Abstract: Disclosed herein are systems and method for isolating private information in streamed data. In an exemplary aspect, a method may comprise receiving a stream of data, for storage in a first storage device, and an indication of how the stream will be utilized by an end user. The method may comprise comparing the indication against a plurality of rules, wherein each rule indicates a type of private information that should be isolated from a given input stream based on a respective indication of usage for the given input stream. The method may comprise identifying and extracting a first type of private information that should be isolated from the stream, modifying the stream by removing the first type of private information from the stream, storing the modified stream in the first storage device, and storing the extracted first type of private information in a different location from the modified stream.

Abstract: An anomaly detection system uses an AI engine to analyze configurations and backups to identify and assess anomalies. Backup data and configurations are used to characterize events as either secure or insecure.

Abstract: A system and method are disclosed for performing non-invasive scan of a target device. The system is configured for: i) loading an endpoint protection agent to a target device; ii) providing a remote direct memory access of the target device to the remote security server for reading a memory of the target device; iii) scanning, by a second memory scan engine of the remote security server, the memory of the target device upon the violation of the security policy; iv) identifying, by the second memory scan engine of the remote security server, a threat on the target device; and v) sending, by the remote security server, a security response action to the endpoint protection agent on the target device in accordance with the security policy.

Abstract: Disclosed herein are systems and method for determining a backup schedule on a computer system. In one exemplary aspect, a method may comprise collecting user behavior data on the computer system. The method may comprise analyzing the user behavior data to determine an optimal time of a backup session to create backup copies of modified data stored on a volume of the computer system and determining an optimal duration of the backup session based on the analyzed user behavior. The method may comprise determining a portion of the modified data that can be saved during the backup session within the optimal duration at the optimal time of backup, and performing the backup session comprising the portion.

Abstract: A data storage system uses erasure coding in combination with hashgraph to organize stored data and recover that data in a computing environment.

Abstract: Disclosed herein are systems and method for repurposing a machine learning model. An exemplary method includes: receiving a first training dataset; determining an input portion and an output portion in an entry of the first training dataset; comparing the first training dataset to a second training dataset used to train a machine learning model, wherein the comparing includes determining a similarity score between the input portion and the output portion of the first training dataset and an input portion and an output portion of the second training dataset; in response to determining that the similarity score is greater than a threshold similarity score, re-training the machine learning model using the first training dataset; and executing the retrained machine learning model on an input value to generate an output value corresponding to the first training dataset.

Abstract: Disclosed herein are systems and method for provisioning artificial intelligence resources. A method may receive an input training dataset and an indication of a task to perform using the input training dataset and may determine a size of the input dataset and a content type of an entry in the input training dataset. The method may identify, from a plurality of computing resources, at least one computing resource to accommodate the size and the content type associated with the input training dataset and may identify attributes of the input training dataset. The method may select, from a plurality of artificial intelligence models, and train and execute, on the at least one computing device, an artificial intelligence model that is configured to perform the task.

Abstract: Disclosed herein are systems and method for protecting files indirectly related to user activity. In one exemplary aspect, a method may comprise identifying, on a computing device, a file that is directly accessed by a user of the computing device. The method may comprise determining an application that provides access to the file. The method may comprise identifying a plurality of program files that the application utilizes during execution. For each respective program file of the plurality of program files, the method may comprise determining whether the respective program file is required by the application to provide access to the file and in response to determining that the respective program file is required, determining a type of threat that can target the respective program file. The method may further comprise performing a data protection action on the respective program file based on the type of threat.

Abstract: Disclosed herein are systems and methods for protecting user data. In one aspect, an exemplary method comprises, by a hardware processor, detecting one or more user files, created by a user, that are on a user device; generating user transactional data associated with one or more detected network-based interactions with a service provider by the user, and user behavior data based on one or more user interactions with a graphical user interface of the user device by the user; generating a user classification using a machine learning model that classifies the user based on the one or more user files, the user transactional data, and the user behavior data; and when the user is identifiable based on the user classification, modifying at least one of the one or more user files stored on the user device and user behavior of the user during an operation of the user device.

Abstract: Aspects of the disclosure describe methods and systems for transmitting data via a satellite to a ground node. In one exemplary aspect, a method comprises splitting, on a satellite, a data segment into a plurality of data chunks, wherein an amount of the data chunks equals a number of ground nodes that the data chunks will be transmitted to. For each respective data chunk, the method comprises determining whether the satellite has a stable connection with the respective ground node. When the satellite has the stable connection with the respective ground node, the method comprises transmitting, by the satellite, the respective data chunk to the respective ground node, and when the satellite does not have the stable connection with the respective ground node, the method comprises transmitting, by the satellite, the respective data chunk to a neighboring satellite for storage until the stable connection is established.

Abstract: Disclosed herein are systems and method for determining data storage insurance policies. In an exemplary implementation, a method comprises receiving a request to add a data storage insurance policy to a plurality of data files. The method comprises extracting data file attributes and determining a data recovery score for each respective data file based on a uniqueness, criticality, and/or importance of the respective data file. The method comprises determining a hardware score for each of a plurality of performance tiers comprising at least one storage server, based on an available capacity, a performance cost, and/or data recovery scores of data files currently stored at each of the plurality of performance tiers. The method comprises selecting and executing a data storage insurance policy for the respective data file based on a plurality of data recovery rules and/or the comparison of the data recovery score and the hardware score.

Abstract: Disclosed herein are systems and method for controlling data access, the method including: receiving a request to access data on a computing device; determining that the data requested for access has a first degree of confidentiality, wherein the first degree of confidentiality indicates that the data can only be accessed in an environment occupied by a threshold number of persons; retrieving sensor data from a plurality of sensors located in the environment; determining, based on the sensor data, a number of persons occupying the environment; determining whether the number of persons exceeds the threshold number of persons; and in response to determining that the number of persons exceeds the threshold number of persons, denying the request to access the data.

Abstract: Disclosed herein are systems and methods for verifying user activity based on behavioral models. In an exemplary aspect, a method may include receiving and parsing sensor data from at least one sensor in an environment to determine a first identifier of a person that is not authorized to access data via a computing device. The method may include intercepting, on the computing device, a data access request including a second identifier of a user that is authorized to access the data via the computing device. The method may include verifying whether the data access request is from the user authorized to access data by determining whether a chain of events involving the first person and the user corresponds to a behavioral model indicative of malicious activity. Based on the verification, the data access request is either granted or denied.

Abstract: Disclosed herein are systems and methods for continuous user authentication during access of a digital service. In an exemplary aspect, a continuous authentication module may receive, at a computing device, initial authentication credentials of the user. The initial authentication credentials enable access to a service via the computing device. While the service is being accessed, the continuous authentication module may continuously monitor whether an unauthorized user has replaced the user in accessing the service by comparing usage attributes of the service with historic usage attributes associated with the user. In response to determining that the unauthorized user has replaced the user, the continuous authentication module may cease the access to the service via the computing device.

Abstract: Disclosed herein are systems and method for verifying user identity. In one exemplary aspect, a method comprises receiving sensor data from at least one sensor and parsing the sensor data to determine a plurality of identifiers of a user authorized to access data via a computing device. The method comprises generating, for each identifier, an event including the user. The method comprises intercepting, on the computing device, a data access request including an identifier of the user. The method comprises verifying whether the data access request is from the user authorized to access data by generating a chain of events including the user for a period of time preceding the data access request, determining a deviation of the chain of events from a target chain of events, and in response to determining the deviation is less than a threshold deviation value, granting the data access request.

Abstract: Disclosed herein are systems and methods for pattern-based QoS violation prediction. In one exemplary aspect, a method may comprise identifying a service on a computing device that is connected to a plurality of client devices and determining a plurality of micro-services comprised in the identified service. The method may comprise parsing access information to detect that a first client device is accessing a micro-service. The method may comprise determining, for a first period of time, QoS evaluation parameters for the access between the micro-service and the first client device. The method may comprise identifying changes in the QoS evaluation parameters within the first period of time, detecting a predetermined QoS violation pattern, and executing a QoS action based on the predetermined QoS violation pattern.

Abstract: Disclosed herein are systems and method for authenticating user identity based on supplemental environment data. When a structured approach to acquiring user identifiers (e.g., facial images, voice clips, biometric data, etc.) of authorized user is inconclusive (e.g., a matching face is similar, but not a direct match) the systems and methods describe retrieving supplemental environment data that indirectly verifies a presence of the user in an environment. The systems and methods further comprise determining whether the supplemental environment data indicates that a respective identifier belongs to the user, and in response to determining that the supplemental environment data indicates that the respective identifier belongs to the user, authenticating the respective identifier as belonging to the user and storing the respective identifier in a database of identifiers.

Abstract: Disclosed herein are systems and methods for protecting user data. In one aspect, an exemplary method comprises, by a hardware processor, detecting one or more user files modified by a user on a user device; identifying user actions executed by the user to modify the one or more user files; training a machine learning algorithm to identify whether an arbitrary user action is performed by the user, wherein the user actions used by the user to modify the one or more user files are comprised in a training dataset of the machine learning algorithm; detecting a user action to modify a user file; determining, using the machine learning algorithm, whether the user action classifies as being performed by the user; and in response to determining that the machine learning algorithm classifies the user action as being performed by the user, modifying the user action to mask an identity of the user.

Abstract: Disclosed herein are systems and method for customizing a user workspace environment using user action sequence analysis. In one exemplary aspect, a method may comprise detecting user actions in a user workspace environment that provides access to a plurality of workspace elements further comprising a plurality of files and a plurality of applications and identifying a plurality of user action sequences based on each timestamp of a respective user action. The method may comprise generating action sequence groups, each comprising a unique subset of the user action sequences and sequence trigger. In response to detecting a particular sequence trigger, the method may comprise executing a corresponding customization action that alters the user workspace environment such that an amount of steps and/or processing time to perform in the user workspace environment to access workspace elements associated with the associated action sequence group is reduced.

Abstract: A data storage system uses erasure coding in combination with hashgraph to organize stored data and recover that data in a computing environment.