Abstract: A computer-implemented method for technologically improving a computer-implemented machine-learning model, the method comprising receiving, by a model, at least a first data record; generating a first score representing a first likelihood that the first data record is associated with a first classification, in response to feedback received from one or more data sources communicating with at least one computing system on which the model is implemented; generating a second score to represent a second likelihood that the first data record is associated with the first classification, in response to the first score being higher than a threshold value.

Abstract: A computer-implemented method includes receiving a new data record associated with a transaction, and generating, using an adaptive model executed by the computer, a score to represent a likelihood that the transaction is associated with fraud. The adaptive model employs feedback from one or more external data sources, the feedback containing information about one or more previous data records associated with fraud and non-fraud by at least one of the one or more external data sources. Further, the adaptive model uses the information about the one or more previous data records as input variables to update scoring parameters used to generate the score for the new data record.

Abstract: A system and method of detecting command and control behavior of malware on a client computer is disclosed. One or more DNS messages are monitored from one or more client computers to a DNS server to determine a risk that one or more client computers is communicating with a botnet. Real-time entity profiles are generated for at least one of each of the one or more client computers, DNS domain query names, resolved IP addresses of query domain names, client computer-query domain name pairs, pairs of query domain name and corresponding resolved IP address, or query domain name-IP address cliques based on each of the one or more DNS messages. Using the real-time entity profiles, a risk that any of the one or more client computers is infected by malware that utilizes DNS messages for command and control or illegitimate data transmission purposes is determined. One or more scores are generated representing probabilities that one or more client computers is infected by malware.

Abstract: A system and method of detecting command and control behavior of malware on a client computer is disclosed. One or more DNS messages are monitored from one or more client computers to a DNS server to determine a risk that one or more client computers is communicating with a botnet. Real-time entity profiles are generated for at least one of each of the one or more client computers, DNS domain query names, resolved IP addresses of query domain names, client computer-query domain name pairs, pairs of query domain name and corresponding resolved IP address, or query domain name-IP address cliques based on each of the one or more DNS messages. Using the real-time entity profiles, a risk that any of the one or more client computers is infected by malware that utilizes DNS messages for command and control or illegitimate data transmission purposes is determined. One or more scores are generated representing probabilities that one or more client computers is infected by malware.

Abstract: A system and method of detecting command and control behavior of malware on a client computer is disclosed. One or more DNS messages are monitored from one or more client computers to a DNS server to determine a risk that one or more client computers is communicating with a botnet. Real-time entity profiles are generated for at least one of each of the one or more client computers, DNS domain query names, resolved IP addresses of query domain names, client computer-query domain name pairs, pairs of query domain name and corresponding resolved IP address, or query domain name-IP address cliques based on each of the one or more DNS messages. Using the real-time entity profiles, a risk that any of the one or more client computers is infected by malware that utilizes DNS messages for command and control or illegitimate data transmission purposes is determined. One or more scores are generated representing probabilities that one or more client computers is infected by malware.

Abstract: A system and method of detecting command and control behavior of malware on a client computer is disclosed. One or more DNS messages are monitored from one or more client computers to a DNS server to determine a risk that one or more client computers is communicating with a botnet. Real-time entity profiles are generated for at least one of each of the one or more client computers, DNS domain query names, resolved IP addresses of query domain names, client computer-query domain name pairs, pairs of query domain name and corresponding resolved IP address, or query domain name-IP address cliques based on each of the one or more DNS messages. Using the real-time entity profiles, a risk that any of the one or more client computers is infected by malware that utilizes DNS messages for command and control or illegitimate data transmission purposes is determined. One or more scores are generated representing probabilities that one or more client computers is infected by malware.

Abstract: A system and method for detecting fraud is presented. A self-calibrating outlier model is hosted by a computing system. The self-calibrating outlier model receives transaction data representing transactions, and is configured to calculate transaction-based variables, profiles and calibration parameters, and to produce a score based on the transaction data according to the transaction-based variables, profiles and calibration parameters. An adaptive cascade model is also hosted by the computing system, and is configured to generate a secondary score for the transaction data based on profile information from the variables and/or profiles calculated by the self-calibrating outlier model, and based on a comparison with labeled transactions from a human analyst of historical transaction data.

Abstract: A system and method for detecting fraud is presented. A self-calibrating outlier model is hosted by a computing system. The self-calibrating outlier model receives transaction data representing transactions, and is configured to calculate transaction-based variables, profiles and calibration parameters, and to produce a score based on the transaction data according to the transaction-based variables, profiles and calibration parameters. An adaptive cascade model is also hosted by the computing system, and is configured to generate a secondary score for the transaction data based on profile information from the variables and/or profiles calculated by the self-calibrating outlier model, and based on a comparison with labeled transactions from a human analyst of historical transaction data.

Abstract: A computer-implemented method includes receiving a new data record associated with a transaction, and generating, using an adaptive model executed by the computer, a score to represent a likelihood that the transaction is associated with fraud. The adaptive model employs feedback from one or more external data sources, the feedback containing information about one or more previous data records associated with fraud and non-fraud by at least one of the one or more external data sources. Further, the adaptive model uses the information about the one or more previous data records as input variables to update scoring parameters used to generate the score for the new data record.

Abstract: Permeability models and methods for creating the models are disclosed. The models include receiving as an input in vitro permeability and structure data for a particular compound. Then the data is mapped to at least one permeability. In some models the data is mapped to a plurality of permeabilities, each associated with a specific region in a mammalian GI tract. Some models may take into consideration solubility, permeability and at least one molecular descriptor associated with the compound of interest.

Abstract: A method for developing a predictive model of a chemical compound property. The method includes obtaining at least one descriptor from structural data for each of a plurality of compounds. At least one chemical compound property is obtained for each of the plurality of compounds. The predictive model is developed by mapping the at least one descriptor to the chemical compound property. The chemical compound property may be an ADME property. The ADME property may be absorption. The chemical compound property may also be an toxicity property.