Abstract: Multiple search patterns may be obtained. Characters within the multiple search patterns may be included within multiple alphabets. A pool including the characters within the multiple search patterns may be defined. A pointer for text to be searched may be set. Whether a character of the text corresponding to the pointer matches any character within the pool may be determined. Based on the character of the text corresponding to the pointer matching any character within the pool, a first portion of the text may be selected for a search of the multiple search patterns. Based on the character of the text corresponding to the pointer not matching any character within the pool, a second portion of the text may be skipped from the search of the multiple search patterns.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for evaluating teamwork are provided. One of the methods includes: obtaining a plurality of electronic communications among a plurality of team members from one or more computing devices supporting the electronic communications; determining a score for each of the plurality of electronic communications; and aggregating a plurality of the scores to obtain an evaluation of teamwork among the plurality of team members.

Abstract: A first data tree and a second data tree may be accessed. The first data tree may include a first set of directory nodes and a first set of file nodes, and the second data tree may include a second set of directory nodes and a second set of file nodes. The first data tree may be converted into a first data tree file, and the second data tree may be converted into a second data tree file. A delta for the first data tree and the second data tree may be generated based on a comparison of the first data tree file and the second data tree file.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: Systems and methods for vehicle identification are described herein. A set of vehicle identification information may be obtained from a set of autonomous vehicles. Individual vehicle identification information may convey identifications of one or more vehicles and locations of the one or more vehicles. Vehicle context information for individual vehicles may be determined from the set of vehicle identification information. The vehicle context information for the individual vehicles may describe a context of the individual vehicles. The context may include one or a combination of a speed of travel, a direction of travel, a trajectory, or an identity profile.

Abstract: A first data tree of a first version of the software and a second data tree of a second version of the software may be provided. The first data tree may be converted into a first data tree file, and the second data tree may be converted into a second data tree file. A delta for the first data tree and the second data tree may be generated based on a comparison of the first data tree file and the second data tree file. The delta may be packaged for provision to a client-side agent. The client-side agent may be configured to modify a client-side version of the software based on the delta.

Abstract: Similarity between files nodes of two data tree may be classified based on file names, file paths, and file values. Similarity between directory nodes of two data trees. Responsive to similarity between a file node of a data tree being classified within a no match level: (1) a matching file node of the other data tree may be identified based fingerprints, and (2) a file-node delta may be determined between the file node and the matching file node. A delta between the two data trees may be generated based on the classification of similarity between the file nodes, the classification of similarity between the directory nodes, and the file-node delta.

Abstract: Systems and methods for managing networked communication sessions are described herein. A processor may obtain, by a driver running in a first operating mode of the one or more processors, session information and content information from a client application to be communicated to an external entity over a network. The processor may redirect, by the driver, the session information and the content information to a local proxy running in a second operating mode of the one or more processors via a local listening port of the local proxy. The redirecting may comprise modifying the session information to generate modified session information. The processor may obtain, at the local proxy, the modified session information and the content information. The processor may establish a communication channel between the local proxy and the external entity by modifying the modified session information to communicate the content information to the external entity.

Abstract: A first data tree may include a first set of directory nodes and a first set of file nodes. A second data tree may include a second set of directory nodes and a second set of file nodes. Similarity between the first set of file nodes and the second set of file nodes may be classified based on file names, file paths, and file values. Similarity between the first set of directory nodes and the second set of directory nodes may be classified based on directory names, directory paths, nested folders, and included files. A delta between the first data tree and the second data tree may be generated based on the classification of similarity between the first set of file nodes and the second set of file nodes and the classification of similarity between the first set of directory nodes and the second set of directory nodes.

Abstract: Fingerprints of file node(s) within a first data tree and file node(s) within a second data tree may be generated. The first data tree may include a first set of directory nodes and a first set of file nodes. The second data tree may include a second set of directory nodes and a second set of file nodes. A delta between the first data tree and the second data tree may be generated based on a first classification of similarity between the first set of file nodes and the second set of file nodes, a second classification of similarity between the first set of directory nodes and the second set of directory nodes, and file-node delta(s) between file node(s) of the first set of file nodes and file node(s) of the second set of file nodes. The file-node delta(s) determined based on two or more of the fingerprints.

Abstract: Password information and password input pattern information for a user may be obtained. The password information may define a password submitted by the user. The password input pattern information may define an input pattern with which the password was inputted by the user. The password may be compared with a predefined password for the user. The input pattern may be compared with a predefined input pattern for the user. The password may be authenticated based on a first match between the password and the predefined password and a second match between the input pattern and the predefined input pattern.

Abstract: Exception lists may be generated by combining a standard list and a client list. Standard benign file information identifying a set of standard benign files may be obtained. A set of standard signatures for the set of standard benign files may be obtained. Client benign file information identifying a set of client benign files for a client may be obtained. A set of client signatures for the set of client benign files for the client may be obtained. A client exception list for the client may be generated based on the set of standard signatures and the set of client signatures.

Abstract: A method is provided for determining whether a software product includes open source code. A piece of open source code is obtained. A first sequence of the open source code is obtained. A first hash is generated based on the first sequence. A second sequence of the open source code is obtained. The second sequence is shifted from the first sequence. A second hash is generated based on the second sequence. A fingerprint for the open source code is generated based on the first hash and the second hash. The fingerprint is used to determine whether a software product includes the open source code.

Abstract: A data risk value for data of an endpoint may be determined. An endpoint risk value for the endpoint may be determined. A channel risk value for a set of channels through which the data is conveyable by the endpoint may be determined. A data security risk value may be determined based on the data risk value, the endpoint risk value, and the channel risk value.

Abstract: Event information of a computing device is obtained. The event information characterizes events occurring at the computing device. Two or more of the events are grouped into an event group. The event group defines an activity. The event group is classified to classify the activity. The activity and one or more related activities are chained into a sequence. The sequence defines a behavior. Context is added to the sequence to determine a contextual behavior. A security threat is detected based on the contextual behavior.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for security analysis are provided. One of the methods includes: determining a data risk value for data of an endpoint based on a number of classified files within the data and a type of classified files within the data; determining an endpoint risk value for the endpoint based on a user risk value and a cyber security risk value; determining a channel risk value for a set of channels through which the data is conveyable by the endpoint based on a number of channels within the set of channels and a type of channels within the set of channels; and rendering a map showing a security risk level of the endpoint, wherein the security risk level is based on the data risk value, the endpoint risk value, and the channel risk value.

Abstract: Multiple search patterns may be obtained. Characters within the multiple search patterns may be included within multiple alphabets. A pool including the characters within the multiple search patterns may be defined. A pointer for text to be searched may be set. Whether a character of the text corresponding to the pointer matches any character within the pool may be determined. Based on the character of the text corresponding to the pointer matching any character within the pool, a first portion of the text may be selected for a search of the multiple search patterns. Based on the character of the text corresponding to the pointer not matching any character within the pool, a second portion of the text may be skipped from the search of the multiple search patterns.

Abstract: A string of characters within a file may be obtained. A first sequence may be selected from the string of characters. A first hash may be generated based on the first sequence. A second sequence may be selected from the string of characters based on the first sequence. The second sequence may be shifted from the first sequence. A second hash may be generated based on the second sequence. A fingerprint for the file may be generated based on the first hash and the second hash.

Abstract: File classification information for a set of files are obtained. The file classification information defines (1) a number of classified files within the set of files, (2) a number of classification categories associated with the classified files, (3) a number of unauthorized classified files that do not match an access privilege of a user, and (4) a number of unauthorized classification categories associated with the unauthorized classified files. A violation of an access control policy is determined based on the file classification information.

Abstract: A system includes a sender computer and a recipient computer. The sender computer starts the chunking process by splitting a target file into chunks and providing signatures of the chunks of the target file to the recipient computer. After and in response to receiving the signatures of the chunks of the target file, the recipient computer splits the reference file into chunks, generates signatures of the chunks of the reference file, and identifies chunks that are common between the target file and the reference file. The recipient computer combines adjacent common chunks into larger chunks and creates, for example, MD5 signatures accordingly. The sender computer receives from the recipient computer information on chunks common between the target file and the reference file and provides a sequence of edit operations to the recipient computer to allow the recipient computer to reconstruct the target file.