Abstract: A method of forming an anomaly detection monitor includes obtaining data samples of operations performed on an application by a plurality of users and detecting, by a processor, anomalous behavior associated with a target user of the plurality of users with respect to the application based on a portion of the data samples associated with the target user and a portion of the data samples associated with a second user of the plurality of users, different from the target user.

Abstract: One or more computer processors determine a tolerance value, and a norm value associated with an untrusted model and an adversarial training method. The one or more computer processors generate a plurality of interpolated adversarial images ranging between a pair of images utilizing the adversarial training method, wherein each image in the pair of images is from a different class. The one or more computer processors detect a backdoor associated with the untrusted model utilizing the generated plurality of interpolated adversarial images. The one or more computer processors harden the untrusted model by training the untrusted model with the generated plurality of interpolated adversarial images.

Abstract: Described herein is a computer implemented method for generating a webpage. The method comprises creating, by a first application, a first application-specific state store, storing an initial value of a first application-specific field therein, and displaying the initial value in a first user interface element. In addition, the first application creates a field values store to be used by the first application and a second application of the webpage. The first application stores an initial value of a first common field in the field values store. The initial value of the first common field is then displayed by the first application in a second user interface element and by the second application in a third user interface element.

Abstract: A computer system, computer program product, and computer implemented method to enhance robustness an artificial neural network through obfuscation. One or more high frequency and low amplitude elements are added to the artificial neural network. The added elements provide a defense mechanism to the artificial network, thereby functioning as a security mechanism against an adversarial attack.

Abstract: Described herein is a computer implemented method for managing a repository that includes one or more component packages and a repository configuration file listing repository dependencies. Each component package has a package configuration file listing package dependencies. The method including the steps of: parsing the repository configuration file; aliasing a package dependency listed in the repository configuration file with at least two repository dependency aliases; parsing a package configuration file; and linking each repository dependency alias to a package dependency listed in the package configuration file.

Abstract: Techniques for performing matrix multiplication in a data processing apparatus are disclosed, comprising apparatuses, matrix multiply instructions, methods of operating the apparatuses, and virtual machine implementations. Registers, each register for storing at least four data elements, are referenced by a matrix multiply instruction and in response to the matrix multiply instruction a matrix multiply operation is carried out. First and second matrices of data elements are extracted from first and second source registers, and plural dot product operations, acting on respective rows of the first matrix and respective columns of the second matrix are performed to generate a square matrix of result data elements, which is applied to a destination register. A higher computation density for a given number of register operands is achieved with respect to vector-by-element techniques.

Abstract: Reducing attack surface by selectively collocating applications on host computers is provided. System resources utilized by each application running in a plurality of host computers of a data processing environment are measured. Which applications running in the plurality of host computers that utilize similar system resources are determined. Those applications utilizing similar system resources are collocated on respective host computers.

Abstract: Multiple execution traces of an application are accessed. The multiple execution traces have been collected at a basic block level. Basic blocks in the multiple execution traces are scored. Scores for the basic blocks represent benefits of performing binary slimming at the corresponding basic blocks. Runtime binary slimming is performed of the application based on the scores of the basic blocks.

Abstract: Coherency control circuitry (10) supports processing of a safe-speculative-read transaction received from a requesting master device (4). The safe-speculative-read transaction is of a type requesting that target data is returned to a requesting cache (11) of the requesting master device (4) while prohibiting any change in coherency state associated with the target data in other caches (12) in response to the safe-speculative-read transaction. In response, at least when the target data is cached in a second cache associated with a second master device, at least one of the coherency control circuitry (10) and the second cache (12) is configured to return a safe-speculative-read response while maintaining the target data in the same coherency state within the second cache. This helps to mitigate against speculative side-channel attacks.

Abstract: Unused instructions and no longer used instructions in a target application binary are determined. The target application binary is rewritten before and after runtime execution of the target application binary to remove the unused and no longer used instructions to reduce binary attack surface area for the runtime execution of the target application binary. Methods, computer systems, and computer program products are disclosed.

Abstract: Techniques are disclosed relating to automating authentication decisions for a multi-factor authentication scheme based on computer learning. In disclosed embodiments, a mobile device receives a first request corresponding to a factor in a first multi-factor authentication procedure. Based on user input approving or denying the first request, the mobile device sends a response to the first request and stores values of multiple parameters associated with the first request. The mobile device receives a second request corresponding to a factor in a second multi-factor authentication procedure where the second request is for authentication for a different account than the first request. The mobile device automatically generates an approval response to the second request based on performing a computer learning process on inputs that include values of multiple parameters for the second request and the stored values of the multiple parameters associated with the first request.

Abstract: A data processing apparatus is provided which controls the use of data in respect of a further operation. The data processing apparatus identifies whether data is trusted or untrusted by identifying whether or not the data was determined by a speculatively executed resolve-pending operation. A permission control unit is also provided to control how the data can be used in respect of a further operation according to a security policy while the speculatively executed operation is still resolve-pending.

Abstract: A coating composition includes: (a) an acid functional polyol polymer having an acid value of greater than 9 mg KOH/g and less than 60 mg KOH/g, and a hydroxyl value of from 100 to 300 mg KOH/g; (b) a non-aminoplast derived crosslinker reactive with the acid functional polyol polymer; and (c) a non-aqueous liquid medium. Further, an equivalent ratio of functional groups on the crosslinker reactive with hydroxyl functional groups to hydroxyl functional groups on the acid functional polyol polymer is within a range of from 0.5 to 1.5. The coating composition is substantially free of an external catalyst. The coating composition cures at a temperature of less than 80° C.

Abstract: A method for anomaly detection on a system or application used by a plurality of users includes providing an access to a memory device storing user data samples of a usage of the system or application for all users of the plurality of users. A target user is selected from among the plurality of users, using a processor on a computer, with data samples of the target user forming a cluster of data points in a data space. The data samples for the target user are used to generate a normal sample data set as training data set for training a model for an anomaly detection monitor for the target user. A local outlier factor (LOF) function is used to generate an abnormal sample data set for training the anomaly detection monitor for the target user.

Abstract: A method, system, and computer-usable medium for analyzing security data formatted in STIX™ format. Data related to actions performed by one or more users is captured. Individual tasks, such as analytics or extract, transform, load (ETL) tasks related to the captured data is created. Individual tasks are registered to a workflow for executing particular security threat or incident analysis. The workflow is executed and visualized to perform the security threat or incident analysis.

Abstract: One or more execution traces of an application are accessed. The one or more execution traces have been collected at a basic block level. Basic blocks in the one or more execution traces are scored. Scores for the basic blocks represent benefits of performing binary slimming at the corresponding basic blocks. Runtime binary slimming is performed of the application based on the scores of the basic blocks.

Abstract: A system and method for collaboratively creating an automatically assembled movie is presented herein. The system and method includes identifying a predefined movie script, wherein the predefined movie script defines or includes a plurality of character roles, and for each of the plurality of character roles, includes at least one clip request. Users of the system and method are invited to join a movie making group, and once joined, are assigned to one of the character roles. For each of the character roles, the system and method will receive a raw or pre-processed media clip recorded by the user's device and which corresponds with the clip request. The pre-processed media clips are then automatically processed by the system and method according to script rules by applying filters or visual effects. The processed media files are the automatically combined according to script rules to create the final movie.

Abstract: One embodiment provides a method comprising receiving a training set comprising a plurality of data points, where a neural network is trained as a classifier based on the training set. The method further comprises, for each data point of the training set, classifying the data point with one of a plurality of classification labels using the trained neural network, and recording neuronal activations of a portion of the trained neural network in response to the data point. The method further comprises, for each classification label that a portion of the training set has been classified with, clustering a portion of all recorded neuronal activations that are in response to the portion of the training set, and detecting one or more poisonous data points in the portion of the training set based on the clustering.

Abstract: Managing passwords is provided. A machine training process is performed using a set of existing passwords to train a machine learning component. Members of a set of semantic categories are used to categorize respective passwords in the set of existing passwords. Password strengths corresponding to a set of candidate passwords are evaluated using the machine learning component. A resource is secured with a candidate password having a password strength greater than or equal to a defined password strength threshold level.

Abstract: A method, apparatus and computer program product to defend learning models that are vulnerable to adversarial example attack. It is assumed that data (a “dataset”) is available in multiple modalities (e.g., text and images, audio and images in video, etc.). The defense approach herein is premised on the recognition that the correlations between the different modalities for the same entity can be exploited to defend against such attacks, as it is not realistic for an adversary to attack multiple modalities. To this end, according to this technique, adversarial samples are identified and rejected if the features from one (the attacked) modality are determined to be sufficiently far away from those of another un-attacked modality for the same entity. In other words, the approach herein leverages the consistency between multiple modalities in the data to defend against adversarial attacks on one modality.