Abstract: Methods, systems, and computer program products are described herein for detecting malicious cloud-based resource allocations. Such detection may be achieved using machine learning-based techniques that analyze sequences of cloud-based resource allocations to determine whether such sequences are performed with a malicious intent. For instance, a sequence classification model may be generated by training a machine learning-based algorithm on both resource allocation sequences that are known to be used for malicious purposes and resource allocation sequences that are known to be used for non-malicious or benign purposes. Using these sequences, the machine learning-based algorithm learns what constitutes a malicious resource allocation sequence and generates the sequence classification model.

Abstract: A matching apparatus generates a random number and transmits second encrypted data obtained by performing an operation of first encrypted data of each of first values related to a first binary vector encrypted and the random number to a matching request apparatus; transmits third encrypted data obtained by performing an operation of the second encrypted data and elements of a matching target second binary vector; based on a second value related to the first binary vector encrypted with the encryption key, the encrypted data and the random number, generates and transmits encrypted data and transmits the generated data to a verification apparatus as a query; and determines whether a count number of mismatched elements between the second binary vector and the first binary vector is less than or equal to a predetermined number based on values obtained by decrypting the encrypted data in the query.

Abstract: At least any one of input keys KA0, KA1, KB?0, and KB?1 is set so that the input keys KA0, KA1, KB?0, and KB?1 which satisfy KA1?KA0=KB?1?KB?0=di are obtained, and an output key Kig(I(A), I(B)) corresponding to an output value gi(I(A), I(B)) is set by using the input keys KA0, KA1, KB?0, and KB?1, where input values of a gate that performs a logical operation are I(A), I(B)?{0, 1}, an output value of the gate is gi(I(A), I(B))?{0, 1}, an input key corresponding to the input value I(A) is KAI(A), and an input key corresponding to the input value I(B) is KB?I(B).

Abstract: Example methods are provided for adaptive file access authorization using process access patterns. In a learning mode, attributes and other information, which are associated with applications or with processes that are related to the applications and that attempt to access a file system, are collected and used to generate a policy. In a protected mode, file access requests are examined against the policy, and are granted access to the file system or are denied access to the file system based on the contents of the policy. The policy may be updated so as to adapt to changes in the access patterns and to changes in the application or processes.

Abstract: Techniques are provided herein for contextual embedding of features of operational logs or network traffic for anomaly detection based on sequence prediction. In an embodiment, a computer has a predictive recurrent neural network (RNN) that detects an anomalous network flow. In an embodiment, an RNN contextually transcodes sparse feature vectors that represent log messages into dense feature vectors that may be predictive or used to generate predictive vectors. In an embodiment, graph embedding improves feature embedding of log traces. In an embodiment, a computer detects and feature-encodes independent traces from related log messages. These techniques may detect malicious activity by anomaly analysis of context-aware feature embeddings of network packet flows, log messages, and/or log traces.

Abstract: This patent disclosure provides various embodiments for anonymizing raw surgical procedure videos recorded by a recording device, such as an endoscope camera, during a surgical procedure performed on a patient inside an operating room (OR). In one aspect, a process for anonymizing raw surgical procedure videos recorded by a recording device within an OR is disclosed. This process can begin by receiving a set of raw surgical videos corresponding to a surgical procedure performed within the OR. The process next merges the set of raw surgical videos to generate a surgical procedure video corresponding to the surgical procedure. Next, the process detects image-based personally-identifiable information embedded in the set of raw video images of the surgical procedure video. When image-based personally-identifiable information is detected, the process automatically de-identifies the detected image-based personally-identifiable information in the surgical procedure video.

Abstract: Metadata describing access control capabilities of a database technology resource is received from an access control system. Access restrictions for accessing data of the database resource by users of an application that have a role are received from an application developer. A role maintenance user interface is generated, using the metadata, for assigning the role to users of the application. Attribute values for creating an instance of the role for a user are received, using the role maintenance user interface. The instance of the role is created for the user based on the received attribute values and the access restrictions. A request from the application for the user to access the database resource is received by the access control system when the user is logged into the application. The access restrictions are applied by the access control system in the database resource when the database resource is accessed.

Abstract: A method for protecting a PDF document page-by-page, including the following steps: traversing all the page content stream objects in the PDF document, if any one page content stream object is reused by a plurality of pages, copying the content stream object according to the number of times of same being used; establishing an index table from a PDF page number to the page content stream object in a memory; searching for, according to the page number of the protected page, the corresponding page content stream object from the index table; encrypting stream data of the acquired page content object using the secret key B; adding an encryption identification C to an object dictionary of the encrypted page stream object; respectively creating a cover layer with the same length and width as various protected pages; and placing various cover layers on the top of the protected page.

Abstract: A computer system for executing one or more software applications includes a host computer device configured to execute the one or more software applications. The computer system further includes one or more memory devices configured to cryptographically protect volatile memory of the one or more memory devices. The one or more memory devices are configured to provide access to the cryptographically protected volatile memory for the one or more software applications. The host computer device is configured to execute the one or more software applications by executing a portion of the one or more software applications associated with the cryptographically protected volatile memory using a processor of the one or more memory devices.

Abstract: Disclosed are systems and methods for routing personal data when executing queries, in a client-server architecture. A data structure intended for dispatching to the server is divided at the client side into at least two substructures. These data substructures are dispatched from the client to the server by different routes. One of the routes includes a network node with anonymization module, said node being situated in a regional network different from the regional network in which the server is located and not being in the same intranet as the server or the client. The anonymization module of the node transforms each data substructure dispatched by this route. The data substructures are combined into a structure at the server after being obtained.

Abstract: A Secure Hash Algorithm 256 (SHA-256) expander operates over multiple cycles to convert 16 message words, M(t), into 64 working values, W(t), for input into a SHA-256 compressor. As the expander operates to produce W(t), it computes partial values of W(t) as soon as the necessary data operands are available in cycle time. Once computed, the partial values are retained and shifted and any unneeded original shift source values are discarded. When the shift register outputs finally arrive at the output, W(t) is already computed. The expander allows for one-write-port, one-read-port register files to be used in some integrated circuit embodiments. The expander also leads to improvements in adder delays, energy consumption, and area consumption when implemented as an integrated circuit.