Abstract: A determination is made to see if a user has authenticated to a computer system using a plurality of authentication levels. For example, the user may have had a first session where the user is authenticated at authentication level one and a second session where the user is authenticated at authentication level two. Behavior of the user is separately tracked at each of the plurality of authentication levels to identify separate usage patterns of the user at each of the plurality of authentication levels. Anomalous behavior of the user is identified based on one or more variations from the separate usage patterns of the user at, at least one of the plurality of authentication levels. An action is taken based on identifying the anomalous behavior of the user. For example, the user's account may be locked, or an administrator may be notified.

Abstract: Text screen description data for a terminal-based application is received. For example, the text screen description data may be received via an Application Programming Interface (API) call. The text screen description data comprises a screen description and one or more text field descriptions associated with the screen description. The one or more text field descriptions are associated with one or more text fields. The text screen description data is based on Basic Mapping Support (BMS) mappings. Image data of a screen for the terminal-based application is captured. The captured image data of the screen of the terminal-based application is correlated to the text screen description data for the terminal-based application to identify the one or text fields. As a result, a test script is automatically generated to test the one or more text fields based on the correlation.

Abstract: One or more characters are input into an auto-complete field. Text of a displayed list of one or more candidate items is retrieved. The text of the displayed list of the one or more candidate items is compared to a predefined candidate item. In response to the text of the displayed list of one or more candidate items not having the predefined candidate item or not being withing a defined ranking, test results are flagged where the predefined candidate item is missing from displayed list of the one or more candidate items or is not withing the defined ranking. This allows the for automated testing of the auto-complete fields.

Abstract: A watermark is generated. The generated watermark is specific to an individual owner of a media. The media may be any type of electronic media, such as, an image, a document, a movie, an audio file, a software application, and/or the like. The watermark is inserted into the media. The watermark in the media is changed when ownership of the media is changed. For example, as the media is sold to a new owner, the new owner's watermark is added to the media so that a chain of title can be verified directly from the media. In addition, the chain of title may also be verified via a blockchain.

Abstract: A device, system, and method are provided. In one example, a method for polling for server events is described that includes storing, on a server, a list of events. The method also includes polling, by a client, the server for the list of events. The method includes receiving the list of events stored on the server. The method further includes broadcasting each event in the list of events received to an associated component; and requesting, by each component that receives at least one associated event, component related event data for each associated event.

Abstract: Large language models (LLMs) are versatile in responding to user questions on a wide variety of topics. However, LLMs suffer from several drawbacks, such as hallucinations, incomplete information, and inability to cite original sources of information. Disclosed herein are systems and methods for using an LLM in a restricted manner to respond to queries regarding document corpora, e.g., documents related to a set of products, such that the impact of these drawbacks is minimized. Information retrieval is coupled with LLMs to build a question and answer (Q&A) system on the text corpora. Complex retrieved information, incorporating human feedback, and recommendations in the Q&A system are provided.

Abstract: An input regarding security characteristics of a project is received. For example, a security characteristic of a project may be insecure storage of data related to confidentiality. The project is scanned for one or more security requirements based on the received security characteristics. A list of security requirements is built for the project based on the received first input. A machine learning process is used to identify addition of one or more security requirements and/or removal of one or more security requirements from the list of security requirements. A first security vulnerability scan is run using the list of security requirements with the one or more additional security requirements and/or the removed one or more security requirements. Results for the first security vulnerability scan are generated and displayed to a user.

Abstract: A secondary fragment of an encryption key is received. The secondary fragment is associated with an authentication process of a user. The secondary fragment is one of a plurality of secondary fragments of the encryption key. The user is authenticated (e.g., by validating a username/password). The encryption key is regenerated using the secondary fragment and a primary fragment of the encryption key. In response to regenerating the encryption key using the secondary fragment and the primary fragment, and authenticating the user: access is granted, to the user, by unencrypting an encrypted data record using the regenerated encryption key.

Abstract: Examples relate to detecting an abnormality. The examples disclosed herein enable receiving, from a first user, a first request to perform a first transaction on at least one data record. A plurality of transactions originated from the first request may be organized in a first hierarchical tree-based data structure having multiple depth levels. The data structure may comprise a root node representing the first transaction and a leaf node representing a second transaction. The examples further enable detecting the abnormality based on at least one parameter where the at least one parameter comprises a size of the data structure and a depth level associated with the leaf node.

Abstract: A system receives a source database language statement according to a first dialect, determines a pattern of the source database language statement, the pattern comprising an abstract representation of the source database language statement, and checks whether the determined pattern is present in a cache of translations between patterns according to the first dialect and corresponding patterns according to a second dialect different from the first dialect. In response to the determined pattern being present in the cache of translations, the system converts, using a corresponding translation in the cache of translations, the source database language statement according to the first dialect to a respective target database language statement according to the second dialect.

Abstract: To write forgettable data to a blockchain, the forgettable data is transmitted to a server, from which encrypted data corresponding to the forgettable data are received. A hash of the forgettable data is generated. A data block including the encrypted data and control data including the hash is added to the blockchain.

Abstract: A request is received to deploy a configuration on a computing resource. A compliance check on the configuration is performed according to a policy to determine whether deployment of the configuration on the computing resource is permitted. In response to determining that the deployment of the configuration on the computing resource is permitted, a deployer for the computing resource is controlled to deploy the configuration on the computing resource.

Abstract: According to examples, an apparatus may include a processor that may identify sensitive information in a recording of an automated test script that is replayed to automatically test a graphical user interface (GUI) of an application under test (AUT). The apparatus may identify the sensitive information during the recording such that sensitive information is identified as the automated test is recorded or afterward based on an analysis of the recording. as based on user input that identifies the sensitive information (or areas containing the sensitive information), automated text analysis, or automated image analysis such as machine-learning based object detection. Once sensitive information (or area) is identified, the apparatus may generate and apply a mosaic to obscure the sensitive information (or area).

Abstract: In some examples, a system represents tasks of a project as feature nodes of a force-directed graph, and connects, in the force-directed graph, sub-feature nodes representing sub-features associated by links to the feature nodes in the force-directed graph. The system sets a size of each respective sub-feature node of the sub-feature nodes based on an amount of resource usage expended on a respective sub-feature represented by the respective sub-feature node. The system causes display of the force-directed graph, and collapses or expands a portion of the force-directed graph responsive to user interaction with the force-directed graph.

Abstract: According to examples, an apparatus may include a processor and a non-transitory computer-readable medium on which is stored machine readable instructions that may cause the processor to receive a prompt for a large language model (LLM). The received prompt may include a query to perform a task on computing data through in-context learning in the LLM. The LLM may be fine-tuned on the computing data. In response to the received prompt, the processor may cause the LLM to learn the task via the in-context learning in the LLM. The processor may cause the LLM to output a completion in response to the query for the task. The completion may be generated by performing the learned task on the computing data in the LLM.

Abstract: Embodiments of the disclosure provide systems and methods for detecting malicious software packages. Detecting malicious software packages can include collecting information identifying one or more known malicious software component classifiers, collecting information identifying one or more known suspicious community behavior classifiers associated with the one or more known malicious software component classifiers and receiving a software package including software components.

Abstract: A current thread pattern is identified. For example, a thread pattern of a running software application is identified. Current resource information associated with the current thread pattern is identified. For example, the current resource information may include disk usage, packets sent, ports used, accounts created, etc. The current thread pattern and the current resource information associated with the current thread pattern are compared to an existing malicious thread pattern associated with a type of malware and existing malicious resource information associated with the existing thread pattern. A determination is made if the comparison meets a threshold. For example, if the current thread pattern is 90% similar to the existing malicious thread pattern and the current resource information is within 75% of the existing malicious resource information, the threshold is met. In response to the comparison meeting the threshold, an action is taken to mitigate the type of malware.

Abstract: Source code for a type of malware is received. For example, the source code may be source code from a type of computer virus. An Artificial Intelligence (AI) algorithm is identified. For example, the AI algorithm may be ChatGPT. The source code of the type of malware is run through the AI algorithm to produce mutated source code for the type of malware. A prediction algorithm is used to predict a signature of the mutated source code for the type of malware. For example, the prediction algorithm is trained using existing source code of different types of malware to generate a prediction model. The signature of the mutated source code for the type of malware is then compared to a signature of a potentially new type of malware to determine if the signatures are similar.

Abstract: Results of an authentication process are received. The authentication process allows for a graded level of authentication using a plurality of authentication types (e.g., a username/password and a fingerprint scan). Encrypted data is then accessed. The encrypted data has been encrypted using a plurality of encryption levels. The data is unencrypted based on the graded level of authentication. In a second embodiment, a system and method are provided that establish a communication session (e.g., a voice or email communication session). The communication session is between a plurality of users. During the communication session, an indication is received to change an encryption level for the communication session. In response to receiving the indication to change the encryption level for the communication session, an encryption level of the first communication session is dynamically changed from a first level of encryption to a second level of encryption.

Abstract: A system includes a processor and a memory coupled with and readable by the processor and storing therein a set of instructions. When executed by the processor, the processor is caused to receive application events associated with an application and create data records based on the application events. The processor is further caused to compute an interestingness value for each of the data records based on a goal of the application, assign the computed interestingness value to each of the data records and store each of the data records with the assigned interestingness value.