Abstract: An event aggregation fabric, implemented over an Integrated Circuit (IC) may include a Directed Acyclic Graph (DAG), including one or more aggregation nodes. Each aggregation node may receive input cue signals, originating from one or more source modules in the IC via respective one or more lean (e.g., single-wire) connections, indicate occurrence of events in respective source modules. The aggregation node may maintain a deficit count of the input cue signals, and generate an output cue signal, based on the deficit count. When the aggregation node is a terminal node of the DAG, it may transfer the output cue signal as an aggregated indication, representing occurrence of events in the source modules, to a target module in the IC. Otherwise, the aggregation node may transfer the output cue signal via lean connection to a subsequent aggregation node of the DAG, towards the terminal node.

Abstract: An Integrated Circuit (IC) device, and a method of utilizing thereof, may include: a plurality of Processing Elements (PEs), each comprising one or more configurable hardware logic blocks. The IC may further include a plurality of configuration memory elements, each associated with a respective PE, and adapted to maintain two or more configuration settings of the respective PE. The IC may further include a configuration manager circuit, configured to: receive a reconfiguration instruction, dictating a required function of the IC device; based on the reconfiguration instruction, identify at least one target PE of the plurality of PEs as a target for reconfiguration; based on the required function, select a specific configuration setting in the configuration memory element associated with the at least one target PE; and reconfigure at least one hardware logic block of the at least one target PE, according to the selected configuration setting.

Abstract: A digital hardware circuit and method for performing reduction operations that achieves constant timing depth regardless of input count. The invention replaces conventional sequential binary tree approaches with a parallel matrix comparison architecture where multiple comparator circuits simultaneously compare input signals against each other. Combinatorial logic circuits process comparison outputs to generate dominance signals indicating which input satisfies the reduction criteria, and selection logic outputs the final result. The parallel approach maintains exactly three logic levels regardless of number of processing inputs, enabling significantly higher clock frequencies than conventional methods whose timing depth increases logarithmically with input count.

Abstract: A model checking system configures a formal compliance document with remediation actions to correct security conflicts in an IAM system. The system applies a model checker on an abstract model of the IAM system to identify security conflicts and identifies remediation actions from the formal compliance document. The system applies the model checker after applying the first remediation action and determines whether the first remediation action creates another security conflict. If a remediation action is identified that does not create a new security conflict, then the system applies the identified remediation action. The formal compliance document is updated accordingly. When an operator revises code for a policy change, the system will apply the model checker on an abstract model of the IAM system with the code revision to identify security conflicts. If new security conflicts are not created in the simulation, then the system may deploy the code revision.

Abstract: Methods and apparatus to determine machine learning (ML) configurations for classifying malware are disclosed. An example server comprises interface circuitry, machine readable instructions, and programmable circuitry to at least one of instantiate or execute the machine readable instructions to determine a computing parameter associated with a computing device, the computing device communicatively coupled to the server, select a ML model to deploy on the computing device based on the computing parameter, determine a configuration of the ML model based on the computing parameter, deploy the ML model to the computing device, and cause the deployed ML model to classify a sample as clean or malicious, the sample received at the computing device.

Abstract: An Integrated Circuit (IC) device, and a method of utilizing thereof, may include: a plurality of Processing Elements (PEs), each comprising one or more configurable hardware logic blocks. The IC may further include a plurality of configuration memory elements, each associated with a respective PE, and adapted to maintain two or more configuration settings of the respective PE. The IC may further include a configuration manager circuit, configured to: receive a reconfiguration instruction, dictating a required function of the IC device; based on the reconfiguration instruction, identify at least one target PE of the plurality of PEs as a target for reconfiguration; based on the required function, select a specific configuration setting in the configuration memory element associated with the at least one target PE; and reconfigure at least one hardware logic block of the at least one target PE, according to the selected configuration setting.

Abstract: An identity verification system enables peer-to-peer authentication in a potentially insecure channel by leveraging a secure channel communication. The system authenticates a user via an identity verification application. The system provides a validation code to the user. The user communicates the validation code to a counterparty of the peer-to-peer communication. The system receives a request to authenticate the counterparty with the validation code and counterparty authentication data. The system authenticates the counterparty and sends the user the authentication of the counterparty. Alternatively, the user device communicates a request to generate a secure code for participants in a first insecure group application session. The user device selects an authenticated counterparty to receive the secure code from a list of authenticated counterparties. The user creates a second application session using the secure code as a password.

Abstract: A model checking system detects violations and conflicts in security and verification policies by running model checking processes. The system detects privilege escalation attacks in misconfigured identification and access management (“IAM”) policies by modeling security policy documents and IAM actions as logical formulas and then running model checking on the model. The system translates non-Boolean variables, such as string variables, into Boolean variables in order to apply an SAT model checker. The model checker also determines whether a policy violation can be achieved in a finite number of steps by elevating privileges of some compromised principal over multiple iterations of the model checking process, or proves absence thereof.

Abstract: A model checking system detects violations and conflicts in security and verification policies by running model checking processes. The system detects privilege escalation attacks in misconfigured identification and access management (“IAM”) policies by modeling security policy documents and IAM actions as logical formulas and then running model checking on the model. The system translates non-Boolean variables, such as string variables, into Boolean variables in order to apply an SAT model checker. The model checker also determines whether a policy violation can be achieved in a finite number of steps by elevating privileges of some compromised principal over multiple iterations of the model checking process, or proves absence thereof.

Abstract: An identity verification system enables peer-to-peer authentication in a potentially insecure channel by leveraging a secure channel communication. The system authenticates a user via an identity verification application. The system provides a validation code to the user. The user communicates the validation code to a counterparty of the peer-to-peer communication. The system receives a request to authenticate the counterparty with the validation code and counterparty authentication data. The system authenticates the counterparty and sends the user the authentication of the counterparty. Alternatively, the user device communicates a request to generate a secure code for participants in a first insecure group application session. The user device selects an authenticated counterparty to receive the secure code from a list of authenticated counterparties. The user creates a second application session using the secure code as a password.

Abstract: A model checking system detects violations and conflicts in security and verification policies by running model checking processes. The system detects privilege escalation attacks in misconfigured identification and access management (“IAM”) policies by modeling security policy documents and IAM actions as logical formulas and then running model checking on the model. The system translates non-Boolean variables, such as string variables, into Boolean variables in order to apply an SAT model checker. The model checker also determines whether a policy violation can be achieved in a finite number of steps by elevating privileges of some compromised principal over multiple iterations of the model checking process, or proves absence thereof.

Abstract: Systems and methods provide a platform for threat information sharing. A method comprises transmitting an access permission request to a blockchain network. The request asks for access to cyber threat information stored in at least one cyber threat information storage system. The information may come from a plurality of organizations. The blockchain network may include a blockchain ledger storing access control information from the plurality of organizations. Upon receipt of a reference to an access permission token generated by the blockchain network using at least one smart contract, a transaction request to the cyber threat information server may be sent. In response to the transaction request including the reference to the access permission token, the requested cyber threat information may be retrieved from the cyber threat information server.

Abstract: An example system includes a processor to monitor a user interface to generate activity logs including step-flows. The processor is to extract features and common variables from unstructured data in the activity logs and generate structured log events based on the extracted features and the common variables. The processor is to generate a workflow model based on the structured log events. The processor is to automate or assist workflow based on the generated workflow model.

Abstract: A method for training thresholds controlling data flow in a plurality of cascaded classifiers for classifying malicious software, comprising: in each of a plurality of iterations: computing a set of scores, each for one of a set of threshold sequences, each threshold sequence is a sequence of sets of classifier output thresholds, each set of classifier output thresholds used to control a flow of data from a first cascaded classifier of the plurality of cascaded classifiers to a second cascaded classifier of the plurality of cascaded classifiers, each score computed when classifying, using the respective threshold sequence, each of a plurality of software objects as one of a set of maliciousness classes; computing a set of new threshold sequences by applying a genetic algorithm to the set of threshold sequences and the set of scores; and using the set of new threshold sequences in a consecutive iteration.

Abstract: A method, computer system, and a computer program product for assessing anonymity of a dataset is provided. The present invention may include receiving an original dataset and an anonymized dataset. The present invention may also include preparing a testing dataset and a training dataset for a machine learning algorithm based on the received original dataset and anonymized dataset. The present invention may then include training a machine learning model based on the prepared training dataset. The present invention may further include generating an evaluation score based on the trained machine learning model and the prepared testing dataset. The present invention may also include presenting the generated evaluation score to a user.

Abstract: Incremental generation of models with dynamic clustering. A first set of data is received. A first set of clusters based on the first set of data is generated. A respective first set of models for the first set of clusters is created. A second set of data is received. A second set of clusters, based on the second set of data and based on a subset of the first set of data, is generated. A respective second set of models for the second set of clusters, based on a subset of the first set of models and based on the second set of data, is created.

Abstract: An example system includes a processor to monitor a user interface to generate activity logs including step-flows. The processor is to extract features and common variables from unstructured data in the activity logs and generate structured log events based on the extracted features and the common variables. The processor is to generate a workflow model based on the structured log events. The processor is to automate or assist workflow based on the generated workflow model.

Abstract: Embodiments may provide Digital Rights Management techniques, not to make the reverse engineering process harder, but rather to provide detection of reverse engineering of PCBs, such as by copying of layers of trace layout, so as to enable pursuing legal remedies against the violators. For example, in an embodiment, a method of information encoding may be implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor, the method may comprise receiving, at the computer system, information to be encoded in a printed circuit board wiring trace layout and laying out, at the computer system, a plurality of printed circuit board wiring traces so as to encode the received information.

Abstract: A method, computer system, and a computer program product for assessing anonymity of a dataset is provided. The present invention may include receiving an original dataset and an anonymized dataset. The present invention may also include preparing a testing dataset and a training dataset for a machine learning algorithm based on the received original dataset and anonymized dataset. The present invention may then include training a machine learning model based on the prepared training dataset. The present invention may further include generating an evaluation score based on the trained machine learning model and the prepared testing dataset. The present invention may also include presenting the generated evaluation score to a user.

Abstract: A method for defending a computing system against ransomware attacks is disclosed. In one embodiment, such a method includes identifying, on a computing system, files to be protected against ransomware attacks. The method appends a public key to each of the files. Upon receiving a request to modify a specific file, the method reads the public key appended to the file, requests an authentication token from a user, and computes a private key associated with the files. The method combines the public key, authentication token, and private key to generate an unlock key. This unlock key is compared to a validation key. The method authorizes modification of the file in the event the unlock key matches the validation key. A corresponding system and computer program product are also disclosed.