Abstract: A system, method and computer program product for training a deep neural network. The deep neural network can be trained using a learning process that is defined to optimize both an error function of the deep neural network as well as a network mapping function of the deep neural network. The network mapping function can represent a predicted label distribution geometry property of the deep neural network. This learning process can improve the accuracy of the trained deep neural network model as well as its robustness again adversarial attacks. Optimizing the network mapping function can also provide increased insight into the operation of the trained deep neural network model, which may promote increased interpretability of the trained model and thus encourage uptake of the trained model.

Abstract: A system, method and computer program product for training a deep neural network. The deep neural network can be trained to minimize an entropy constrained objective function that is defined to constrain the entropy of the weight parameters of the deep neural network. The objective function can be defined to jointly minimize the loss of the deep neural network in performing prediction functions and an entropy of the quantized weight parameters of the deep neural network. The objective function can be defined to also minimize the entropy of quantized activations of the deep neural network. This can provide an improved trade-off between the prediction accuracy of the deep neural network and the compression achievable when encoding the deep neural network.

Abstract: A system, method and computer program product for protecting a deep neural network image classifier against receiving perturbed images. A plurality of watermark bits are embedded into an original digital image intended for the deep neural network image classifier. The watermarked image is transmitted through a potentially adversarial environment. A potentially perturbed image intended for the deep neural network image classifier is received from the potentially adversarial environment. The potentially perturbed image is determined to be an adversely modified or benign image by determining whether the potentially perturbed image includes a plurality of embedded bits matching the plurality of watermark bits embedded into the original digital image. The potentially perturbed image is prevented from being provided to the deep neural network image classifier in response to determining that the potentially perturbed image is the adversely modified image.

Abstract: Method, device and computer program product for providing quarantined workspaces. A virtualization application operates on a host to simulate a virtual guest. A management application operates within the virtual guest. The management application controls transmission between guest applications and locations external to the virtual guest. The management application stores encryption keys inaccessible to the host. The management application intercepts attempted transmissions from guest applications to locations outside the virtual guest. Secure data files are identified in the attempted transmissions and encrypted before leaving the virtual guest using the encryption keys. The management application also prevents any unencrypted data from being provided to non-kernel host processes that have not been previously identified as permitted host processes while allowing unencrypted data transmission from the non-kernel host processes to any of the guest application processes.

Abstract: Systems and method are provided for data self-protection. The systems and methods may involve installing a sentry on a computer system, the sentry including a file system filter installed on a kernel of that computer system; providing a central sentry platform in communication with the sentry, operating the central sentry platform to send a data self-protection policy to the sentry, the data self-protection policy being encrypted so that it can only be modified by the central sentry platform; operating the file system filter to control access to encrypted data stored on the computer system, by, for each process making a file access request to the encrypted data, the file system filter receiving and handling that file access request according to the data self-protection policy; and, operating the central sentry platform to monitor the sentry and to receive information from the sentry regarding access to the encrypted data.

Abstract: Method, device and computer program product for managing a plurality of encryption keys using a keystore seed that defines a seed bit set. A key management process defines a key mapping between the seed bit set and the plurality of encryption keys. The key management process enables each encryption key to be generated from the seed bit set using a corresponding keying material value and the key mapping. The key mapping specifies that an encryption key is generated by partitioning the seed bit set into a plurality of seed bit partitions, determining a keying value from the keying material value, determining a key sequence using the plurality of seed bit partitions and the keying value, and determining the encryption key from the key sequence. Management of a large number of encryption keys can be simplified through indirect management via the keystore seed and the key management process.

Abstract: The described embodiments relate to data protection methods, systems, and computer program products. A process-based encrypted data access policing system is proposed based on methods of encrypted data file management, process authentication and authorization, Trojan detection for authorized processes, encryption key generation and caching, and encrypted-file cache management. The process-based encrypted data access policing system may be implemented as a kernel level file system filter and a user-mode filter companion application, which polices the reading/writing of encrypted data in either a server system or an endpoint computer and protects data from data breaches and known or unknown attacks including ransomware and/or phishing attacks.

Abstract: A system, method and computer program product for protecting a deep neural network image classifier against receiving perturbed images. A plurality of watermark bits are embedded into an original digital image intended for the deep neural network image classifier. The watermarked image is transmitted through a potentially adversarial environment. A potentially perturbed image intended for the deep neural network image classifier is received from the potentially adversarial environment. The potentially perturbed image is determined to be an adversely modified or benign image by determining whether the potentially perturbed image includes a plurality of embedded bits matching the plurality of watermark bits embedded into the original digital image. The potentially perturbed image is prevented from being provided to the deep neural network image classifier in response to determining that the potentially perturbed image is the adversely modified image.

Abstract: An access control system includes a processor configured to provide a trusted execution environment isolated from a rich execution environment. A rich OS operates in the rich execution environment while a trusted OS operates in the trusted execution environment. A plurality of protected data files are stored in non-volatile memory. When a process requests access to a protected data file, the computer system can permit the requesting process to access the requested data file only if a validated application token is present that corresponds to the requesting process. An application token is generated for the associated application by: detecting initiation of a first process associated with the associated application; determining that a valid user code is available within the trusted execution environment; and generating the application token using the valid user code upon determining that the valid user code is available within the trusted execution environment.

Abstract: An access control system includes a processor configured to provide a trusted execution environment isolated from a rich execution environment. A rich OS operates in the rich execution environment while a trusted OS operates in the trusted execution environment. An access monitoring module operates within the kernel of the rich OS and a trusted application operates in the trusted OS. The access monitoring module intercepts file requests directed at the file systems of the rich OS, and forwards the file requests to the trusted application. The trusted application then evaluates whether the file request is permitted and provides the access monitoring module with a response. The access monitoring module forwards the request to the file system only if the trusted application approves the request.

Abstract: Method, device and computer program product for providing quarantined workspaces. A virtualization application operates on a host to simulate a virtual guest. A management application operates within the virtual guest. The management application controls transmission between guest applications and locations external to the virtual guest. The management application stores encryption keys inaccessible to the host. The management application intercepts attempted transmissions from guest applications to locations outside the virtual guest. Secure data files are identified in the attempted transmissions and encrypted before leaving the virtual guest using the encryption keys. The management application also prevents any unencrypted data from being provided to non-kernel host processes that have not been previously identified as permitted host processes while allowing unencrypted data transmission from the non-kernel host processes to any of the guest application processes.

Abstract: Systems and method are provided for data self-protection. The systems and methods may involve installing a sentry on a computer system, the sentry including a file system filter installed on a kernel of that computer system; providing a central sentry platform in communication with the sentry, operating the central sentry platform to send a data self-protection policy to the sentry, the data self-protection policy being encrypted so that it can only be modified by the central sentry platform; operating the file system filter to control access to encrypted data stored on the computer system, by, for each process making a file access request to the encrypted data, the file system filter receiving and handling that file access request according to the data self-protection policy; and, operating the central sentry platform to monitor the sentry and to receive information from the sentry regarding access to the encrypted data.

Abstract: Method, device and computer program product for managing a plurality of encryption keys using a keystore seed that defines a seed bit set. A key management process defines a key mapping between the seed bit set and the plurality of encryption keys. The key management process enables each encryption key to be generated from the seed bit set using a corresponding keying material value and the key mapping. The key mapping specifies that an encryption key is generated by partitioning the seed bit set into a plurality of seed bit partitions, determining a keying value from the keying material value, determining a key sequence using the plurality of seed bit partitions and the keying value, and determining the encryption key from the key sequence. Management of a large number of encryption keys can be simplified through indirect management via the keystore seed and the key management process.

Abstract: An access control system includes a processor configured to provide a trusted execution environment isolated from a rich execution environment. A rich OS operates in the rich execution environment while a trusted OS operates in the trusted execution environment. A plurality of protected data files are stored in non-volatile memory. When a process requests access to a protected data file, the computer system can permit the requesting process to access the requested data file only if a validated application token is present that corresponds to the requesting process. An application token is generated for the associated application by: detecting initiation of a first process associated with the associated application; determining that a valid user code is available within the trusted execution environment; and generating the application token using the valid user code upon determining that the valid user code is available within the trusted execution environment.

Abstract: An access control system includes a processor configured to provide a trusted execution environment isolated from a rich execution environment. A rich OS operates in the rich execution environment while a trusted OS operates in the trusted execution environment. An access monitoring module operates within the kernel of the rich OS and a trusted application operates in the trusted OS. The access monitoring module intercepts file requests directed at the file systems of the rich OS, and forwards the file requests to the trusted application. The trusted application then evaluates whether the file request is permitted and provides the access monitoring module with a response. The access monitoring module forwards the request to the file system only if the trusted application approves the request.

Abstract: The described embodiments relate to method and products for organizing a plurality of images. Specifically, the methods and products can automatically organize a plurality of images into a plurality of groups of images using allocation criteria. The allocation criteria for each image include a similarity distance between that image and at least one other image that measures how similar those images are. Each image can be allocated to at least one similar image group based on the similarity distance. The methods and products can also be used to visualize and display representative images for each of the groups of images.

Abstract: The described embodiments relate to method and products for organizing a plurality of images. Specifically, the methods and products can automatically organize a plurality of images into a plurality of groups of images using allocation criteria. The allocation criteria for each image include a similarity distance between that image and at least one other image that measures how similar those images are. Each image can be allocated to at least one similar image group based on the similarity distance. The methods and products can also be used to visualize and display representative images for each of the groups of images.

Abstract: Systems, methods and computer program products for determining perceptual similarity between independent images are described. The described systems, methods and computer program products use a similarity distance to determine the perceptual similarity between a first image having a first arrangement of pixels and a second image having a second arrangement of pixels. A processor can determine a first image array corresponding to the first arrangement of pixels and a second image array corresponding of the second arrangement of pixels. The processor can generate a first pixel group set based on the first image array and a second pixel group set based on the second image array. A plurality of pixel group pairs can be generated, and each pixel group pair can be associated with a corresponding pixel group pair distortion. The similarity distance between the first image and the second image can be determined based on the plurality of pixel group pair distortions.

Abstract: The described embodiments relate to data protection methods, systems, and computer program products. A process-based encrypted data access policing system is proposed based on methods of encrypted data file management, process authentication and authorization, Trojan detection for authorized processes, encryption key generation and caching, and encrypted-file cache management. The process-based encrypted data access policing system may be implemented as a kernel level file system filter and a user-mode filter companion application, which polices the reading/writing of encrypted data in either a server system or an endpoint computer and protects data from data breaches and known or unknown attacks including ransomware and/or phishing attacks.

Abstract: Methods and devices for encoding a sparse signal x to generate a compressed encoded signal. The methods employ directionless grammar-based dimension coding. Using labelled subsets and the finding of disjoint repeated subsets in order to build a directionless grammar, the non-zero positions of the sparse signal are encoded in a directionless grammar-based dimension encoder. Element values are encoded in a conditional non-zero encoder. The coding process facilitates random access.