Abstract: An aspect includes a computer-implemented method that de-identifies data received from microphones. The method includes receiving data from one or more microphones and de-identifying the data. The de-identifying includes inputting the data into a machine learning system that has been trained to detect patterns in the data that are likely to identify a specific entity, and to remove the detected patterns from the data to generate de-identified data. An output from the machine learning system is received, where the output includes the de-identified data. According to some aspects, the microphones can be located in an operating room.

Abstract: Sanitizing data can be a cumbersome task, particularly when the volume of data is large, the content is sensitive, and/or the type of sanitation requires contextual determinations. Sanitizing large amounts of data is tedious and may often require highly trained personnel with clearances and/or other qualifications. In the systems and methods of the present disclosure, language models (LMs) are used to solve these and other technical issues with tools that may allow sanitizing data easily, with high versatility, context awareness, and/or low demand for computational resources. In particular, some of the disclosed systems and methods use a first language model and a second language model (being less resource-intensive than the first language model) to generate sanitized output data with improved efficiency and accuracy. This dual-model approach ensures that sensitive information is handled appropriately while optimizing computer resource usage.

Abstract: A system for analyzing computer systems and networks for potential vulnerabilities to cyber-attacks configured to (i) receive scan data from a scan of a target computer device; (ii) search for one or more vulnerabilities based on the scan data; (iii) determine at least one attack vector based on the one or more vulnerabilities; (iv) generate one or more exploits based on the one or more attack vectors and the one or more vulnerabilities; and (v) execute the one or more exploits on the target computer device.

Abstract: One method includes monitoring a ransomware risk measure, when the ransomware risk measure indicates the presence of a suspected ransomware process, determining if it is time to overwrite a snapshot stored in backup data storage, and when it is time to overwrite the snapshot, moving the snapshot from the backup data storage to a vault to free space in the backup data storage for new snapshots that continue to be taken after the presence of suspected ransomware is indicated.

Abstract: A method for detecting slow HTTP DoS (SHD) attacks in a backbone network can detect three different types of SHID attacks. The method is divided into an off-line training phase and an on-line detection phase. In the off-line training phase, several types of representative unidirectional traffic features are extracted according to attack characteristics of different SHD types and corresponding feature groups are built, where these features can effectively deal with a large amount of unidirectional traffic in backbone networks; a public backbone network dataset is systematically sampled and data are stored in combination with Count-min Sketch, which greatly minimizes storage and computational overhead required in the backbone networks; and a specific machine learning algorithm is used for training to obtain attack detection models. The method can be used for detecting and warning SHD attacks in mass traffic scenarios such as backbone networks to provide a basis for maintaining network security.

Abstract: An asset risk assessment method, an apparatus, a computer device, and a storage medium are provided. The asset risk assessment method includes: receiving an alert message of an asset to be assessed; obtaining an attack depth of the alert message based on the alert message, and the attack depth being a degree to which the asset to be assessed is subjected to attack; obtaining a security feature value of the asset to be assessed; obtaining a feature weight of the security feature value based on the attack depth; and performing a risk assessment of the asset to be assessed based on the security feature value and the feature weight thereof, to obtain a risk assessment result.

Abstract: An onboarding request is received from a user to utilize a recommendation service. The onboarding request contains personal data (including an onboarding user identifier and a serial number requesting a stated number of credits), encrypted with a commuting function C, along with clear text account details. A blind trust is established with the user, and the recommendation service signs the onboarding request with a signing function S and sends the signed onboarding request to the user to perform a blind onboarding of the user. A consumption request is then received (e.g., a call to get recommendations) from the user including a consumption user identifier and an approved credits document. The recommendation service can then update a user-item matrix that maps user identifiers with available items and transmit an item recommendation to the user, based on the user-item matrix, and expire the approved credits document by a consumption amount.

Abstract: A system for conducting cyberthreat analytics on a submitted object to determine whether the object is malicious is described. The system features a cybersecurity system operating with a cloud platform, which is configured to host resources including cloud processing resources and cloud storage resources. The cybersecurity system is configured to analyze one or more received objects included as part of a submission received from a subscriber after authentication of the subscriber and verification that the subscriber is authorized to perform one or more tasks associated with the submission. The cybersecurity system is configured to operate as a multi-tenant Security-as-a-Service (SaaS) that relies upon the cloud processing resources and the cloud storage resources provided by the cloud platform in performing the cybersecurity operations.

Abstract: A system may maintain historical vehicle information, collected from multiple vehicles in a vehicle transportation network, in a historical database. The historical vehicle information for a vehicle may include historical data elements corresponding to data types. The system may receive a user request via a communications network. The system may determine, based on the user request, to respond with a historical data element from the historical database or a current data element from current vehicle information collected from a current vehicle that is active in the vehicle transportation network. The system may return a response to the user request via the communications network. The response may include the historical data element or the current data element.

Abstract: Systems, methods, and related technologies for analyzing traffic are described. In certain aspects, network traffic is analyzed and a domain name system (DNS) message is extracted from the network traffic. Subsequent network traffic is monitored and analyzed based on the DNS message and in view of one or more criteria. In response to the one or more criteria being satisfied, an indication of compromise (IoC) for a device is determined.

Abstract: The present disclosure provides example terminal devices, road side units, and servers. One example terminal device performs operations including sending certificate request information to a certificate authority server, where the certificate request information includes identity information of the terminal device. A communication key sent by the certificate authority server is received by the terminal device. Encrypted information that is sent by a road side unit is received by the terminal device, where the encrypted information is information encrypted by using the communication key. The encrypted broadcast information is decrypted by the terminal device by using the communication key.

Abstract: A method and an apparatus for Wi-Fi connection based on Wi-Fi Protected Setup (WPS) in a portable terminal are provided. The method includes entering a group owner mode of Wi-Fi Direct when enabling of WPS is requested, after entering the group owner mode, entering a WPS session mode where the portable terminal is operable in a WPS registrar mode, determining whether an Access Point (AP) whose WPS session of the WPS registrar mode is enabled or a device whose group owner mode is enabled, exists nearby, and when an AP whose WPS registrar mode is enabled is discovered, disabling the WPS registrar mode and the group owner mode, enabling a WPS session where the portable terminal is to operate in a WPS enrollee mode, and accessing the discovered AP.

Abstract: A method, an apparatus and a computer program for tracking location of users without disclosing Personally Identifiable Information (PII). The method comprises analyzing sequences of location events of a user over time to determine a Point Of Interest (POI) of the user. In response to determining that the POI is PII-revealing POI; obfuscating the POI, by generating a pseudolocation identifier of the POI indicative of a semantic meaning thereof to the user without revealing a geographic location of the POI. The method further comprises generating an anonymized sequence of location events of the user based on the sequence of location events, that comprises the pseudolocation identifier to represent location events associated with the POI, and absent of the geographic location thereof. The anonymized sequence of location events may be provided a third party to analyze behavior of the user without divulging identity of the user.

Abstract: A biometric evaluation system for a vehicle includes a vision sensor configured to detect a biometric quality of a user. The biometric evaluation system also includes an operational system for the vehicle. At least one processor is in communication with the vision sensor. The processor is configured to execute a first classification algorithm that performs a first biometric validation based on the biometric quality to estimate a state of the user. The first classification algorithm requires a first service latency. In response to an outcome of the first biometric validation, the at least one processor is further configured to execute a second classification algorithm that performs a second biometric validation to confirm the state of the user. The second classification algorithm requires a second service latency greater than the first service latency. The processor is further configured to communicate a signal to modify operation of the vehicle.

Abstract: Described herein are systems and methods for discovering and proactively mitigating previously unknown security vulnerabilities. The systems and methods herein can utilize security vulnerability information to discover potential security threats and can utilize this information to generate an attack using a machine learning model, such as a large language model. Generated attacks can be carried out to assess impact of a security vulnerability. An output can be provided that represents the assessed impact. In some implementations, the systems and methods herein generate patches or other mitigations for security vulnerabilities, which can be tested and deployed to address security vulnerabilities.

Abstract: A method for training a machine learning model using information pertaining to characteristics of upload activity performed at one or more client devices includes generating first training input including (i) information identifying, for each of the application categories, a frequency of upload activity that corresponds to uploading first amounts of data during a specified time interval. The method includes generating a first target output that indicates whether the frequency of upload activity that corresponds to uploading the first amounts of data corresponds to malicious or non-malicious upload activity. The method includes providing the training data to train the machine learning model on (i) a set of training inputs including the first training input, and (ii) a set of target outputs including the first target output.

Abstract: An embodiment of the present invention is directed to implementing an AI security platform that secures AI/ML models while keeping the configuration and implementation simple and streamlined. An embodiment of the present invention is directed to delivering visibility on AI models across an entire organization.

Abstract: The technology disclosed works in real time, as base and subordinate HTTP and HTTPS URL requests are received, to attribute subordinate requests to base web pages. The main case uses the “referrer” or “referrer” HTTP header field for attribution, directly and through a referrer hierarchy to the base web page. A second case, which minimizes false generation of base web page log entries, involves small files, such as cascading style sheets (CSS) files, that often have a blank or no referrer field.

Abstract: An illustrative data storage management system uses a control layer that controls information content presented to users and ensures information privacy between diverse tenants and/or resellers who share the system. The system populates a relationship database as transactions roll in (intake processing), and uses information in the relationship database later when processing responses (output processing). The relationship database comprises associations between e.g., a company ID and any number of entities that were created by or on behalf of the company or that are related to the company's service in the system. The control layer parses raw results that are responsive to requests for information and prevents others' information from being included in the responsive message(s). The techniques disclosed herein are not limited to shared systems managed by service providers, and may be implemented in fully owned and operated systems to add security and privacy among diverse users and/or departments.

Abstract: Systems and methods for mapping IP addresses to an entity include receiving at least one domain name associated with the entity. Embodiments may further include determining one or more variations of the at least one domain name based on analysis of domain name data collected from a plurality of domain name data sources that mention a variation of the at least one domain name. Some embodiments may also include identifying one or more IP addresses pointed to by the one or more variations of the entity's domain name based on analysis of IP address data collected from a plurality of IP address data sources. Additional embodiments include assigning weights to each of the identified one or more IP addresses and creating a mapping of IP addresses to associate with the entity based on analysis of the weighted one or more IP addresses.