Abstract: An embodiment may involve a database including a table, wherein the table contains database records and a schema by which the database records are arranged. The embodiment may further involve one or more processors configured to: obtain a query that references the table and one or more elements of the schema; copy at least part of the table into a second table; transform, using a deterministic one-way function, the schema of the second table and the database records within the second table; transform, using the deterministic one-way function, the query into a second query; and write, to memory, at least part of the second table and the second query.

Abstract: The disclosed computer-implemented method for protecting search privacy may include (i) receiving, via a search interface, a search query comprising at least one search term, (ii) determining a sensitivity level of the search query based on the at least one search term, (iii) directing the search query to a search engine that has a level of privacy correlated with the sensitivity level of the search query, and (iv) returning, via the search interface, at least one result of directing the search query to the search engine that has the level of privacy correlated with the sensitivity level of the search query. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Disclosed herein are systems, methods, and processes to perform context-driven (or context-based) data backup and recovery operations. A request to perform a backup operation on a dataset is received. Current external context datasets related to the dataset and generated based on prioritization techniques are collected from computing devices. a saved context dataset is generated based on the current external context datasets. The backup operation is performed by storing a backup image that includes at least a portion of the dataset and the saved context dataset.

Abstract: An embodiment may involve a database including a table, wherein the table contains database records and a schema by which the database records are arranged. The embodiment may further involve one or more processors configured to: obtain a query that references the table and one or more elements of the schema; copy at least part of the table into a second table; transform, using a deterministic one-way function, the schema of the second table and the database records within the second table; transform, using the deterministic one-way function, the query into a second query; and write, to memory, at least part of the second table and the second query.

Abstract: A computing system for modification of storage engines of database table is provided. The computing system receives a first user input which includes first information about a first storage engine associated with a database server. The computing system further receives a second user input which includes second information about a second storage engine and a third user input which includes third information about a set of database tables associated with the first storage engine. The computing system further determines a compatibility score which indicates a compatibility between the first storage engine and the second storage engine and further modifies first metadata information, associated with a first database table of the set of database tables, based on the determined compatibility score to modify the storage engine of the first database table from the first storage engine to the second storage engine.

Abstract: The disclosed computer-implemented method for identifying privacy leakage information may include (1) identifying, at the computing device, at least one informative word in a digital text and (2) performing a security action that identifies privacy leakage information, where the security action includes (A) determining, for at least one identified informative word, a type of privacy leakage and a respective confidence score indicating a probability the identified informative word causes the type of privacy leakage, (B) determining, using the respective confidence score, a combined confidence score for each respective element within a level of detail to display, and (C) displaying, on a display device, the combined confidence score for each respective element within the level of detail to display. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for protecting search privacy may include (i) receiving, via a search interface, a search query comprising at least one search term, (ii) determining a sensitivity level of the search query based on the at least one search term, (iii) directing the search query to a search engine that has a level of privacy correlated with the sensitivity level of the search query, and (iv) returning, via the search interface, at least one result of directing the search query to the search engine that has the level of privacy correlated with the sensitivity level of the search query. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for clustering data to improve data analytics may include (1) extracting a social graph from a data set of messages, the social graph indicating messages as edges such that nodes of the edges indicate corresponding senders and recipients in sender-recipient relationships, (2) detecting communities of collaborators by identifying clusters of nodes within the social graph, (3) applying the identified clusters of nodes within the social graph to a grouping calculation to group the messages of the data set into groups of messages, and (4) providing, through a computing interface, results of a data analytics operation to an end user based at least in part on applying the identified clusters of nodes within the social graph to the grouping calculation. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Methods and systems are provided for detecting privacy leakage risks in text. One example method generally includes receiving, at a computing device from a client device, a keyword and generating, by the computing device, a combined query comprising the keyword and a sensitive topic query associated with a sensitive topic. The method further includes transmitting the keyword from the computing device to a search engine and transmitting the combined query from the computing device to the search engine. The method further includes receiving, at the computing device from the search engine, a number of search results for the keyword and receiving, at the computing device from the search engine, a number of search results for the combined query. The method further includes determining, by the computing device, a confidence score and transmitting the confidence score from the computing device to the client device.

Abstract: The disclosed computer-implemented method for file system metadata analytics may include (i) creating a set of training data to train a machine learning model to analyze tokens that describe files within a file system, the set of training data comprising a first set of vectors, wherein each vector represents tokens that describes files that are frequently accessed by a common set of users, and a second set of vectors, wherein each vector represents tokens that describes files with common file path ancestors, (ii) training, using the set of training data, the machine learning model, (iii) determining, by providing at least one input token to the machine learning model, that the input token is related to at least one additional token, and (iv) performing an action responsive to observing the input token and involving the additional token and the file system. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for generating a topic tree for digital information may include parsing the digital information and extracting a set of keywords. This method may also include comparing the set of keywords to an ontology and extracting hierarchies from the ontology that match the set of keywords. The extracted ontology entries may then be pruned and sorted. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for identifying subject-matter experts may include (i) collecting, by the computing device, a plurality of electronic messages transmitted within an organization, (ii) creating a message graph for the organization, (iii) extracting a plurality of topics from the plurality of electronic messages transmitted within the organization, (iv) annotating the message graph by correlating each topic within the plurality of topics with each edge of the message graph that represents an electronic message related to the topic, and (v) identifying, based on an analysis of the annotated message graph, at least one vertex that represents an expert on at least one topic from the plurality of topics. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Disclosed herein are systems, methods, and processes to perform context-driven (or context-based) data backup and recovery operations. A request to perform a backup operation on a dataset is received. Current external context datasets related to the dataset and generated based on prioritization techniques are collected from computing devices. a saved context dataset is generated based on the current external context datasets. The backup operation is performed by storing a backup image that includes at least a portion of the dataset and the saved context dataset.

Abstract: The disclosed computer-implemented method for identifying privacy leakage information may include (1) identifying, at the computing device, at least one informative word in a digital text and (2) performing a security action that identifies privacy leakage information, where the security action includes (A) determining, for at least one identified informative word, a type of privacy leakage and a respective confidence score indicating a probability the identified informative word causes the type of privacy leakage, (B) determining, using the respective confidence score, a combined confidence score for each respective element within a level of detail to display, and (C) displaying, on a display device, the combined confidence score for each respective element within the level of detail to display. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for detecting anomalous behavior in shared data repositories may include (i) identifying a shared data repository that comprises files, (ii) monitoring access to the files for a predetermined time period in order to determine which files are accessed by each user, (iii) creating a graph of the access to the files, wherein each vertex represents a user and each edge that connects two vertices represents that one or more files were accessed by both users represented by the two vertices, (iv) deriving, from the graph, a set of communities, wherein each community represents a set of users that collaborated on one or more files during the predetermined time period, and (v) determining that a collaboration pattern of a user does not match a collaboration pattern for the user's community observed during the predetermined time period. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Automatically detecting insider threats using user collaboration patterns. In one embodiment, a method may include identifying collaborative access of one or more network resources in a network between a target user using a target network device and other users using other network devices in the network during multiple prior time periods and during a current time period, generating prior collaboration graphs for the prior time periods, generating an average collaboration graph by combining the prior collaboration graphs, generating a current collaboration graph for the current time period, generating an anomaly score by comparing the current collaboration graph to the average collaboration graph, determining that the collaborative access of the one or more network resources during the current time period is anomalous by determining that the anomaly score exceeds a threshold, and, in response to the anomaly score exceeding the threshold, performing a security action on the target network device.

Abstract: The disclosed computer-implemented method for determining topics of data artifacts may include (1) extracting at least one initial keyword from a data artifact with an unknown topic, (2) creating a set of keywords by generating a plurality of contextually relevant keywords related to the initial keyword and combining the initial keyword with the contextually relevant keywords to form the set of keywords, (3) retrieving, from a topic processor, at least one list of topics associated with each keyword within the set of keywords, and (4) generating, based on the retrieved topic lists, an ordered list of probable topics of the data artifact. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for applying content-based retention policies to data artifacts may include (1) identifying one or more features of a data artifact detected on a computing system, (2) identifying a collection of data artifacts that are (A) stored on at least one storage system and (B) retained in accordance with a set of retention policies, (2) determining, based at least in part on the features, that the data artifact detected on the computing system and at least one data artifact within the collection exceed a certain level of similarity relative to one another, (3) analyzing at least one retention policy of the data artifact within the collection, and then (4) providing a suggestion to apply the retention policy of the data artifact within the collection to the data artifact detected on the computing system. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Automatically detecting insider threats using user collaboration patterns. In one embodiment, a method may include identifying collaborative access of one or more network resources in a network between a target user using a target network device and other users using other network devices in the network during multiple prior time periods and during a current time period, generating prior collaboration graphs for the prior time periods, generating an average collaboration graph by combining the prior collaboration graphs, generating a current collaboration graph for the current time period, generating an anomaly score by comparing the current collaboration graph to the average collaboration graph, determining that the collaborative access of the one or more network resources during the current time period is anomalous by determining that the anomaly score exceeds a threshold, and, in response to the anomaly score exceeding the threshold, performing a security action on the target network device.