Abstract: The present disclosure relates to a technique for context sanitization and re-enrichment of a document. A user sends a document containing restricted confidential information and a list of questions to run on an outside model to a third party. To maintain confidentiality, the document is processed internally in the organization to generate a knowledge graph for replacing confidential information with fake information before sending document to the third-party model. The document after running on the third-party model generates a summary document with fake information. The received summary document from the third-party model is then re-enriched by replacing fake information with original confidential information. The confidential information of the organization is thus secured and not shared with third parties to enhance data security of the organization.

Abstract: Implementations include a computer-implemented method comprising: obtaining data representing observed conditions in an enterprise network, each observed condition being associated with at least one cybersecurity issue, a cybersecurity issue comprising one of (i) a vulnerability comprising an instance of a vulnerable condition or (ii) a weakness that is likely to cause a vulnerability to occur; using a plurality of exploitation prediction models to determine probabilities of exploitation of the cybersecurity issues associated with the observed conditions in the enterprise network, wherein the plurality of exploitation prediction models are trained using a knowledge mesh generated using data from cybersecurity repositories; assigning a priority ranking to each of the observed conditions in the enterprise network based on the respective probabilities of exploitation for the cybersecurity issues associated with the observed conditions; and performing one or more actions to mitigate the observed conditions in the

Abstract: Aspects of the present disclosure provide systems, methods, and computer-readable storage media that support cooperative training of machine learning (ML) models that preserves privacy in untrusted environments using distributed executable file packages. The executable file packages may include files, libraries, scripts, and the like that enable a cloud service provider configured to provide server-side ML model training to also support cooperative ML model training with multiple clients, particularly for a fraud prediction model for financial transactions. Because the cooperative training includes the clients training respective ML models and the server aggregating the trained ML models, private client data such as financial transaction data may be used to train the fraud prediction model without exposing the client data to others. Such cooperative ML model training enables offloading of computing resource-intensive training from client devices to the server and may train a more robust fraud detection model.

Abstract: Aspects of the present disclosure provide systems, methods, and computer-readable storage media that support secure training of machine learning (ML) models that preserves privacy in untrusted environments using distributed executable file packages. The executable file packages may include files, libraries, scripts, and the like that enable a cloud service provider configured to provide ML model training based on non-encrypted data to also support homomorphic encryption of data and ML model training with one or more clients, particularly for a diagnosis prediction model trained using medical data. Because the training is based on encrypted client data, private client data such as patient medical data may be used to train the diagnosis prediction model without exposing the client data to the cloud service provider or others. Using homomorphic encryption enables training of the diagnosis prediction model using encrypted data without requiring decryption prior to training.

Abstract: Aspects of the present disclosure provide systems, methods, and computer-readable storage media that support cooperative training of machine learning (ML) models that preserves privacy in untrusted environments. For example, a server (or cloud-based computing device(s)) may be configured to “split” an initial ML model into various partial ML models, some of which are provided to client devices for training based on client-specific data. Output data generated during the training at the client devices may be provided to the server for use in training corresponding server-side partial ML models. After training of the partial ML models is complete, the server may aggregate the trained partial ML models to construct an aggregate ML model for deployment to the client devices. Because the client data is not shared with other entities, privacy is maintained, and the splitting of the ML models enables offloading of computing resource-intensive training from client devices to the server.

Abstract: Systems and methods for defending an artificial intelligence model against an adversarial input are disclosed. The system may include an artificial intelligence model, such as a machine learning model. The system may include a transformation engine executable by one or more processors. The transformation engine may be configured to receive an input to the artificial intelligence model, and apply a pre-determined transformation set to the input to produce a transformed input. The transformation engine may be configured to generate a first output based on the input using the artificial intelligence model and may also apply the artificial intelligence model to the transformed input to produce a second output. The transformation engine may be configured to determine whether the input is associated with an adversarial attack based on a comparison of the first output and the second output. The system also facilitates generating transformation sets for defending against adversarial attacks.

Abstract: Implementations include a computer-implemented method comprising: obtaining data representing observed conditions in an enterprise network, each observed condition being associated with at least one cybersecurity issue, a cybersecurity issue comprising one of (i) a vulnerability comprising an instance of a vulnerable condition or (ii) a weakness that is likely to cause a vulnerability to occur; using a plurality of exploitation prediction models to determine probabilities of exploitation of the cybersecurity issues associated with the observed conditions in the enterprise network, wherein the plurality of exploitation prediction models are trained using a knowledge mesh generated using data from cybersecurity repositories; assigning a priority ranking to each of the observed conditions in the enterprise network based on the respective probabilities of exploitation for the cybersecurity issues associated with the observed conditions; and performing one or more actions to mitigate the observed conditions in the

Abstract: The present disclosure provides an anomaly detector. The anomaly detector comprises an input interface configured to accept input data, a first neural network having an autoencoder architecture including an encoder trained to encode the input data and a decoder trained to decode the encoded input data to reconstruct the input data, and a loss estimator configured to compare a plurality of parts of the input data with corresponding plurality of parts of the reconstructed input data to determine a sequence of losses for different components of a reconstruction error. The anomaly detector further comprises a second neural network trained in a supervised manner to classify the sequence of losses to detect an anomaly to produce a result of anomaly detection including one or a combination of a type of the anomaly and a severity of the anomaly, and an output interface to render the result of anomaly detection.

Abstract: Aspects of the present disclosure provide systems, methods, and computer-readable storage media that support secure training of machine learning (ML) models that preserves privacy in untrusted environments using distributed executable file packages. The executable file packages may include files, libraries, scripts, and the like that enable a cloud service provider configured to provide ML model training based on non-encrypted data to also support homomorphic encryption of data and ML model training with one or more clients, particularly for a diagnosis prediction model trained using medical data. Because the training is based on encrypted client data, private client data such as patient medical data may be used to train the diagnosis prediction model without exposing the client data to the cloud service provider or others. Using homomorphic encryption enables training of the diagnosis prediction model using encrypted data without requiring decryption prior to training.

Abstract: Aspects of the present disclosure provide systems, methods, and computer-readable storage media that support cooperative training of machine learning (ML) models that preserves privacy in untrusted environments using distributed executable file packages. The executable file packages may include files, libraries, scripts, and the like that enable a cloud service provider configured to provide server-side ML model training to also support cooperative ML model training with multiple clients, particularly for a fraud prediction model for financial transactions. Because the cooperative training includes the clients training respective ML models and the server aggregating the trained ML models, private client data such as financial transaction data may be used to train the fraud prediction model without exposing the client data to others. Such cooperative ML model training enables offloading of computing resource-intensive training from client devices to the server and may train a more robust fraud detection model.

Abstract: Aspects of the present disclosure provide systems, methods, and computer-readable storage media that support cooperative training of machine learning (ML) models that preserves privacy in untrusted environments. For example, a server (or cloud-based computing device(s)) may be configured to “split” an initial ML model into various partial ML models, some of which are provided to client devices for training based on client-specific data. Output data generated during the training at the client devices may be provided to the server for use in training corresponding server-side partial ML models. After training of the partial ML models is complete, the server may aggregate the trained partial ML models to construct an aggregate ML model for deployment to the client devices. Because the client data is not shared with other entities, privacy is maintained, and the splitting of the ML models enables offloading of computing resource-intensive training from client devices to the server.