Abstract: Aspects of the disclosure relate to using machine learning to modify account privacy settings. A computing platform may identify initial account settings for an individual of a plurality of individuals. Using a settings optimization model, the computing platform may identify account data and third party data for the individual. Using the settings optimization model, the computing platform may identify discrepancies between the initial account settings for the first individual and account settings for a subset of the plurality of individuals having common characteristics with the individual. Based on the discrepancies, the computing platform may identify settings modifications for the individual, and may determine that a modification of the settings modifications applies to a detected interaction of the individual. The computing platform may direct an enterprise data source to perform the modification, which may cause the enterprise data source to modify the initial account settings based on the modification.

Abstract: A data analytics system is disclosed that can include a data repository configured to store data for multiple clients, a metadata repository separate from the data store, an access control system, and a policy store. The data analytics system can automatically generate metadata for data in the data repository using a metadata engine, the metadata including technical metadata and usage metadata, and store the metadata in the metadata repository. The data analytics system can obtain a client policy governing access to the data. The data analytics system can receive a request to provide the data, the request including instructions to create a pipeline to provide the data. The data analytics system can authorize, by the access control system, the request using the policy and usage metadata; create the pipeline using the technical metadata; and provide the data using the pipeline.

Abstract: Techniques provided herein employ a device monitoring service to provide task to content consumption devices that are steaming digital media from the streaming infrastructure. The tasks, when implemented by the content consumption devices, may reveal differences in task performance between authorized devices, which have the authorization to access the digital media, and imposter devices, which exploit vulnerabilities in the streaming pipeline to access the digital media. In addition, the techniques provided herein may include a machine learning/artificial intelligence model that is trained to recognize authorized and imposter content consumption devices based on their task performance.

Abstract: The present disclosure provides systems, methods, and computer-readable media for implementing security polices at software call stack level. In one example, a method includes generating a call stack classification scheme for an application, detecting a call stack during deployment of the application; using the call stack classification scheme during runtime of the application, classifying the detected call stack as one of an authorized call stack or an unauthorized call stack to yield a classification; and applying a security policy based on the classification.

Abstract: The present techniques may provide improved processing and functionality of performance of the 128-bit AES Algorithm, which may provide improved power consumption. For example, in an embodiment, an encryption and decryption apparatus may comprise memory storing a current state matrix of an encryption or decryption process and a plurality of multiplexers configured to receive from the memory current elements of the state matrix stored in the memory, perform a cyclic shift on the received elements of the state matrix, and transmit the shifted elements to the memory for storage as a new state matrix.

Abstract: Secure data analytics is provided via a process that identifies sensitive data fields of an initial dataset and mappings between the sensitive data fields and other data fields of the dataset, where analytics processing is to be performed on the initial dataset, then, based on an expectation of data fields, of the initial data set, to be used in performance of the analytics processing and on the identified sensitive data fields, selects and applies a masking method to the initial dataset to mask the sensitive data fields and produce a masked dataset, provides the masked dataset to an analytics provider with a request for the analytics processing, and receives, in response, a generated analytics function, generated based on the masked dataset, that is configured to perform the analytics processing, and invokes the generated analytics function against the initial dataset to perform the analytics processing on the initial dataset.

Abstract: Aspects of the disclosure relate to information masking. A user device may receive a request to access information that includes personal identifiable information (PII) and retrieve source data comprising the PII. The user device may mask, within the source data and based on a data management policy, the PII, resulting in masked information. The user device may display the masked information. The user device may receive a request to unmask the masked information and unmask the PII, resulting in unmasked PII. The user device may display the unmasked PII and send unmasking event information to a PII footprint modeling platform, which may cause the PIT footprint modeling platform to: log the request to unmask the masked information in an unmasking event log, 2) apply a machine learning model to the unmasking event log to identify malicious events, and 3) trigger remediation actions based on identification of the malicious events.

Abstract: A processor can be configured to receive data associated with, and/or access to, a computing system's file system structure. The processor can also be configured to determine file patterns, file path patterns and/or graph patterns associated with the computing system. The processor can also be configured to build a graph structure having nodes and edges, the graph structure representing the file patterns, file path patterns and graph patterns, wherein the nodes of the graph structure represent files and attributes of the files and the edges of the graph structure represent connectivity between the files. The processor can also be configured to train, based on the graph structure, a first machine learning model to learn a feature vector associated with a file. The processor can also be configured to train, based on the feature vector, a second machine learning model to identify a vulnerable ransomware target.

Abstract: An aspect of the present disclosure relates to one or more data decryption techniques. In embodiments, an input/output operation (IO) stream including one or more encrypted IOs is received by a storage array. Each encrypted IO is assigned an encryption classification. Further, each encrypted IO is processed based on its assigned encryption classification.

Abstract: A method for confidentially processing data stored on a platform is described. A transcryption module, receiving a request for access to a data block, transmits the access request to an access request prediction module which returns a list of data blocks. The transcryption module determines whether a corresponding key stream block is present in the cache. The homomorphic calculation module calculates homomorphic ciphertexts of key stream blocks corresponding to the data blocks of the list. The transcryption module transcrypts the data blocks by adding them with the homomorphic ciphertexts of the corresponding key stream blocks. The transcryption module transmits the data blocks thus transcrypted to the request management module.

Abstract: The present disclosure describes systems and methods for a privacy sensitive computing system. One or more embodiments provide a protected computing environment, a code authorization unit, and a data aggregation unit. For example, some embodiments of the privacy sensitive computing system may train unsupervised or self-supervised ML models on user-generated assets subject to privacy considerations that mandate those assets are not viewed directly by human eyes.

Abstract: Techniques are described for improving real-time application protection (RTAP) systems (e.g., web application firewalls (WAFs), runtime application self-protection (RASP) systems). In particular, a device within a trusted network may configured to predict vulnerabilities of proposed configurations for the RTAP systems. For example, the device may train one or more machine learning models with a first plurality of configuration settings of application protection systems corresponding to a plurality of applications and a first plurality of known vulnerabilities corresponding the first plurality of configuration settings; apply the one or more machine learning models to a proposed configuration setting to predict one or more potential vulnerabilities of the proposed configuration setting; and identify one or more configuration changes to the proposed configuration setting to overcome the predicted one or more potential vulnerabilities.

Abstract: ML model(s) are created and trained using training data from user(s) to create corresponding trained ML model(s). The training data is in FHE domains, each FHE domain corresponding to an individual one of the user(s). The trained machine learning model(s) are run to perform inferencing using other data from at least one of the user(s). The running of the ML model(s) determines results. The other data is in a corresponding FHE domain of the at least one user. Using at least the results, it is determined which of the following issues is true: the results comprise objectionable material, or at least one of the trained ML model(s) performs prohibited release of information. One or more actions are taken to take to address the issue determined to be true. Methods, apparatus, and computer program product are disclosed.

Abstract: Various embodiments relate to classifying comparators based on comparator offsets. A method may include applying, via a strobe, a first voltage to each of a first input and a second input of a comparator to generate a number of output signals from the comparator, wherein each output signal has one of a first polarity and a second polarity. The method may further include in response to each of the number of output signals being the first polarity, applying, via a strobe, an external offset voltage having the second polarity to the comparator to generate a second number of output signals. Further, the method may include in response to each of the second number of output signals being the same polarity, identifying the comparator as a reliable comparator.

Abstract: An SoC architecture includes a non-volatile memory and an SoC chip. The SoC chip is connected with the non-volatile memory. The SoC chip includes a central processing unit, a volatile memory, a system bus, an on-the-fly decryption circuit, a memory interface, a timer and a key bank. The on-the-fly decryption circuit is connected with the key bank. The on-the-fly decryption circuit performs an encryption operation or a decryption operation according to plural keys in the key bank. After the SoC architecture is powered on, if the timer is not disabled and the timer has counted time for a specified time period, the central processing unit is subjected to a warm reset, and a storage format in the non-volatile memory is changed from an initial format to an operation format by the central processing unit.

Abstract: One or more computer processors transmit a machine learning model and an associated loss function to a worker, wherein the worker isolates private data. The one or more computer processors receive a plurality of encrypted gradients computed utilizing the transmitted machine learning model, the associated loss function, and the isolated private data. The one or more computer processors generate a plurality of adversarial perturbations, wherein the plurality of adversarial perturbations includes true perturbations and false perturbations. The one or more computer processors obfuscate the generated plurality of adversarial perturbations. The one or more computer processors transmit the obfuscated adversarial perturbations to the worker. The one or more computer processors harden the machine learning model utilizing the transmitted obfuscated adversarial perturbations and the private data.

Abstract: An electronic apparatus and a method of controlling the same are provided. The electronic apparatus includes a camera configured to capture an image, a communication interface, a memory configured to store at least one instruction, and a processor configured to obtain characteristics information of a user based on the image; based on the characteristics information of the user being obtained, identify whether first information corresponding to the characteristics information is stored in the memory; based on the corresponding first information not being stored in the memory, generate identification information corresponding to the characteristics information of the user, perform mapping of the characteristics information and the identification information of the user and store in the memory; and transmit the characteristics information and the identification information of the user to a second electronic apparatus.

Abstract: A non-interactive protocol is provided for evaluating machine learning models such as decision trees. A client can delegate the evaluation of a machine learning model such as a decision tree to a server by sending an encrypted input and receiving only the encryption of the result. The inputs can be encoded using their binary representation. Efficient data representations are then combined with different algorithmic optimizations to keep the computational overhead and the communication cost low. Related apparatus, systems, techniques and articles are also described.

Abstract: Systems and methods for processing privacy requests related to information privacy are described. A server computing system may be configured to receive data related to a privacy request for personal information associated with a person, the data related to the privacy request sent by an agent of the person to a company from a computer system associated with the agent, the agent acting on behalf of the person as related to the information privacy, the personal information stored in one or more databases associated with the server computing system; confirm that the person authorizes the agent to act on behalf of the person as related to the information privacy; and based on successful confirmation that the person authorizes the agent, process the privacy request on behalf of the company.

Abstract: The invention relates to a method for behaviour-based authentication (400) of a current user (1) to a mobile, portable communication system (100), which has at least one sensor (110) for capturing gross-motor measurement data (500), a gross-motor classification module (200), a processor (130), and an internal memory (120). Furthermore, a user is registered in the mobile, portable communication system (100). The sensor (110) is designed to recognise the gross-motor measurement data (500) of a gross-motor movement of the current user (1) of the mobile, portable communication system (100) and the gross-motor classification module (200) is trained to capture a generic gross-motor movement pattern with the help of training data sets of a user cohort. In addition, the gross-motor classification module (200) implements a machine-learning method. The gross-motor classification module (200) is executed by the processor (130) of the mobile, portable communication system (100).