Abstract: Disclosed herein are systems and method for orchestrating nodes in a blockchain network. In an exemplary aspect, a method may comprise receiving a request to deploy a new node on a device for participation in the blockchain network. The method may comprise detecting missing dependencies on the device by comparing the blockchain network parameters and the deployment requirements of the blockchain network with the set of capabilities and configurations of the device. The method may comprise preconfiguring the new node by packaging the missing dependencies. The method may further comprise determining whether the new node can transact with at least one node of the blockchain network. In response to determining that the new node cannot transact with the at least one node of the blockchain network, the method may comprise troubleshooting deployment of the new node.

Abstract: Disclosed herein are systems and method for detecting unauthorized access to computing resources for cryptomining. In one exemplary aspect, a method may detect that at least one process has been launched on a computer system. In response to the detecting, the method may collect data related to the launch of the at least one process. The method may compare the collected data with behavioral rules specifying compliant behavior on the computer system. The method may identify suspicious behavior associated with the at least one process in response to determining that the collected data does not meet the behavioral rules. The method may generate an alert indicative of the suspicious behavior. In response to identifying the suspicious behavior, the method may obtain telemetry data of the computer system, and may update the behavioral rules based on the telemetry data to improve accuracy of identifying further suspicious behavior.

Abstract: Disclosed herein are systems and method for launching a new node in a blockchain network. In one exemplary aspect, the method may generate a snapshot of a node participating in a blockchain network and storing the snapshot in an archive, wherein the snapshot comprises a blockchain. The method may receive a request to create a new node to participate in the blockchain network. The method may retrieve, from the archive, the snapshot of the node in the blockchain network. The method may create the new node and load the snapshot onto the new node such that the blockchain comprised in the snapshot is imported without downloading or verifying the blocks of the blockchain individually. The method may then synchronize the new node with changes that occurred on the blockchain subsequent to the generation of the snapshot.

Abstract: Disclosed herein are systems and method for orchestrating nodes in a blockchain network. In an exemplary aspect, a method may comprise receiving a request to deploy a new node on a device for participation in the blockchain network. The method may comprise detecting missing dependencies on the device by comparing the blockchain network parameters and the deployment requirements of the blockchain network with the set of capabilities and configurations of the device. The method may comprise preconfiguring the new node by packaging the missing dependencies. The method may further comprise determining whether the new node can transact with at least one node of the blockchain network. In response to determining that the new node cannot transact with the at least one node of the blockchain network, the method may comprise troubleshooting deployment of the new node.

Abstract: Disclosed herein are systems and method for detecting unauthorized access to computing resources for cryptomining. In one exemplary aspect, a method may detect that at least one process has been launched on a computer system. In response to the detecting, the method may collect data related to the launch of the at least one process. The method may compare the collected data with behavioral rules specifying compliant behavior on the computer system. The method may identify suspicious behavior associated with the at least one process in response to determining that the collected data does not meet the behavioral rules. The method may generate an alert indicative of the suspicious behavior. In response to identifying the suspicious behavior, the method may obtain telemetry data of the computer system, and may update the behavioral rules based on the telemetry data to improve accuracy of identifying further suspicious behavior.

Abstract: Disclosed herein are systems and method for launching a new node in a blockchain network. In one exemplary aspect, the method may generate a snapshot of a node participating in a blockchain network and storing the snapshot in an archive, wherein the snapshot comprises a blockchain. The method may receive a request to create a new node to participate in the blockchain network. The method may retrieve, from the archive, the snapshot of the node in the blockchain network. The method may create the new node and load the snapshot onto the new node such that the blockchain comprised in the snapshot is imported without downloading or verifying the blocks of the blockchain individually. The method may then synchronize the new node with changes that occurred on the blockchain subsequent to the generation of the snapshot.

Abstract: A systems and methods of managing user data using clustering patterns based on metadata analysis. The described technique includes receiving file metadata from multiple user devices, where the file metadata is associated with data stored on the plurality of user devices associated with a plurality of users. The technique generates a user metadata fingerprint based on a plurality of user metadata record attributes contained in the file metadata, and determines clustering of the plurality of users based on the generated user metadata fingerprint. The data for the plurality of users may be stored based on the determined clustering.

Abstract: A system and method that automatically configures and adjusts computer systems and computer software (i.e., computer programs), on the basis of data collection and analysis to create usage patterns. An exemplary method includes collecting device information of existing computing devices and user information associated with operation of the existing computing devices. Moreover, the method include analyzing the device information and the user information to generate usage patterns associated with the existing devices. The method then compares device and user information of the computing device with the usage patterns associated with the existing devices to identify an optimal configuration for the computing device. The optimal configuration is used to generate installation instructions and configurations. Finally, the system settings of the computing device are automatically configured based on the instructions and configurations.

Abstract: Disclosed are systems, methods and computer program products for detection of harmful files of different formats. An example method includes: receiving a suspicious file; determining a file format of the suspicious file; determining, using antivirus software, if the suspicious file is clean or harmful; and when the antivirus software fails to determine whether the suspicious file is clean or harmful, selecting, based on at least the file format of the suspicious file, a configuration of a virtual machine for analyzing a maliciousness of the suspicious file by at least: selecting a program associated with the file format of the suspicious file, opening the suspicious file using the associated program in the virtual machine, collecting data of at least one activity on the virtual machine, and analyzing the data to determine the maliciousness of the suspicious file.

Abstract: Disclosed are systems, methods and computer program products for detection of harmful files of different formats. An example method includes: receiving a suspicious file; determining a file format of the suspicious file; determining, using antivirus software, if the suspicious file is dean or harmful; and when the antivirus software fails to determine whether the suspicious file is clean or harmful, selecting, based on at least the file format of the suspicious file, a configuration of a virtual machine for analyzing a maliciousness of the suspicious file by at least: selecting a program associated with the file format of the suspicious file, opening the suspicious file using the associated program in the virtual machine, collecting data of at least one activity on the virtual machine, and analyzing the data to determine the maliciousness of the suspicious file.

Abstract: Disclosed are systems, methods and computer program products for detection of harmful files of different formats. An example method includes determining a suspicious file and a file format of the suspicious file; analyzing the suspicious file by an antivirus software to determine whether the suspicious file is clean or harmful; when the suspicious file is determined to be harmful by the antivirus software, generating a signature of the suspicious file and updating a collection of harmful files with the signature of the suspicious file; and when the suspicious file is not determined to be clean or harmful by the antivirus software, selecting, based on at least the file format of the suspicious file, a configuration of a virtual machine for analysis of the suspicious file, and analyzing the suspicious file by the virtual machine with selected configuration to determine whether the suspicious file is clean or harmful.