Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: Methods, apparatuses, and storage media storing instructions for classifying text documents are provided. A plurality of text documents is obtained. The plurality of text documents is classified into one or more document categories based on a plurality of classification rules. Each of the one or more document categories include one or more first text documents of the plurality of text documents. A second text document of the plurality of text documents is classified based on the plurality of classification rules as belonging to none of the one or more document categories. One or more document fingerprints are generated for respective first text documents in the one or more document categories. The second text document is classified into one of the one or more document categories based on the one or more document fingerprints.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: A first data tree and a second data tree may be accessed. The first data tree may include a first set of directory nodes and a first set of file nodes, and the second data tree may include a second set of directory nodes and a second set of file nodes. The first data tree may be converted into a first data tree file, and the second data tree may be converted into a second data tree file. A delta for the first data tree and the second data tree may be generated based on a comparison of the first data tree file and the second data tree file.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: Systems and methods for vehicle identification are described herein. A set of vehicle identification information may be obtained from a set of autonomous vehicles. Individual vehicle identification information may convey identifications of one or more vehicles and locations of the one or more vehicles. Vehicle context information for individual vehicles may be determined from the set of vehicle identification information. The vehicle context information for the individual vehicles may describe a context of the individual vehicles. The context may include one or a combination of a speed of travel, a direction of travel, a trajectory, or an identity profile.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for security analysis are provided. One of the methods includes: determining a data risk value for data of an endpoint based on a number of classified files within the data and a type of classified files within the data; determining an endpoint risk value for the endpoint based on a user risk value and a cyber security risk value; determining a channel risk value for a set of channels through which the data is conveyable by the endpoint based on a number of channels within the set of channels and a type of channels within the set of channels; and rendering a map showing a security risk level of the endpoint, wherein the security risk level is based on the data risk value, the endpoint risk value, and the channel risk value.

Abstract: Systems and methods for vehicle identification are described herein. A set of vehicle identification information may be obtained from a set of autonomous vehicles. Individual vehicle identification information may convey identifications of one or more vehicles and locations of the one or more vehicles. Vehicle context information for individual vehicles may be determined from the set of vehicle identification information. The vehicle context information for the individual vehicles may describe a context of the individual vehicles. The context may include one or a combination of a speed of travel, a direction of travel, a trajectory, or an identity profile.

Abstract: Methods, apparatuses, and storage media storing instructions for scanning electronically-stored files are provided. A file stored in a computer-readable storage medium is scanned. Based on the scanning, a common analysis is performed on the file for two or more software functions. Based on the scanning, a software function-specific analysis is performed on the file for a respective software function. Two or more decisions on the file is made for the two or more software functions based on the common analysis and the software function-specific analysis.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: Fingerprints of file node(s) within a first data tree and file node(s) within a second data tree may be generated. The first data tree may include a first set of directory nodes and a first set of file nodes. The second data tree may include a second set of directory nodes and a second set of file nodes. A delta between the first data tree and the second data tree may be generated based on a first classification of similarity between the first set of file nodes and the second set of file nodes, a second classification of similarity between the first set of directory nodes and the second set of directory nodes, and file-node delta(s) between file node(s) of the first set of file nodes and file node(s) of the second set of file nodes. The file-node delta(s) determined based on two or more of the fingerprints.

Abstract: A string of characters within a file may be obtained. A first sequence may be selected from the string of characters. A first hash may be generated based on the first sequence. A second sequence may be selected from the string of characters based on the first sequence. The second sequence may be shifted from the first sequence. A second hash may be generated based on the second sequence. A fingerprint for the file may be generated based on the first hash and the second hash.

Abstract: Similarity between files nodes of two data tree may be classified based on file names, file paths, and file values. Similarity between directory nodes of two data trees. Responsive to similarity between a file node of a data tree being classified within a no match level: (1) a matching file node of the other data tree may be identified based fingerprints, and (2) a file-node delta may be determined between the file node and the matching file node. A delta between the two data trees may be generated based on the classification of similarity between the file nodes, the classification of similarity between the directory nodes, and the file-node delta.

Abstract: A first data tree may include a first set of directory nodes and a first set of file nodes. A second data tree may include a second set of directory nodes and a second set of file nodes. Similarity between the first set of file nodes and the second set of file nodes may be classified based on file names, file paths, and file values. Similarity between the first set of directory nodes and the second set of directory nodes may be classified based on directory names, directory paths, nested folders, and included files. A delta between the first data tree and the second data tree may be generated based on the classification of similarity between the first set of file nodes and the second set of file nodes and the classification of similarity between the first set of directory nodes and the second set of directory nodes.

Abstract: Methods, apparatuses, and storage media storing instructions for classifying text documents are provided. A plurality of text documents is obtained. The plurality of text documents is classified into one or more document categories based on a plurality of classification rules. Each of the one or more document categories include one or more first text documents of the plurality of text documents. A second text document of the plurality of text documents is classified based on the plurality of classification rules as belonging to none of the one or more document categories. One or more document fingerprints are generated for respective first text documents in the one or more document categories. The second text document is classified into one of the one or more document categories based on the one or more document fingerprints.

Abstract: Methods, apparatuses, and storage media storing instructions for scanning electronically-stored files are provided. A file stored in a computer-readable storage medium is scanned. Based on the scanning, a common analysis is performed on the file for two or more software functions. Based on the scanning, a software function-specific analysis is performed on the file for a respective software function. Two or more decisions on the file is made for the two or more software functions based on the common analysis and the software function-specific analysis.

Abstract: Password information and password input pattern information for a user may be obtained. The password information may define a password submitted by the user. The password input pattern information may define an input pattern with which the password was inputted by the user. The password may be compared with a predefined password for the user. The input pattern may be compared with a predefined input pattern for the user. The password may be authenticated based on a first match between the password and the predefined password and a second match between the input pattern and the predefined input pattern.

Abstract: Systems and methods for managing networked communication sessions are described herein. A processor may obtain, by a driver running in a first operating mode of the one or more processors, session information and content information from a client application to be communicated to an external entity over a network. The processor may redirect, by the driver, the session information and the content information to a local proxy running in a second operating mode of the one or more processors via a local listening port of the local proxy. The redirecting may comprise modifying the session information to generate modified session information. The processor may obtain, at the local proxy, the modified session information and the content information. The processor may establish a communication channel between the local proxy and the external entity by modifying the modified session information to communicate the content information to the external entity.

Abstract: Event information of a computing device is obtained. The event information characterizes events occurring at the computing device. Two or more of the events are grouped into an event group. The event group defines an activity. The event group is classified to classify the activity. The activity and one or more related activities are chained into a sequence. The sequence defines a behavior. Context is added to the sequence to determine a contextual behavior. A security threat is detected based on the contextual behavior.