Abstract: A method for building a robust classifier against evasion attacks includes receiving an application, identifying one or more features of the application, and determining a first confidence score for a first version of the application including a first set of features and determining a second confidence score for a second version of the application including a second set of features, the first set of features is different than the second set of features. The method also includes determining a difference between the first confidence score and the second confidence score, and comparing the difference with a convergence threshold. The method includes, based on the comparison, determining whether the first confidence score exceeds a confidence score threshold, and generating a report based on determining the first confidence score exceeds the confidence score threshold.

Abstract: A system for detecting malicious operation of a building system includes a power characteristic input connected to a plurality of power characteristic sensors, a processor and a memory. The memory stores instructions for operating at least a physics model detection, a machine learning model detection and a combination module. The physics model detection includes multiple predefined expected power characteristics and is configured to detect an anomaly when at least one power characteristic received at the power characteristic input deviates from a corresponding predefined expected power characteristic of the predefined expected power characteristics. The machine learning model includes a machine learning system configured to learn a set of expected normal power characteristics and detect the anomaly when at least one power characteristic received at the power characteristic input deviates from the learned set of expected normal power characteristics.

Abstract: Methods and systems provide for predicting and constraining kinematic trajectories of an object within an environment. In one embodiment, the system obtains sensor data from one or more sensor data streams; predicts, via an inertial tracking model, a trajectory of an object in an environment in a continuous fashion using the sensor data; retrieves environmental data consisting of a number of environmental constraints relating to the environment; generating, via a reinforcement learning (RL) agent, a number of corrections to the trajectory of the object based on the environmental constraints within the environmental data; and provides real-time tracking and navigation of the object in the environment based on the continuously predicted trajectory and the corrections to the predicted trajectory.

Abstract: A method of training a gesture-based access control system includes repetitiously performing an intentional gesture indicative of an intentional gesture type by a user of a mobile device. The intentional gesture is representative of an intent of the user to gain access. The application then forms a model of the selected intentional gesture type from the repetitious performances of the intentional gesture. The model is configured to be applied by the software-based application to confirm future performances of the intentional gesture.

Abstract: An assignable realestate system includes a processor, a storage medium, a wireless device including a digital key, a lock assembly for access to realestate, a data file, and a blockchain application. The data file is stored in the medium, and includes a plurality of linked blocks. Each block includes a respective asset transaction data of a plurality of asset transaction data with each data being time stamped. The blockchain application is stored in the medium and executed by the processor. The blockchain application is configured to apply the data file to determine a current asset transaction data of the plurality of asset transaction data and output an authorization signal to the lock assembly associated with the device for access to the realestate.

Abstract: A blockchain maintenance record system for managing maintenance records of a system, the blockchain maintenance record system including: a part identification tag configured to be located on a part; an application operable through a mobile computing device, the mobile computing device being configured to read the part identification tag, wherein the application is configured to perform operations including; determining a part identity of the part by reading the part identification tag; detecting a location of the system; organizing the part identity of the part and the location of the part into a maintenance data package receipt; and uploading the maintenance data package receipt into a blockchain network.

Abstract: A method of utilizing blockchain to verify maintenance data of a system including: determining a part identity of a part of a system; detecting a location of the system; detecting a time stamp depicting when maintenance was performed on the part of the system; organizing the part identity of the part, the location of the part, and the time stamp into a maintenance data package receipt; and uploading the maintenance data package receipt into a blockchain network.

Abstract: A method and system for implementing security patches on a computer system is disclosed. The method includes finding one or more security patches; analyzing one of the one or more security patches to find one or more localized security fixes within the one or more security patches; and transforming a security patch within the one or more security patches into a honey patch that is configured to report security violations.

Abstract: Various embodiments of an apparatus, methods, systems and computer program products described herein are directed to a Detection Engine that triggers playback of an audio signal at a defined frequency from a speaker module associated with a computing device. The Detection Engine receives a reflected signal captured by a microphone module associated with the computing device. In some embodiments, the reflected signal corresponds to the triggered audio signal. The Detection Engine determines whether there is suspicious activity occurring with respect to the computing device based on at least one characteristic of the reflected signal.

Abstract: An assignable realestate system includes a processor, a storage medium, a wireless device including a digital key, a lock assembly for access to realestate, a data file, and a blockchain application. The data file is stored in the medium, and includes a plurality of linked blocks. Each block includes a respective asset transaction data of a plurality of asset transaction data with each data being time stamped. The blockchain application is stored in the medium and executed by the processor. The blockchain application is configured to apply the data file to determine a current asset transaction data of the plurality of asset transaction data and output an authorization signal to the lock assembly associated with the device for access to the realestate.

Abstract: A system includes a processor, a storage medium, a data file, blockchain application, a lock assembly, and a digital key. The data file is stored in the storage medium, and is applied by the blockchain application. The data file includes a plurality of linked blocks, each including a respective transaction data of a plurality of transaction data. Each one of the plurality of transaction data includes a respective event and a time stamp. The blockchain application is stored in the storage medium, executed by the processor, and is configured to output an authorization based on a current grant event of a transaction data of the plurality of transaction data. The digital key is adapted to operate the lock assembly, wherein at least one of the lock assembly and the digital key is configured to receive the authorization in order for the digital key to operate the lock assembly.

Abstract: Provided are embodiments for building a robust classifier against evasion attacks. The embodiments include receiving an application, identifying one or more features of the application, and determining a first confidence score for a first version of the application including a first set of features and determining a second confidence score for a second version of the application including a second set of features, wherein the first set of features is different than the second set of features. The embodiments also include determining a difference between the first confidence score and the second confidence score, and comparing the difference with a convergence threshold. The embodiments include based on the comparison, determining whether the first confidence score exceeds a confidence score threshold, and generating a report based on determining the first confidence score exceeds the confidence score threshold.

Abstract: A system for detecting malicious operation of a building system includes a power characteristic input connected to a plurality of power characteristic sensors, a processor and a memory. The memory stores instructions for operating at least a physics model detection, a machine learning model detection and a combination module. The physics model detection includes multiple predefined expected power characteristics and is configured to detect an anomaly when at least one power characteristic received at the power characteristic input deviates from a corresponding predefined expected power characteristic of the predefined expected power characteristics. The machine learning model includes a machine learning system configured to learn a set of expected normal power characteristics and detect the anomaly when at least one power characteristic received at the power characteristic input deviates from the learned set of expected normal power characteristics.

Abstract: Methods, systems and computer program products for intrusion detection are provided. Aspects include receiving, by a processor, internet of things (IoT) device data from each of a plurality of IoT devices, wherein the IoT device data comprises operational data and non-operational data associated with each of the plurality of IoT devices. A security model is built for the plurality of IoT devices based at least in part on the IoT device data, wherein the security model comprises one or more IoT device data ranges. The plurality of IoT devices are monitored to identify a potential intrusion in any of the plurality of IoT devices based at least in part on the IoT device data exceeding any of the one or more IoT device data ranges.

Abstract: A passive authenticating system includes a mobile device in communication with at least one of a multiple of access controls, the mobile device operable to determine a path trajectory of a user to authenticate the user based at least in part on the path trajectory then permit passive access to a particular access control.

Abstract: Methods, systems, and devices are provided for generating biometric signatures. The system can detect, at an electronic device, one or more biometric acoustic signals. The system can generate a biometric signal input of the one or more biometric acoustic signals. The system can apply a machine learning model to conduct feature extraction of the biometric signal input having one or more biometric acoustic signals. The system can generate a biometric user signature of the user from the machine learning model. The system can perform one or more privacy preserving hashing functions to the biometric user signature to generate a hashed biometric user signature. The system can determine whether the hashed biometric user signature satisfies a predetermined threshold with an enrollment hashed signature of the user. And the system can authenticate an identity of the user upon detecting that the hashed biometric user signature satisfies the predetermined threshold.

Abstract: A method of continuous user authentication on a mobile device including: establishing a baseline model generated based on acquiring dynamic data associated with the mobile device, deploying at least one of a training app or a baseline model to the mobile device, and generating a user detection model based on a baseline model and at least one behavior model plurality of behavior models updated by dynamic data associated with the mobile device collected while an authorized user employs the mobile device. The method also includes deploying the user detection model to the mobile device if the user detection model was remotely generated, measuring further dynamic data to predict behaviors in the user detection model while a user operates the mobile device, and determining if a user is an authorized user based on how closely measured behaviors match the trained behaviors in the user detection model.

Abstract: A method of training a gesture-based access control system includes repetitiously performing an intentional gesture indicative of an intentional gesture type by a user of a mobile device. The intentional gesture is representative of an intent of the user to gain access. The application then forms a model of the selected intentional gesture type from the repetitious performances of the intentional gesture. The model is configured to be applied by the software-based application to confirm future performances of the intentional gesture.

Abstract: Methods, systems, and devices are provided for generating biometric signatures. The system can detect, at an electronic device, one or more biometric acoustic signals. The system can generate a biometric signal input of the one or more biometric acoustic signals. The system can apply a machine learning model to conduct feature extraction of the biometric signal input having one or more biometric acoustic signals. The system can generate a biometric user signature of the user from the machine learning model. The system can perform one or more privacy preserving hashing functions to the biometric user signature to generate a hashed biometric user signature. The system can determine whether the hashed biometric user signature satisfies a predetermined threshold with an enrollment hashed signature of the user. And the system can authenticate an identity of the user upon detecting that the hashed biometric user signature satisfies the predetermined threshold.

Abstract: A method for a building system includes determining a relationship between first data from a first building device and second data from a second building device. It is determined whether there is an anomaly based on the relationship. An automatic targeted control response is provided if the anomaly indicates an attack.