Abstract: Systems and methods for providing a context aware client firewall. Various embodiments include intercepting all network traffic to and from a mobile device, deriving a static risk profile of the mobile device based on one or more parameters, determining a dynamic risk of the mobile device based on network flow attributes, and computing an overall risk for the network traffic based on the static risk profile and the dynamic risk. Network traffic can therefore be allowed or blocked based on the computed risk. The solution provides granular control to IT administrations to block network traffic based on parameters such as geolocation, network type, and various others described herein.

Abstract: Systems and methods include establishing a control channel of a tunnel utilizing a first encryption technique, wherein the tunnel is between a local node including one or more processors and a remote node, and wherein the control channel includes a session identifier; establishing a data channel of the tunnel utilizing a second encryption technique, wherein the data tunnel is bound to the control channel based on the session identifier; performing, over the control channel, device authentication and user authentication of one or more users associated with the remote node, wherein each of the one or more users includes a user identifier; and, subsequent to the device authentication and the user authentication, exchanging data packets over the data channel with each data packet including a corresponding user identifier. The first encryption technique can be one of TLS and SSL, and the second encryption technique can be one of TLS and DTLS.

Abstract: The system can include a set of joints, a controller, and a model engine; and can optionally include a support structure and an end effector. Joints can include: a motor, a transmission mechanism, an input sensor, and an output sensor. The system can enable articulation of the plurality of joints.

Abstract: This disclosure relates to cloud migration. In some aspects, a method includes receiving, by one or more computing devices, a plurality of parameters associated with an on-premises system to be migrated to a cloud architecture, the plurality of parameters including an identifier of the on-premises system, identifiers of components of the on-premises system, and migration requirements; extracting, from the plurality of parameters, a set of input parameters substantially affecting a migration of the on-premises system to the cloud architecture; identifying a target cloud architecture, selected from a plurality of cloud architectures, that i) is compliant with the set of input parameters, and ii) satisfies one or more threshold conditions associated with the migration; determining, a set of output parameters representing features of the target cloud architecture; and training, a neural network model using the set of input parameters and the set of output parameters.

Abstract: An intelligent editor for creating a pipeline configuration file. The pipeline configuration file can be a YAML configuration file or in some other data serialization language. The intelligent editor is in the form of a YAML editor that provides multiple user interfaces for editing a pipeline configuration file. The YAML editor includes a code-based editing UI to edit the YAML configuration file code itself, and a visual-based editor UI for creating and modifying the configuration file through using graphical icons. The code-based editor UI includes an intelligent field and value recommendation feature, auto-complete feature, a semantic error detection feature, and a field documentation feature.

Abstract: The disclosed technology teaches reducing threat detection processing by applying similarity measures. The method includes recognizing that a file is an edited version of a previously processed file and retrieving, from an archive, at least an entropy measure of the previously processed file, and calculating an entropy measure for the edited version of the file. The method applies a similarity measure to compare the entropy measures for the edited version and the previously processed file, avoiding full threat scanning of the file to detect malware except when the similarity measure reaches a scanning trigger. When any similarity measure or combination of similarity measures reaches a trigger, the technology teaches processing the file by using a threat detection module to detect malware. Further included is logging the edited version of the file for further processing when the similarity measure reaches a logging trigger.

Abstract: The disclosed technology teaches reducing threat detection processing, including recognizing that a file is an edited version of a previously processed file and retrieving, from an archive, metadata values, hashes for property groups and an entropy measure of the previously processed file. Also included is parsing the file into metadata values and property groups and calculating hashes of the property groups and entropy measure for the file. The method further includes applying similarity measures to compare the metadata values, the entropy measures, and the hashes on the property groups, for the edited version and the previously processed file. When any similarity measure or combination of similarity measures reaches a trigger, the technology teaches processing the file by using a threat detection module to detect malware. Property groups include core properties, application properties, document content and programming scripts for the edited version of the file and the previously processed file.

Abstract: The disclosed technology teaches reducing threat detection processing by applying similarity measures. The method includes recognizing that a file is an edited version of a previously processed file and retrieving, from an archive, at least an entropy measure of the previously processed file, and calculating an entropy measure for the edited version of the file. The method applies a similarity measure to compare the entropy measures for the edited version and the previously processed file, avoiding full threat scanning of the file to detect malware except when the similarity measure reaches a scanning trigger. When any similarity measure or combination of similarity measures reaches a trigger, the technology teaches processing the file by using a threat detection module to detect malware. Further included is logging the edited version of the file for further processing when the similarity measure reaches a logging trigger.

Abstract: Techniques for optimizing network-transferred multi-card content items are provided. In one technique, a first content item selection event is initiated that involves a set of content delivery campaigns that includes a content delivery campaign that includes a content item that comprises multiple cards. The content delivery campaign is selected and the content item is transmitted to a first computing device, where the multiple cards have a first card configuration. One or more events that are associated with the first computing device displaying at least one card of the plurality of cards is identified. Based on the events, a second card configuration is determined. Another content item selection event that involves the content delivery campaign is initiated and the content delivery campaign is selected. The content item is transmitted to a second computing device, where the multiple cards have the second card configuration.

Abstract: The disclosed technology teaches reducing threat detection processing, including recognizing that a file is an edited version of a previously processed file and retrieving, from an archive, metadata values, hashes for property groups and an entropy measure of the previously processed file. Also included is parsing the file into metadata values and property groups and calculating hashes of the property groups and entropy measure for the file. The method further includes applying similarity measures to compare the metadata values, the entropy measures, and the hashes on the property groups, for the edited version and the previously processed file. When any similarity measure or combination of similarity measures reaches a trigger, the technology teaches processing the file by using a threat detection module to detect malware. Property groups include core properties, application properties, document content and programming scripts for the edited version of the file and the previously processed file.

Abstract: Example embodiments described herein are directed towards dynamic state estimation of an operating state of a generator in a power system. Such estimation is performed for an individual generator in real time with improved accuracy and without the use of Global Position System (GPS) synchronization.

Abstract: The disclosed technology teaches reducing threat detection processing, including recognizing that a file is an edited version of a previously processed file and retrieving, from an archive, metadata values, hashes for property groups and an entropy measure of the previously processed file. Also included is parsing the file into metadata values and property groups and calculating hashes of the property groups and entropy measure for the file. The method further includes applying similarity measures to compare the metadata values, the entropy measures, and the hashes on the property groups, for the edited version and the previously processed file. When any similarity measure or combination of similarity measures reaches a trigger, the technology teaches processing the file by using a threat detection module to detect malware. Property groups include core properties, application properties, document content and programming scripts for the edited version of the file and the previously processed file.

Abstract: Techniques for optimizing network-transferred multi-card content items are provided. In one technique, a first content item selection event is initiated that involves a set of content delivery campaigns that includes a content delivery campaign that includes a content item that comprises multiple cards. The content delivery campaign is selected and the content item is transmitted to a first computing device, where the multiple cards have a first card configuration. One or more events that are associated with the first computing device displaying at least one card of the plurality of cards is identified. Based on the events, a second card configuration is determined. Another content item selection event that involves the content delivery campaign is initiated and the content delivery campaign is selected. The content item is transmitted to a second computing device, where the multiple cards have the second card configuration.

Abstract: An example system may include a first device connected over respective communications interfaces to a plurality of second devices. The first device may establish respective remote terminals between the first device and one or more second devices. Establishing the respective remote terminals may indicate that the devices are in an online state. The first device may periodically update respective heartbeat files on the second devices. A respective second device may detect that a pre-determined time period has elapsed since the heartbeat file was updated. The respective second device may determine that a respective remote terminal between the first device and the respective second device has been terminated. Determining that the remote terminal has been terminated may indicate that the device is in an offline state. The respective second device may reset itself so as to transition the respective second device from the offline state to the online state.

Abstract: A method is provided in one example embodiment and includes evaluating by a first network node a current level of congestion experienced by a session in a communications network; predicting a level of congestion that will be experienced by the session beginning at a next time boundary; sending a request message to a second network node, the request message comprising at least one rule corresponding to the current level of congestion and the predicted level of congestion, in which the rule has associated therewith an activation time and a deactivation time; and refraining from sending an additional request message to the second network node at the next time boundary.

Abstract: An example system may include a first device connected over respective communications interfaces to a plurality of second devices. The first device may establish respective remote terminals between the first device and one or more second devices. Establishing the respective remote terminals may indicate that the devices are in an online state. The first device may periodically update respective heartbeat files on the second devices. A respective second device may detect that a pre-determined time period has elapsed since the heartbeat file was updated. The respective second device may determine that a respective remote terminal between the first device and the respective second device has been terminated. Determining that the remote terminal has been terminated may indicate that the device is in an offline state. The respective second device may reset itself so as to transition the respective second device from the offline state to the online state.

Abstract: An example system may include a first device connected over respective communications interfaces to a plurality of second devices. The first device may establish respective remote terminals between the first device and one or more second devices. Establishing the respective remote terminals may indicate that the devices are in an online state. The first device may periodically update respective heartbeat files on the second devices. A respective second device may detect that a pre-determined time period has elapsed since the heartbeat file was updated. The respective second device may determine that a respective remote terminal between the first device and the respective second device has been terminated. Determining that the remote terminal has been terminated may indicate that the device is in an offline state. The respective second device may reset itself so as to transition the respective second device from the offline state to the online state.

Abstract: An example system may include a first device connected over respective communications interfaces to a plurality of second devices. The first device may establish respective remote terminals between the first device and one or more second devices. Establishing the respective remote terminals may indicate that the devices are in an online state. The first device may periodically update respective heartbeat files on the second devices. A respective second device may detect that a pre-determined time period has elapsed since the heartbeat file was updated. The respective second device may determine that a respective remote terminal between the first device and the respective second device has been terminated. Determining that the remote terminal has been terminated may indicate that the device is in an offline state. The respective second device may reset itself so as to transition the respective second device from the offline state to the online state.

Abstract: Methods and system for delivering updates to recipients in a social network includes receiving event related data in response to triggering of an event at a client. In response to the triggering of the event at the client, recipient data related to a recipient that is authorized to receive the event related data is retrieved. An agent is provided for the recipient. The agent includes logic for formatting and delivering the event related data to the recipient. The recipient's interaction in response to delivery of the event related data is tracked. The logic within the agent is refined based on the interaction of the recipient. The agent with the refined logic is used for subsequent formatting and delivering of event related data to the recipient.

Abstract: The present invention relates to methods and apparatus for controlling environmental systems in containers. A first set of environmental conditions for a first product to be stored in a container is received and it is determined if the first set of environmental conditions are compatible with a second set of environmental conditions for one or more second products in the container. An acceptable set of environmental conditions for both first and second products based on the first set of environmental conditions and the second set of environmental conditions is determined and the acceptable set of environmental conditions are stored.