be fine-tuned on the computing data. In response to the received prompt, the processor may cause the LLM to learn the task via the in-context learning in the LLM. The processor may cause the LLM to output a completion in response to the query for the task. The completion may be generated by performing the learned task on the computing data in the LLM.

Abstract: Embodiments of the disclosure provide systems and methods for detecting malicious software packages. Detecting malicious software packages can include collecting information identifying one or more known malicious software component classifiers, collecting information identifying one or more known suspicious community behavior classifiers associated with the one or more known malicious software component classifiers and receiving a software package including software components.

Abstract: Source code for a type of malware is received. For example, the source code may be source code from a type of computer virus. An Artificial Intelligence (AI) algorithm is identified. For example, the AI algorithm may be ChatGPT. The source code of the type of malware is run through the AI algorithm to produce mutated source code for the type of malware. A prediction algorithm is used to predict a signature of the mutated source code for the type of malware. For example, the prediction algorithm is trained using existing source code of different types of malware to generate a prediction model. The signature of the mutated source code for the type of malware is then compared to a signature of a potentially new type of malware to determine if the signatures are similar.

Abstract: A current thread pattern is identified. For example, a thread pattern of a running software application is identified. Current resource information associated with the current thread pattern is identified. For example, the current resource information may include disk usage, packets sent, ports used, accounts created, etc. The current thread pattern and the current resource information associated with the current thread pattern are compared to an existing malicious thread pattern associated with a type of malware and existing malicious resource information associated with the existing thread pattern. A determination is made if the comparison meets a threshold. For example, if the current thread pattern is 90% similar to the existing malicious thread pattern and the current resource information is within 75% of the existing malicious resource information, the threshold is met. In response to the comparison meeting the threshold, an action is taken to mitigate the type of malware.

Abstract: Documents are often generated using a customer communication management (CCM) application that utilizes rules to select and/or modify certain fragments of a document. By analyzing the rules and content that produced a certain fragment, a second CCM application may be automatically provided with the rules, such as when the first set of rules are not available for porting to a second system. Accordingly, a server may access a rule comprising a condition, a document fragment, and a rule identifier. A server may generate a first document to comprise visible content and hidden content. Generating the first document may comprise evaluating the rule and, when the rule is true, including the document fragment as a portion of the visible content and including the rule identifier as a portion of hidden content. A server may provide the first document to a destination.

Abstract: Identifying and resolving weaknesses in software are common, resource-intensive tasks for many organizations. Machine-learning models are provided to automatically identify software vulnerabilities or other flaws, such as via entries in a weakness or vulnerability database, identify affected software, generate patches to resolve the vulnerabilities, and apply the patch to affected software. The patch is automatically extracted from code deltas between a software version having the weakness and a subsequent version wherein the weakness has been resolved. Other differences between the versions, not affecting the weakness, are excluded from the code deltas.

Abstract: Devices with low or no security are often added to networks. These devices have the ability to utilize the network and, accordingly, may pose a security risk. Systems and methods herein enable a device to be added to a network and, if the resulting new traffic matches a template, the device is established on an automatically created virtual local area network (VLAN) used solely for the new device. A router is automatically configured to allow traffic that matches the type of device that was newly added, but if other traffic is detected, the device may be treated as a threat and managed accordingly.

Abstract: Strings of a text file representing a configuration of a target device are respectively tokenized into tokens for the configuration. The tokens for the configuration are shingled. A target device signature representing the configuration of the target device is generated by applying a min-wise independent permutations locality sensitive hashing (MinHash) technique to the tokens as have been shingled. Whether the configuration of the target device is anomalous is identified based on the target device signature.

Abstract: A sandbox database is created. The sandbox database is typically a temporary database. For example, the sandbox database may be a test database for evaluating a new version of software. Creating the sandbox database comprises creating a sandbox cache in the sandbox database and copying metadata from a main database to the sandbox database. The sandbox cache is used to store record(s) that are accessed during the use of the sandbox database. The metadata is used to reference the record(s). This allows for a simpler process for creating a temporary database to be used for testing software.

Abstract: Software developers and security personnel routinely scan code to look for threats, such as security vulnerabilities. While such scans are useful, they are unable to determine the actual data provided to a client device executing a web application. By monitoring the web traffic to a client, the libraries utilized by the web application may be determined by name, version, and vendor. With the library identified, the libraries may be provided to one or more repositories of vulnerabilities to identify the particular vulnerabilities of the library. With the vulnerability identified, a resolution (e.g., version wherein the vulnerability was fixed) may be identified and/or other action to mitigate the vulnerability.

Abstract: A plaintext is received. For example, a plaintext may be a text record that is to be encrypted and then stored in a database. A determination is made to see if a size of the plaintext is above a threshold. The threshold is based on an efficiency of a Format Preserving Encryption (FPE) algorithm. In response to the size of the plaintext being above the threshold: the plaintext is divided into a plurality of blocks based on a block size; each of the blocks are individually encrypted using the FPE algorithm; and each of the blocks are stored as a single FPE cyphertext. This makes the FPE encryption process much more effacement than has previously been achieved. For example, the FPE process may be 30% more efficient depending on the size of the plain text.