Abstract: Data is collected from a network graph, wherein the collected data is useful for training a machine learning model on a query domain. A domain-specific template corresponding to the query domain is received, the domain-specific template defining one or more classifiers to guide collection of content relevant to the query domain from the network graph. A collection starting point is analyzed based on the one or more classifiers of the domain-specific template to identify one or more relevant instances of the content. The one or more identified relevant instances of the content are added to a contextual protocol package. Each identified relevant instance of the content is analyzed based on the one or more classifiers of the domain-specific template to identify one or more additional relevant instances of the content. The one or more identified additional relevant instances of the content are added to the contextual protocol package.

Abstract: Aspects of the present disclosure allow for improving E2E mesh throughput by applying transmission (TX) biasing on the Wi-Fi mesh backhaul. Aspects of the disclosure are directed to solutions for reducing traffic load in Wi-Fi mesh networks by applying TX biasing on the Wi-Fi mesh backhaul. Certain aspects are directed to selectively transmitting or preventing transmission of data over the first backhaul link to the first MLD based at least in part on a fronthaul airtime utilization, a first backhaul airtime utilization, or a second backhaul airtime utilization. Doing so allows a root access point or a network controller to apply TX biasing between multi-link operation links towards each repeater so that traffic load on a backhaul-link would not overly occupy the front-haul link because of common channel use by selectively transmitting or preventing transmission of data on the backhaul links.

Abstract: This disclosure provides methods, devices and systems for load balancing access points (APs) in a mesh network. Certain aspects are directed to obtaining load information from each wireless device of a set of wireless devices, the load information being indicative of resource availability for each band available to each wireless device of the set. In some examples, the disclosure is directed to identifying a first band and a first wireless device of the set of wireless devices associated with the first band based on the first band having a highest level of traffic among bands available to the set of wireless devices.

Abstract: A first Multi-AP device configured as a Multi-AP Agent transmits, to a second Multi-AP device configured as a Multi-AP Controller over a first communication link, a Device Provisioning Protocol (DPP) Configuration Request Message indicating multi-link operation (MLO) capabilities of the first Multi-AP device. The first Multi-AP device receives, from the second Multi-AP device over the first communication link, a DPP Configuration Response Message indicating MLO association information responsive to the indicated MLO capabilities, and establishes a backhaul path with a third Multi-AP device, configured as a second Multi-AP Agent, on the first communication link and one or more second communication links according to the MLO association information.

Abstract: This disclosure relates generally to system and method for assessing insider influence on enterprise assets. Existing work focuses on the detection of insider threat and does not consider the influence of an insider on their peers and subordinates. The present disclosure aggregates and preprocesses the enterprise data specific to the individuals received from various sources, and further creates an enterprise graph between entities. Weights of every edge connected between any two entities in the enterprise graph is then calculated. Community of the individuals are detected wherein, relevant insider(s) are identified, and susceptibility of the individuals for probable influence by relevant insider(s) based on the analysis scenarios(s) is calculated. Paths taken by the relevant insider(s) is calculated for estimating probability of data loss.

Abstract: This disclosure relates generally to system and method for classification of sensitive date using federated semi-supervised learning. Federated learning has emerged as a privacy-preserving technique to learn one or more machine learning (ML) models without requiring users to share their data. In federated learning, data distribution among clients is imbalanced resulting with limited data in some clients. The method includes extracting a training dataset from one or more data sources and pre-processing the training dataset into a machine readable form based on associated data type. Further, a federated semi-supervised learning model is iteratively trained based on a model contrastive and distillation learning to classify sensitive data from the unlabeled dataset. Then, sensitive data from a user query is received as input which are classified using the federated semi-supervised learning model.

Abstract: A system and method for implementing a centralized innovation framework module are disclosed. A processor is operatively connected to one or more memories via a communication network. The processor creates a centralized web-based collaborative platform hub for collection of innovation ideas data from end users within an operation space and causes the centralized web-based collaborative platform hub to receive innovation ideas data from an end user related to development of an application. The processor also analyzes the received innovation ideas data establishes, based on analyzing, a connection between the centralized web-based collaborative platform hub and a development platform; migrates the received innovation ideas data onto the development platform; and creates a workflow on the development platform for tracking and managing development processes of the application.

Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.

Abstract: Data-driven applications depend on training data obtained from multiple internal and external data sources. Hence poisoning of the training data can cause adverse effects in the data driven applications. Conventional methods identifies contaminated test samples and avert them from entering into the training. A generic approach covering all data-driven applications and all types of data poisoning attacks in an efficient manner is challenging. Initially, data aggregation is performed after receiving a ML application for testing. A plurality of feature vectors are extracted from the aggregated data and a poisoned data set is generated. A plurality of personas are generated and are further prioritized to obtain a plurality of attack personas. Further, a plurality of security assessment vectors are computed for each of the plurality of attack personas. A plurality of preventive measures are recommended for each of the plurality of attack personas based on the corresponding security assessment vector.

Abstract: Data is collected from a network graph, wherein the collected data is useful for training a machine learning model on a query domain. A domain-specific template corresponding to the query domain is received, the domain-specific template defining one or more classifiers to guide collection of content relevant to the query domain from the network graph. A collection starting point is analyzed based on the one or more classifiers of the domain-specific template to identify one or more relevant instances of the content. The one or more identified relevant instances of the content are added to a contextual protocol package. Each identified relevant instance of the content is analyzed based on the one or more classifiers of the domain-specific template to identify one or more additional relevant instances of the content. The one or more identified additional relevant instances of the content are added to the contextual protocol package.

Abstract: Techniques for managing an access privilege for users of an organization having first and second tenants includes storing, at a data storage, first user account data of a first user account associated with a first user of the first tenant, the first user account data including a first object identifier, a first tenant identifier and first access privilege information including access privileges granted to the first user account of the first tenant to access one or more resources; creating, for the first user associated with the first tenant, a second user account of the second tenant and second user account data of the second user account; setting the second user account data to include linked account information including the first object identifier and the first tenant identifier of the first user account data; and storing, at the data storage, the second user account data including the linked account information.

Abstract: Techniques for managing access to content are provided that include receiving a first signal requesting an indication whether a user has an access privilege to access to a resource associated with a first tenant of an access management service or perform an operation by a data processing system using the resource, determining that a first user account associated with the user does not have an access privilege to access the resource; performing a nested access privilege check to determine whether the user is associated with a second user account that has the access privilege to access the resource; and granting via the communication network access to the resource responsive to the nested access privilege check determining that the user is associated with the second user account and the second user account is associated with the access privilege to access the resource.

Abstract: A system and method for implementing a centralized innovation framework module are disclosed. A processor is operatively connected to one or more memories via a communication network. The processor creates a centralized web-based collaborative platform hub for collection of innovation ideas data from end users within an operation space and causes the centralized web-based collaborative platform hub to receive innovation ideas data from an end user related to development of an application. The processor also analyzes the received innovation ideas data establishes, based on analyzing, a connection between the centralized web-based collaborative platform hub and a development platform; migrates the received innovation ideas data onto the development platform; and creates a workflow on the development platform for tracking and managing development processes of the application.

Abstract: This disclosure relates generally to system and method for assessing insider influence on enterprise assets. Existing work focuses on the detection of insider threat and does not consider the influence of an insider on their peers and subordinates. The present disclosure aggregates and preprocesses the enterprise data specific to the individuals received from various sources, and further creates an enterprise graph between entities. Weights of every edge connected between any two entities in the enterprise graph is then calculated. Community of the individuals are detected wherein, relevant insider(s) are identified, and susceptibility of the individuals for probable influence by relevant insider(s) based on the analysis scenarios(s) is calculated. Paths taken by the relevant insider(s) is calculated for estimating probability of data loss.

Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.

Abstract: Data-driven applications depend on training data obtained from multiple internal and external data sources. Hence poisoning of the training data can cause adverse effects in the data driven applications. Conventional methods identifies contaminated test samples and avert them from entering into the training. A generic approach covering all data-driven applications and all types of data poisoning attacks in an efficient manner is challenging. Initially, data aggregation is performed after receiving a ML application for testing. A plurality of feature vectors are extracted from the aggregated data and a poisoned data set is generated. A plurality of personas are generated and are further prioritized to obtain a plurality of attack personas. Further, a plurality of security assessment vectors are computed for each of the plurality of attack personas. A plurality of preventive measures are recommended for each of the plurality of attack personas based on the corresponding security assessment vector.

Abstract: Techniques for managing access to content are provided that include receiving a first signal requesting an indication whether a user has an access privilege to access to a resource associated with a first tenant of an access management service or perform an operation by a data processing system using the resource, determining that a first user account associated with the user does not have an access privilege to access the resource; performing a nested access privilege check to determine whether the user is associated with a second user account that has the access privilege to access the resource; and granting via the communication network access to the resource responsive to the nested access privilege check determining that the user is associated with the second user account and the second user account is associated with the access privilege to access the resource.

Abstract: A computer system tracks and analyzes activity data, notifications, and user interactions with activity data and notifications. By analyzing this information, the computer system can identify, for individual users and across a set of users, which activity data and notifications are most relevant. Such activity data and notifications are most relevant when they result in the end user having further user interaction through the electronic document. The information about the relevance of the activity data and notifications can be used for managing sending of notifications and presenting activity data in end user applications.

Abstract: This disclosure relates generally to malware detection, and more particularly to system and method for detecting and mitigating ransomware threats. For a User Equipment being monitored, the system performs a behavior analysis of corresponding file system to determine whether any anomalous behavior that would amount to a ransomware threat is associated with flies associated with the file system change, if present, then the system virtualizes the file system on the fly. If information pertaining to the identified anomalous behavior is present in any of the reference databases in the system, then all the I/O calls are terminated or the file system is virtualized for rest of the session. If data pertaining to the identified anomalous behavior is not found in any of the associated databases, then new behavioral features and structural patterns of the identified anomalous behavior and the associated processes are extracted, and the reference databases are updated accordingly.

Abstract: Authentication keys are selectively cached locally for faster roaming of wireless stations in a communication network. An attempt by a station to reassociate with an access point is detected. Responsive to identifying a key corresponding to the station as evidence of a previous association, the key is retrieved from the key cache without contracting a controller or an authentication server, for faster responses. At least one modified response frame is generated to include the identified key along with an approval of the association between the access point and the station. The at least one modified response is sent from the access point to the station. An attempt to roam to a station for a first time is detected responsive to a key cache miss at the access point. If the station has previously associated with an access point under purview of the controller, keys are located and sent back to the access point without contacting an authentication server as an improvement over IEEE 802.11r.