Abstract: A method and network gateway are provided for routing network traffic between internet service providers (ISPs) based on dynamic communication quality of the ISPs. Dynamic communication quality of the ISPs are monitored and compared by processor circuitry of the network gateway. When a session-based connection is being transmitted on an ISP having dynamic communication quality that does not meet a required communication quality of the connection, the processor circuitry transitions the session-based connection to an ISP meeting the required communication quality of the connection.

Abstract: Embodiments of the present disclosure provide systems, methods, and non-transitory computer storage media for identifying malicious behavior using a trained deep learning model. At a high level, embodiments of the present disclosure utilize a trained deep learning model that takes a sequence of ordered signals as input to generate a score that indicates whether the sequence is malicious or benign. Initially, process data is collected from a client. After the data is collected, a virtual process tree is generated based on parent and child relationships associated with the process data. Subsequently, embodiments of the present disclosure aggregate signal data with the process data such that each signal is associated with a corresponding process in a chronologically ordered sequence of events. The ordered sequence of events is vectorized and fed into the trained deep learning model to generate a score indicating the level of maliciousness of the sequence of events.

Abstract: A method and a device are provided for modifying audio signals in accordance with hearing capabilities of a specific individual who is listening to audio signals being played via a set of headphones. The method comprises the steps of: providing results of one or more hearing tests performed to the specific individual; retrieving information that relates to deviations in hearing capabilities of the individual from a pre-defined hearing pattern, based on the results obtained in the one or more hearing tests; and when the set of headphones is used by the individual while listening to input audio signals, modifying the input audio signals based on the retrieved information, thereby enabling the individual to listen to modified audio signals, being the input audio signals after their change into a form that takes into account the individual's hearing capabilities.

Abstract: A method and a device are provided for modifying audio signals for a group of listeners in accordance with hearing capabilities of at least two members belonging to that group. The method comprises the steps of: providing information that relates to hearing capabilities of the at least two members; based on the information provided, determining respective values for one or more parameters to be applied for modifying audio signals that are about to be played, in a way that would suit all members belonging to that group of listeners; modifying the audio signals by applying the respective values of the determined parameters to modify audio signals; and enabling playing the modified audio signals to all members of the group of listeners.

Abstract: A method is provided for administering a hearing test to an individual. The method comprises the steps of: selecting at least one musical melody; determining a plurality of frequencies at which the at least one musical melody or part thereof will be played for the individual; executing instructions comprised in a computer program to perform steps for administering a hearing test to the individual, wherein the instructions are configured to enable the individual to listen to the at least one musical melody or part thereof at the determined frequencies and at varying intensities; and establishing hearing capabilities of the individual to whom the hearing test has been administered, based on that individual's reactions while listening to the at least one musical melody or part thereof at the determined frequencies and at varying intensities.

Abstract: A set of headphones is provided, configured to enable a user of the set of headphones to conduct a self-administered hearing test. The set of headphones comprises: a sound generating module; a controller operative to control separately sounds reaching each one of the user's ears; at least one processor operative to process feedbacks received via a user interface coupled to the set of headphones, and wherein the at least one processor is operative to: allow uploading of executable instructions to enable performing steps in a self-administered hearing test; activate the controller and the sound generating module in accordance with the executable instructions, for conducting the self-administered hearing test by the user using the set of headphones; receive the feedbacks from the user while conducting the self-administered hearing test; and determine hearing capabilities associated with the user, based on results obtained from the self-administered hearing test.

Abstract: A method and a device are provided for modifying audio signals in accordance with hearing capabilities of a specific individual who is listening to audio signals being played via a set of headphones. The method comprises the steps of: providing results of one or more hearing tests performed to the specific individual; retrieving information that relates to deviations in hearing capabilities of the individual from a pre-defined hearing pattern, based on the results obtained in the one or more hearing tests; and when the set of headphones is used by the individual while listening to input audio signals, modifying the input audio signals based on the retrieved information, thereby enabling the individual to listen to modified audio signals, being the input audio signals after their change into a form that takes into account the individual's hearing capabilities.

Abstract: The present invention discloses methods for effective network-security inspection in virtualized environments, the methods including the steps of: providing a data packet, embodied in machine-readable signals, being sent from a sending virtual machine to a receiving virtual machine via a virtual switch; intercepting the data packet by a sending security agent associated with the sending virtual machine; injecting the data packet into an inspecting security agent associated with a security virtual machine via a direct transmission channel which bypasses the virtual switch; forwarding the data packet to the security virtual machine by employing a packet-forwarding mechanism; determining, by the security virtual machine, whether the data packet is allowed for transmission; upon determining the data packet is allowed, injecting the data packet back into the sending security agent via the direct transmission channel; and forwarding the data packet to the receiving virtual machine via the virtual switch.

Abstract: A system and method for protecting data communications in a system including a load-balancer connected to a cluster of security network components, e.g. firewall node. The load-balancer transfers one or more of the data streams respectively to the security components. The security network components transmit control information to the load-balancer and the control information includes an instruction regarding balancing load of the data streams between said security network components; The load-balancer balances load based on the control information. Preferably, network address translation is performed by the load-balancer based on the control information or network address translation is performed by the security network component and the control information includes information regarding an expected connection based on the network address translation.

Abstract: Disclosed are methods, media, and vault servers for providing a secure messaging system using vault servers in conjunction with client-side restricted-execution vault-mail environments. Methods include the steps of upon activating a vault-mail message containing sensitive content, removing the content from the vault-mail message; placing the content on a vault server; creating a link in the vault-mail message to the content on the vault server; sending the vault-mail message to a designated recipient; and upon activating the link, allowing the content to be only viewed in a restricted-execution session of a client application, wherein the restricted-execution session does not allow the content to be altered, copied, stored, printed, forwarded, or otherwise executed. Preferably, the activation of the vault-mail message is performed by a network-security gateway, and can be performed on a per-message basis.

Abstract: A data leak prevention application that categorizes documents by data type is provided, a data type being a sensitivity classification of a document based on what data the document contains. A scripting language processing engine is embedded into the data leak prevention application, the scripting language forming part of the application as hard code. A user configures interaction of the scripting language processing engine with the application. The configuring may include modifying or adding code or setting criteria for when code portions of the scripting language processing engine activates. The scripting language processing engine is activated to enhance an accuracy of an existing data type or so as to detect a new data type. Upon enhancing the accuracy of the data type, documents may be re-categorized.

Abstract: A system and method for protecting data communications in a system including a load-balancer connected to a cluster of security network components, e.g. firewall node. The load-balancer transfers one or more of the data streams respectively to the security components. The security network components transmit control information to the load-balancer and the control information includes an instruction regarding balancing load of the data streams between said components; The load-balancer balances load based on the control information. Preferably, network address translation (NAT) is performed by the load-balancer based on the control information or NAT is performed by the security network component and the control information includes information regarding an expected connection based on NAT.

Abstract: A method is provided for evaluating fuel consumption efficiency of a vehicle driven by a driver. The method comprises the steps of: a) collecting data associated with said driver's driving performance from a plurality of sensors comprised in the vehicle; b) identifying a plurality of driving events based on the collected data; c) estimating the driver's performance in at least one driving event from among the identified plurality of driving events, wherein that at least one event if poorly performed is associated with increased fuel consumption; and d) based on the estimated driver's performance of the at least one driving event, evaluating a fuel consumption efficiency of the vehicle driven by that driver.

Abstract: A method for protecting data communications using a multiple processor device in which multiple processors are operatively connected by a transport mechanism for sharing data. One or more of the processors is programmed as a dispatcher and other processors are programmed with processes. Each of the processes enforce an identical security policy and/or perform an identical or specialized security function. Data streams are transferred respectively from the dispatcher to the processes through the transport mechanism. Control information is transmitted through the transport mechanism from one or more processes to the dispatcher. The control information specifies balancing load of the data streams between the processes. The dispatcher balances load based on the control information.

Abstract: A system and method for protecting data communications in a system including a toad-balancer connected to a cluster of security network components, e.g. firewall node. The load-balancer transfers one or more of the data streams respectively to the security components. The security network components transmit control information to the load-balancer and the control information includes an instruction regarding balancing load of the data streams between said components; The load-balancer balances load based on the control information. Preferably, network address translation (NAT) is performed by the load-balancer based on the control information or NAT is performed by the security network component and the control information includes information regarding an expected connection based on NAT.

Abstract: A data leak prevention application that categorizes documents by data type is provided, a data type being a sensitivity classification of a document based on what data the document contains. A scripting language processing engine is embedded into the data leak prevention application, the scripting language forming part of the application as hard code. A user configures interaction of the scripting language processing engine with the application. The configuring may include modifying or adding code or setting criteria for when code portions of the scripting language processing engine activates. The scripting language processing engine is activated to enhance an accuracy of an existing data type or so as to detect a new data type. Upon enhancing the accuracy of the data type, documents may be re-categorized.

Abstract: A method is provided for evaluating fuel consumption efficiency of a vehicle driven by a driver. The method comprises the steps of: a) collecting data associated with said driver's driving performance from a plurality of sensors comprised in the vehicle; b) identifying a plurality of driving events based on the collected data; c) estimating the driver's performance in at least one driving event from among the identified plurality of driving events, wherein that at least one event if poorly performed is associated with increased fuel consumption; and d) based on the estimated driver's performance of the at least one driving event, evaluating a fuel consumption efficiency of the vehicle driven by that driver.

Abstract: The present invention discloses methods for effective network-security inspection in virtualized environments, the methods including the steps of: providing a data packet, embodied in machine-readable signals, being sent from a sending virtual machine to a receiving virtual machine via a virtual switch; intercepting the data packet by a sending security agent associated with the sending virtual machine; injecting the data packet into an inspecting security agent associated with a security virtual machine via a direct transmission channel which bypasses the virtual switch; forwarding the data packet to the security virtual machine by employing a packet-forwarding mechanism; determining, by the security virtual machine, whether the data packet is allowed for transmission; upon determining the data packet is allowed, injecting the data packet back into the sending security agent via the direct transmission channel; and forwarding the data packet to the receiving virtual machine via the virtual switch.

Abstract: A system and a method are described for providing one or more messages associated with driving hazards to a driver of a vehicle, comprising: i. providing data derived from more than one driving sessions driven by the driver, and storing data that relate to a plurality of driving events associated with that driver; ii. identifying at least one event that might constitute a potential hazard in future driving sessions of that driver; and iii. sending one or more messages based on the at least one identified event.

Abstract: Disclosed are methods, media, and vault servers for providing a secure messaging system using vault servers in conjunction with client-side restricted-execution vault-mail environments. Methods include the steps of upon activating a vault-mail message containing sensitive content, removing the content from the vault-mail message; placing the content on a vault server; creating a link in the vault-mail message to the content on the vault server; sending the vault-mail message to a designated recipient; and upon activating the link, allowing the content to be only viewed in a restricted-execution session of a client application, wherein the restricted-execution session does not allow the content to be altered, copied, stored, printed, forwarded, or otherwise executed. Preferably, the activation of the vault-mail message is performed by a network-security gateway, and can be performed on a per-message basis.