Abstract: Aspects described herein relate to aggregating data records received from a plurality of data sources and selecting, for each of the plurality of data sources, a subset of data from the resulting aggregated data records. The aggregation and selecting processes may be performed in a randomized fashion. Further, the subsets of data may have portions that overlap with each other. Each subset may be used to train a model. Configuration information from any model trained in this way may then be used to configure an aggregated model. The overlap may also be used as basis for configuring the aggregated model. Once the aggregated model is configured, the aggregated model may be used to determine predictions.

Abstract: Embodiments discussed herein include systems, devices, methods, and techniques to process data, generate one or more graphs, and utilize the one or more graphs to detect anomalies.

Abstract: Aspects described herein may provide determination of a pedestrian route for a user to reach a seating area inside of a venue. Financial transaction data of the user may be reviewed to determine the user purchased one or more tickets to an event at the venue. Information regarding the event or the venue may be determined including seating charts for the venue and whether the tickets are for assigned or unassigned seats. Crowd densities inside and outside of the venue may be determined. The pedestrian route may be determined based on the crowd densities, number of tickets, and type of seating. The route may be updated as conditions change including any change to the crowd densities or change to seating availability. The route may increase a likelihood that the user reaches the seating area prior to a start of the event, and in a less stressful manner.

Abstract: Methods and systems are disclosed for improvements in cloud services by sharing estimated and actual usage data of cloud services recipients with the cloud services provider. The sharing of this data allows the cloud services provider to better apportion cloud resources between multiple cloud services recipients. By analyzing information included in the shared data (e.g., information about one or more applications that use the cloud resources), the cloud services provider may categorize the applications and/or the functions of those applications into authorized and unauthorized uses, the determination of which, is used to further efficiently apportion the cloud services resources.

Abstract: Implementations are directed to methods for detecting and identifying advanced persistent threats (APTs) in networks, including receiving first domain activity data from a first network domain and second domain activity data from a second network domain, including multiple alerts from the respective first and second network domains and where each alert of the multiple alerts results from one or more detected events in the respective first or second network domains. A classification determined for each alert of the multiple alerts with respect to a cyber kill chain. A dependency is then determined for each of one or more pairs of alerts and a graphical visualization of the multiple alerts is generated, where the graphical visualization includes multiple nodes and edges between the nodes, each node corresponding to the cyber kill chain and representing at least one alert, and each edge representing a dependency between alerts.

Abstract: To facilitate improved email and device security, embodiments of systems and methods include intercepting, by a processor associated with an entity, an internet request, where the internet request is produced by a link received in an email at a first computing device. The processor determines that the link is externally bound relative to an entity network. The processor determines an existence of a sandbox environment instance in a set of existing sandbox environment instances. The processor routes the link through the sandbox environment instance. The processor updates the sandbox log in the database based on the sandbox environment instance and the link. The processor causes to display on a screen of the first computing device a user interface for interacting with the link in the sandbox environment instance, and the processor logs activities associated with interacting with the link in a security log.

Abstract: A server can include a detection module for monitoring an electronic account and detecting irregular or fraudulent activities. The detection module can be a machine learning model configured to detect activities or patterns indicative of an account being compromised, hacked or accessed by unauthorized users. Upon detection of the irregular activities or patterns, the detection module can transmit a notification or signal to a trigger module which can implement remedial actions. The trigger module can receive the signal from the detection module and execute an action in accordance with a trigger plan. The trigger plan can include various information and a range of actions, which can be selected and/or executed based on the information included in the signal.

Abstract: Analyzing communications to determine appropriateness and provide recommendations based on prior communications. Prior communications may create a baseline tone based on the sentiment, words, or phrases used in previous communications between the user and the intended recipient and/or other user recipient pairs. Machine learning techniques may be used to continuously update a baseline tone.

Abstract: In some implementations, a device may receive an indication of information associated with a stored value medium. The device may populate a database with the information associated with the stored value medium, where the database includes a table to link the information associated with the stored value medium with an entity identifier of an entity associated with the stored value medium. The device may receive an indication of an exchange associated with the entity identifier of the entity, where the exchange is not associated with the stored value medium. The device may parse the database using the entity identifier associated with the entity to identify the information associated with the stored value medium indicated in the database. The device may communicate, with a backend system, to enable the exchange to be at least partially completed using the resources associated with the stored value medium.

Abstract: A server can include a detection module for monitoring an electronic account and detecting irregular or fraudulent activities. The detection module can be a machine learning model configured to detect activities or patterns indicative of an account being compromised, hacked or accessed by unauthorized users. Upon detection of the irregular activities or patterns, the detection module can transmit a notification or signal to a trigger module which can implement remedial actions. The trigger module can receive the signal from the detection module and execute an action in accordance with a trigger plan. The trigger plan can include various information and a range of actions, which can be selected and/or executed based on the information included in the signal.

Abstract: Methods and systems are disclosed for improvements in cloud services by sharing estimated and actual usage data of cloud services recipients with the cloud services provider. The sharing of this data allows the cloud services provider to better apportion cloud resources between multiple cloud services recipients. By analyzing information included in the shared data (e.g., information about one or more applications that use the cloud resources), the cloud services provider may categorize the applications and/or the functions of those applications into authorized and unauthorized uses, the determination of which, is used to further efficiently apportion the cloud services resources.

Abstract: To facilitate improved email and device security, embodiments of systems and methods include intercepting, by a processor associated with an entity, an internet request, where the internet request is produced by a link received in an email at a first computing device. The processor determines that the link is externally bound relative to an entity network. The processor determines an existence of a sandbox environment instance in a set of existing sandbox environment instances. The processor routes the link through the sandbox environment instance. The processor updates the sandbox log in the database based on the sandbox environment instance and the link. The processor causes to display on a screen of the first computing device a user interface for interacting with the link in the sandbox environment instance, and the processor logs activities associated with interacting with the link in a security log.

Abstract: In some implementations, a physical medium may include a radio frequency (RF) component and an integrated circuit (IC) chip component. The physical medium may be configured to detect, via the RF component, that the physical medium is within a communicative proximity of a first user device or a first medium associated with a first account. The physical medium may communicate, via the RF component, with the first user device or the first medium based on detecting that the physical medium is within the communicative proximity of the first user device or the first medium. The physical medium may configure the IC chip component to indicate that the physical medium is paired with the first account. The physical medium may transmit, via the RF component or the IC chip component and to a terminal, an indication that the physical medium is paired with the first account.

Abstract: A computer-implemented method for operating an interactive customer service system may include: receiving interaction information of a plurality of customer communications that were each serviced by a respective interaction unassociated with a predetermined interaction model; and in response to determining, based on the received information, that a threshold number of the communications have a common root cause: generating a further interaction model of a further interaction, based on interaction information of the customer communications having the common root cause, by employing a machine learning model trained, based on (1) sets of previous interaction information with respective common root causes as training data and (2) respective interactions corresponding to the respective common root causes as ground truth, to generate an output interaction model for a given set of interaction information of customer communications having a given common root cause; and configuring the interactive customer service sys

Abstract: A configured application for authorizing a credit card by a user and a method that may include receiving an electronic request to pair a mobile device associated with a user with a credit card of the user. The credit card may include a location tracking circuitry to remotely communicate a location of the credit card to a remote electronic recipient. The location of the credit card may be received by a processor from the remote electronic recipient. A proximity multi-factor authentication may verify that the user is an authorized user of the credit card. The mobile device associated with the user may be paired with the credit card of the user after verifying that the user is the authorized user. The processor may receive the location of the credit card paired with the mobile device from the remote electronic recipient. The location of the credit card may be displayed on a display of the mobile device associated with the user.

Abstract: A server can include a detection module for monitoring an electronic account and detecting irregular or fraudulent activities. The detection module can be a machine learning model configured to detect activities or patterns indicative of an account being compromised, hacked or accessed by unauthorized users. Upon detection of the irregular activities or patterns, the detection module can transmit a notification or signal to a trigger module which can implement remedial actions. The trigger module can receive the signal from the detection module and execute an action in accordance with a trigger plan. The trigger plan can include various information and a range of actions, which can be selected and/or executed based on the information included in the signal.

Abstract: Systems, methods, and computer-readable storage media for quantifying meeting effectiveness for an individual. A system configured as disclosed herein uses data from multiple meetings in which a user participated to create a user profile for the user. The system then receives data related to a new meeting in which the user participated, processes the new meeting data into segments using natural language processing, tags the resulting segments based on contexts, and compares the tagged segments to the user profile to generate a meeting effectiveness score for the new meeting which is specific to the user. The system can use machine learning to iteratively improve an ability of the system to generate the tagged segments using historical meeting data and updating that historical meeting data with each iteration of scoring a meeting's effectiveness.

Abstract: A configured application for authorizing a credit card by a user and a method that may include receiving an electronic request to pair a mobile device associated with a user with a credit card of the user. The credit card may include a location tracking circuitry to remotely communicate a location of the credit card to a remote electronic recipient. The location of the credit card may be received by a processor from the remote electronic recipient. A proximity multi-factor authentication may verify that the user is an authorized user of the credit card. The mobile device associated with the user may be paired with the credit card of the user after verifying that the user is the authorized user. The processor may receive the location of the credit card paired with the mobile device from the remote electronic recipient. The location of the credit card may be displayed on a display of the mobile device associated with the user.

Abstract: Systems, methods, and computer-readable storage media for quantifying meeting effectiveness for a group of participants and reducing redundancies in future meetings. The system receives electronic transcripts for meetings and executes natural language processing on the respective transcripts. The system identifies keywords in the resulting, parsed transcripts, tags the transcript with metadata about the keywords, and generates meeting profiles for the respective meetings. The system then compares the generated meeting profiles, identifies points of redundancy between the meetings from that comparison, and modifies a future meeting based on the identified redundancies.

Abstract: Systems, methods, and computer-readable storage media for generating a quantifiable communication profile of a participant, then using that communication profile to identify fake media and/or verify media as authentic. An exemplary system can receive communications in which a participant was one of the parties communicating, perform natural language processing and statistical analyses on the received communications, and generate a participant communication profile which details how the participant communicates and prefers to be communicated with. The system can also receive media purported to be from the participant, perform natural language processing on the purported media, compare the syntax of the purported media to the participant's communication profile, and identify, based on word usage, the media as a fake.