Abstract: The present disclosure provides method and system for a processor configured to receive, via a communication interface, cellular communication exchanged over at least one cellular network and fixed-network communication exchanged with a router connected to a fixed network. The method and system further correlating between the cellular communication and the fixed-network communication, and computing respective likelihoods for multiple cellular devices having connected to the fixed network via the router. In response to computing the likelihoods, compute one or more estimated properties associated with the router, and output the estimated properties.

Abstract: A method by a computing device implementing an attack analyzer for processing malicious events. The method includes determining a first set of features describing a malicious event detected by a firewall, determining a set of distances using a non-Euclidean distance function and the first set of features, wherein the non-Euclidean distance function is used to determine geographic origin similarity between different Internet Protocol addresses included in the first and second set of features, generating a statistical distribution object using the set of distances, wherein the statistical distribution object includes information describing a cluster that includes at least the malicious event and one or more other malicious events that are determined to be similar to the malicious event in terms of geographic origin, and transmitting information describing the cluster to a management console for presentation to an administrator on a graphical user interface.

Abstract: A method by one or more computing devices for detecting application user anomalies in audit logs of database operations performed on one or more databases. The method includes obtaining a first audit log of database operations, wherein the first audit log indicates (1) which application users of an application caused which of the database operations to be performed and (2) which functions of the application caused which of the database operations to be performed, generating, for each of the application users indicated in the first audit log, a profile of that application user that indicates which of the functions that application user is expected to touch, and detecting an anomaly in response to a determination that a second audit log indicates that an application user touched a function that is not one of the functions indicated in the profile of the application user.

Abstract: A monitoring system that receives messages that are exchanged with the application server. Relationships between users are posited in response to the times at which the messages are received. A relationship between two users may be posited in response to receiving, at approximately the same time, two messages from the application server that are destined, respectively, for the two users. The near-simultaneous receipt of the two messages indicates that the two messages were sent from the server at approximately the same time, which, in turn, indicates that the two messages may correlate with one another. Further indication of a correlation between the messages, which may increase the level of confidence with which the relationship between the two users is posited, may be found by examining the respective sizes of the messages, which indicate the message types.

Abstract: The present disclosure concerns odorants or fragrances dispersing systems, more specifically a system designed for dispersing one or more odorant compositions from one or more odorant canisters that are incorporated within an air filter of an air conditioner system. The system is configured to permit dispensing of one or more odorants in a selective manner as per user-demand.

Abstract: An apparatus includes a processor and split-read control circuitry (SRCC). The processor is to issue a set of one or more split-read requests for loading one or more data values to one or more respective local registers of the processor. The SRCC is to receive the set of one or more split-read requests, to read the one or more data values on behalf of the processor, and to write the data values into the one or more respective local registers. The processor and the SRCC are to coordinate a status of the split-read requests via a split-read-status indication.

Abstract: An apparatus for delivering virtual reality data portions to a client device, including a processing unit configured to perform the following in each one of a plurality of iterations: (1) receive from a network a current orientation data indicating a current orientation of a client device, (2) apply a rotation to a segment of a sphere defined in a virtual reality (VR) video file according to the current orientation, (3) crop from the rotated segment of the sphere in an equirectangular projection format an extended field of view (EFOV) frame in the equirectangular projection format according to the current orientation, and (4) instruct the network to transmit the EFOV frame to the client device.

Abstract: A method by a security system implemented by one or more electronic for detecting attacks on one or more databases. The method includes analyzing database logs of one or more databases to determine transaction characteristics of each of the one or more databases, selecting, for each of a plurality of database accesses to the one or more databases, one or more security rules to apply to that database access, wherein different security rules are selected for different ones of the plurality of database accesses depending on the determined transaction characteristics of the database being accessed, and causing, for each of the plurality of database accesses, the one or more security rules selected for that database access to be applied to that database access.

Abstract: As described herein, a system, method, and computer program are provided for artificial intelligence (AI) driven automation of application testing. In use, one or more input data sources for an application are processed, using AI, to determine one or more automation objects or nuggets of the application. Supported application or platforms includes Web, API, Mobile devices, Windows or desktop application, power builder applications. Additionally, automated testing is created for the application, based on one or more elements displayed in the application. The system also supports detecting a failure of the automated testing, by identifying the changes in the application elements or nuggets. Failures of the automation can be automatically fixed and deployed to all the impacted automation scripts.

Abstract: A method by a web application layer proxy for predictively activating security rules to protect one or more web application servers from attacks by one or more web application clients. The method includes applying a set of security rules to web application layer requests received from the one or more web application clients that are intended for the one or more web application servers, determining a set of recently triggered security rules, where the set of recently triggered security rules includes those security rules in the set of security rules that were triggered within a most recent period of time, applying a prediction model to the set of recently triggered security rules to determine one or more security rules that are predicted to be triggered, and activating the one or more security rules.

Abstract: A method by one or more runtime agents protecting a web application for capturing contextual information for data accesses. The method includes determining first metadata associated with a web application layer request sent by a web application firewall to the web application, determining second metadata associated with the web application layer request based on information available to the web application, serializing the first metadata and the second metadata to generate serialized metadata, and adding the serialized metadata to a database query that is to be submitted by the web application to the database server, wherein execution of the database query that includes the serialized metadata by the database server is to cause the database activity monitor to store the serialized metadata and third metadata associated with the database query determined by the database activity monitor in a data storage.

Abstract: A method by a network device for assigning data types to data values included in application programming interface (API) responses sent by an API server to one or more API clients via an API. The method includes obtaining a first set of API responses from an endpoint of the API, generating a profile for the endpoint of the API based on analyzing the first set of API responses, where the profile of the endpoint indicates an expected structure of API responses and expected data types associated with data fields included in API responses, obtaining a second set of API responses, and using the profile of the endpoint of the API to assign data types to data values included in API responses in the second set of API responses.

Abstract: A method for protecting information from databases includes a web application firewall and a database activity monitor. According to one aspect, a web gateway receives a request from a client device and provides the request to an application server to query a database. The web gateway receives sensitive data information describing requested data output by the database. The sensitive data information may include, for example, hints for detecting a type or structure of sensitive data output by the database. Additionally, the web gateway receives response data from the application server. The web gateway identifies sensitive data within the response data based on the sensitive data information. The web gateway protects the sensitive data to be provided to the client device using one or more data protection operations, which may include alerts, blocking policies, masking, or anomaly detection using machine learning algorithms.

Abstract: A computer system includes a volatile memory and at least one processor. The volatile memory includes a protected storage segment (PSS) configured to store firmware-authentication program code for authenticating firmware of the computer system. The at least one processor is configured to receive a trigger to switch to a given version of the firmware, to obtain, in response to the trigger, a privilege to access the PSS, to authenticate the given version of the firmware by executing the firmware-authentication program code from the PSS, to switch to the given version of the firmware upon successfully authenticating the given version, and to take an alternative action upon failing to authenticate the given version.

Abstract: A method by one or more network devices for providing obfuscated code to web application clients. The method includes determining a configuration utilized by a web application client based on a header of a web application layer request generated by the web application client, selecting, for providing to the web application client with a web application layer response corresponding to the web application layer request, an obfuscated code from a plurality of obfuscated codes for the configuration utilized by the web application client, where the plurality of obfuscated codes for the configuration utilized by the web application client provide the same intended functionality but are obfuscated differently from each other, and providing the selected obfuscated code to the web application client with the web application response.

Abstract: A method includes monitoring web traffic until a threshold of network traffic is collected. The method further includes determining a number of location characteristics corresponding to the network traffic. The method further includes monitoring traffic information corresponding to the number of location characteristics until a threshold of traffic information is collected. The method further includes determining a number of location content flags corresponding to the traffic information. The method further includes generating, by a processing device, a location profile based on the number of location characteristics and the number of content flags. The method further includes blocking impermissible web traffic from reaching a client device based on the location profile.

Abstract: A method by a network device for detecting data in a data stream. The method includes receiving the data stream, where the data stream includes a sequence of original characters, generating a sequence of type-mapped characters corresponding to the sequence of original characters, converging each of two or more consecutive occurrences of a first character in the sequence of type-mapped characters into a single occurrence of the first character, searching for occurrences of one or more predefined sequences of characters in the sequence of type-mapped characters, and responsive to finding an occurrence of any of the one or more predefined sequences of characters, extracting a sequence of characters in the sequence of original characters corresponding to the occurrence of the predefined sequence of characters found in the sequence of type-mapped characters.

Abstract: A method by one or more computing devices to classify data values into data types. The method includes receiving a data value to be classified, determining one or more features of the data value, generating feature information associated with the data value that includes information regarding the determined one or more features of the data value, performing one or more matching operations for the data value, generating match information associated with the data value that includes information regarding results of performing the one or more matching operations for the data value, and providing the feature information associated with the data value and the match information associated with the data value to a content-based data type classifier that is to classify the data value based on analyzing the feature information associated with the data value and the match information associated with the data value.

Abstract: A monitoring system that receives messages that are exchanged with the application server. Relationships between users are posited in response to the times at which the messages are received. A relationship between two users may be posited in response to receiving, at approximately the same time, two messages from the application server that are destined, respectively, for the two users. The near-simultaneous receipt of the two messages indicates that the two messages were sent from the server at approximately the same time, which, in turn, indicates that the two messages may correlate with one another. Further indication of a correlation between the messages, which may increase the level of confidence with which the relationship between the two users is posited, may be found by examining the respective sizes of the messages, which indicate the message types.

Abstract: As described herein, a system, method, and computer program are provided for orchestrating automatic software testing. In use, an interface to a plurality of different testing tools is provided, where each testing tool of the plurality of different testing tools usable for performing one or more testing-related tasks. Additionally, information describing a software project is identified. Further, use of the plurality of different testing tools is orchestrated to provide automated testing for the software project.