Abstract: A computer-implemented method for detecting malicious content is disclosed that includes operations of: receiving a character set as an input, converting the input into an integer array containing indexes of each character, and creating an input vector from the integer array, the input vector being a dense numerical representation of the character set. The input vector is passed to a machine learning model to generate a plurality of features based on the character set, the plurality of features comprising at least two of: a length of the character set, a Shannon Entropy of the character set, n-gram similarity score of the character set with English dictionary words, n-gram similarity score of the character set with a set of legitimate domains, and an online web traffic ranking service. A dense input vector is formed by concatenating the plurality of features to the input vector, and then processed to obtain a comparison score.

Abstract: A method for performing federated learning includes initializing, by a server, a global model G0. The server shares G0 with a plurality of participants (N) using a secure communications channel. The server selects n out of N participants, according to filtering criteria, to contribute training for a round r. The server partitions the selected participants n into s groups and informs each participant about the other participants belonging to the same group. The server obtains aggregated group updates AU1, . . . , AUg from each group and compares the aggregated group updates and identifies suspicious aggregated group updates. The server combines the aggregated group updates by excluding the updates identified as suspicious, to obtain an aggregated update Ufinal. The server derives a new global model Gr from the previous model Gr-1 and the aggregated update Ufinal and shares Gr with the plurality of participants.

Abstract: A system for machine learning that is configured to receive an input having a plurality of features and predict one or more attributes of the input. The system includes a security mechanism, which determines an initial value for each of the features; determines a perturbation value for each of the features, the perturbation being randomly selected; adds the perturbation value to the initial value to determine a perturbed value for each of the features; and quantizes the perturbation value for each of the features to determine a quantized value for each of the features. The system also includes a classifier that receives the quantized value for each of the features and predict the one or more attributes of the input based on the quantized value for each of the features.

Abstract: A method for performing federated learning includes initializing, by a server, a global model G0. The server shares G0 with a plurality of participants (N) using a secure communications channel. The server selects n out of N participants, according to filtering criteria, to contribute training for a round r. The server partitions the selected participants n into s groups and informs each participant about the other participants belonging to the same group. The server obtains aggregated group updates AU1, . . . , AUg from each group and compares the aggregated group updates and identifies suspicious aggregated group updates. The server combines the aggregated group updates by excluding the updates identified as suspicious, to obtain an aggregated update Ufinal. The server derives a new global model Gr from the previous model Gr-1 and the aggregated update Ufinal and shares Gr with the plurality of participants.

Abstract: A system for machine learning that is configured to receive an input having a plurality of features and predict one or more attributes of the input. The system includes a security mechanism, which determines an initial value for each of the features; determines a perturbation value for each of the features, the perturbation being randomly selected; adds the perturbation value to the initial value to determine a perturbed value for each of the features; and quantizes the perturbation value for each of the features to determine a quantized value for each of the features. The system also includes a classifier that receives the quantized value for each of the features and predict the one or more attributes of the input based on the quantized value for each of the features.