Abstract: An example system includes a processor to receive a preprocessed query from a client device for a fully homomorphic encryption (FHE) encrypted database. The processor can execute the preprocessed query on the FHE encrypted database to generate a response. The processor can transmit a partially-processed response to the client device, which can post-process the query computation.

Abstract: A method comprising: receiving an input tensor having a shape defined by [n1, ...,nk], where k is equal to a number of dimensions that characterize the input tensor; receiving tile tensor metadata comprising: a tile tensor shape defined by [t1, ..., tk], and information indicative of an interleaving stride to be applied with respect to each dimension of the tile tensor; constructing an output tensor comprising a plurality of the tile tensors, by applying a packing algorithm which maps each element of the input tensor to at least one slot location of one of the plurality of tile tensors, based on the tile tensor shape and the interleaving stride, wherein the interleaving stride results in non-contiguous mapping of the elements of the input tensor, such that each of the tile tensors includes a subset of the elements of the input tensor which are spaced within the input tensor according to the interleaving stride.

Abstract: An example system includes a processor to receive, at a setup or sign-up, a first cipher including a biometric template transformed using a first transformation and encrypted using a secret key, a second cipher including a security vector encrypted using the secret key, a third cipher including the biometric template transformed using a second transformation and encrypted, and a fourth cipher including an encrypted second security vector. The processor can receive, at a runtime or sign-in, a fifth cipher and a sixth cipher. The processor can verify that the fifth cipher includes a second biometric template transformed using the first transformation and encrypted using the secret key and that the sixth cipher includes the second biometric template transformed using the second transformation by testing a format attribute of the transformation functions using comparisons of inner products.

Abstract: Privacy-preserving homomorphic inferencing utilizes batch processing on encrypted data records. Each data record has a private data portion of interest against which the inferencing is carried out. Batch processing is enabled with respect to a set of encrypted data records by techniques that ensure that each encrypted data record has its associated private data portion in a unique location relative to the other data records. The set of encrypted data records are then summed to generate a single encrypted data record against which the inferencing is done. In a first embodiment, the private data portions of interest are selectively and uniquely positioned at runtime (when the inferencing is being applied). In a second embodiment, the private data portions of interest are initially positioned with the data-at-rest, preferably in an off-line process; thereafter, at runtime individual encrypted data records are processed as necessary to adjust the private data portions to unique positions prior to batching.

Abstract: An efficient packing method that will optimize use of the homomorphic encryption ciphertext slots, trading-off size, latency, and throughput. Technology for working with tensors (multi-dimensional arrays) in a system that imposes tiles, that is, fixed-size vectors. An example of a system that imposes tiles are homomorphic encryption schemes, where each ciphertext encrypts a vector of some fixed size. The tensors are packed into tiles and then manipulated via operations on those tiles. Also, syntax for notation for describing packing details. This technology interprets the tiles as multi-dimensional arrays, and combines them to cover enough space to hold the tensor. An efficient summation algorithm can then sum over any dimension of this tile tensor construct that exists in the physical or logical addressing space of a computer data memory.

Abstract: An efficient packing method that will optimize use of the homomorphic encryption ciphertext slots, trading-off size, latency, and throughput. Technology for working with tensors (multi-dimensional arrays) in a system that imposes tiles, that is, fixed-size vectors. An example of a system that imposes tiles are homomorphic encryption schemes, where each ciphertext encrypts a vector of some fixed size. The tensors are packed into tiles and then manipulated via operations on those tiles. Also, syntax for notation for describing packing details. This technology interprets the tiles as multi-dimensional arrays, and combines them to cover enough space to hold the tensor. An efficient summation algorithm can then sum over any dimension of this tile tensor construct that exists in the physical or logical addressing space of a computer data memory.

Abstract: Embodiments may include techniques to prevent illegal ciphertexts using distance computations on homomorphic and/or functional encrypted templates while detecting whether the resulting distance does not meet requirements for validity.

Abstract: Embodiments may provide distance computations on homomorphic and/or functional encrypted vectors while detecting whether the resulting distance has wrapped around due to the vectors having elements not in an allowed range. A method of user authentication processing may comprise receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data and at least one additional encrypted vector, receiving an additional template to be used to authenticate the user from the client computer system, authenticating the user using the received additional template using the stored template and the stored at least one additional encrypted vector, and determining that authentication is successful when the received additional template matches the stored template and is valid based on the stored at least one additional encrypted vector.

Abstract: Embodiments may provide techniques to detect cyber-security events in IoT data traffic that provide improved detection accuracy and preservation of privacy.

Abstract: Embodiments may include techniques to prevent illegal ciphertexts using distance computations on homomorphic and/or functional encrypted templates while detecting whether the resulting distance does not meet requirements for validity.

Abstract: Incremental generation of models with dynamic clustering. A first set of data is received. A first set of clusters based on the first set of data is generated. A respective first set of models for the first set of clusters is created. A second set of data is received. A second set of clusters, based on the second set of data and based on a subset of the first set of data, is generated. A respective second set of models for the second set of clusters, based on a subset of the first set of models and based on the second set of data, is created.

Abstract: Embodiments may provide distance computations on homomorphic and/or functional encrypted vectors while detecting whether the resulting distance has wrapped around due to the vectors having elements not in an allowed range. A method of user authentication processing may comprise receiving and storing enrollment information from a client computer system, the enrollment information comprising a template of authentication data and at least one additional encrypted vector, receiving an additional template to be used to authenticate the user from the client computer system, authenticating the user using the received additional template using the stored template and the stored at least one additional encrypted vector, and determining that authentication is successful when the received additional template matches the stored template and is valid based on the stored at least one additional encrypted vector.

Abstract: An example system includes a processor to receive, at a setup or sign-up, a first cipher including a biometric template transformed using a first transformation and encrypted using a secret key, a second cipher including a security vector encrypted using the secret key, a third cipher including the biometric template transformed using a second transformation and encrypted, and a fourth cipher including an encrypted second security vector. The processor can receive, at a runtime or sign-in, a fifth cipher and a sixth cipher. The processor can verify that the fifth cipher includes a second biometric template transformed using the first transformation and encrypted using the secret key and that the sixth cipher includes the second biometric template transformed using the second transformation by testing a format attribute of the transformation functions using comparisons of inner products.

Abstract: A method comprising using at least one hardware processor for: receiving a topic under consideration (TUC) and content relevant to the TUC; detecting one or more claims relevant to the TUC in the content, based on detection of boundaries of the claims in the content; and outputting a list of said detected one or more claims.

Abstract: Embodiments may provide techniques to detect cyber-security events in IoT data traffic that provide improved detection accuracy and preservation of privacy.

Abstract: Embodiments of the present invention may provide the capability to identify security breaches in computer systems from clustering properties of clusters generated based on monitored behavior of users of the computer systems by using techniques that provide improved performance and reduced resource requirements. For example, behavior of users or resources may be monitored and analyzed to generate clusters and train clustering models. Labeling information relating to some user or resource may be received. When users or resources are clustered and when a cluster contains some labeled users/resources then an anomaly score can be determined for a user/resource belonging to the cluster. A user or resource may be detected to be an outlier of at least one cluster to which the user or resource has been assigned, and an alert indicating detection of the outlier may be generated.

Abstract: Setting a budget of alerts for single or multiple risk score types, adjusting a working threshold based on the set budget, wherein adjusting the working threshold is done by defining an reference threshold for an alert, providing a history of recorded risk scores within a budget sliding interval window and adjusting the working threshold such that a number of alerts which would have been provided by the recorded risk scores is calculated to stay within the set budget, and using the adjusted working threshold to normalize and optionally combine incoming risk scores so as to determine whether an incoming risk score should receive an alert.

Abstract: A method comprising using at least one hardware processor for receiving a topic under consideration (TUC); providing the TUC as input to a claim function, wherein the claim function is configured to mine at least one content resource, and applying the claim function to the at least one content resource, to extract claims with respect to the TUC; and providing the TUC as input to a classification function, and applying the classification function to one or more claims of the extracted claims, to output corresponding one or more classification tags, wherein each classification tag is associated with its corresponding claim.

Abstract: A system for detecting cyber security events can include a processor to generate a first set of a plurality of time series and aggregate statistics based on a plurality of properties corresponding to user actions for each user in a set of users. The processor can also separate the set of users into a plurality of clusters based on the first set of the plurality of time series or aggregate statistics for each user and assign an identifier to each of the plurality of clusters. Additionally, the processor can generate a second set of a plurality of time series based on properties of the plurality of clusters, wherein the properties of a cluster correspond to a membership, a diameter, and a centroid and detect an anomaly based on a new value stored in the second set of the time series. Furthermore, the processor can execute a prevention instruction.

Abstract: A method comprising using at least one hardware processor for: receiving a topic under consideration (TUC) and content relevant to the TUC; detecting one or more claims relevant to the TUC in the content, based on detection of boundaries of the claims in the content; and outputting a list of said detected one or more claims.