Abstract: One method includes monitoring a ransomware risk measure, when the ransomware risk measure indicates the presence of a suspected ransomware process, determining if it is time to overwrite a snapshot stored in backup data storage, and when it is time to overwrite the snapshot, moving the snapshot from the backup data storage to a vault to free space in the backup data storage for new snapshots that continue to be taken after the presence of suspected ransomware is indicated.

Abstract: Methods and systems for managing storage of data are disclosed. To manage storage of data, images may be stored across a number of storages that provide varying levels of storage performance and have correspondingly varying costs for storing data. To store the images across the storages, the images may be segmented into image segments and a likelihood of each of the image segments being used in the future may be identified. The image segments that are more likely to be used in the future may be stored in higher performance storages while the image segments that are less likely to be used in the future may be stored in lower performance storages. To identify the likelihood of each of the image segments being used in the future, the image segments may be classified based on their membership in one or more areas of interest within the images.

Abstract: Methods and systems for authenticating data processing systems throughout a distributed environment without user intervention are disclosed. To authenticate data processing systems without user intervention, a system may include a network core and one or more data processing systems. Data processing systems may provide telemetry data to the network core for use in future authentication processes. To increase security throughout the system, the network core may ensure that low security data points are not retained for authentication. A low security data point may be a data point that matches a data point obtained from another data processing system. If a root of trust is lost between a data processing system and the network core, the network core may use retained telemetry data points to generate a security questionnaire. If the data processing system successfully answers security questions of the security questionnaire, the root of trust may be restored.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system, and may be based on a reputation (e.g., weighted reputation) of each of the data processing systems within the distributed system. If the reputation of a data processing system meets criteria, the data processing system may be treated as being compromised and a local refresh of security data may be performed. Consequently, the impact of compromise of the data processing system may be limited by the distributed authority.

Abstract: Methods and systems for managing artificial intelligence (AI) models are disclosed. To manage AI models, an instance of an AI model may not be re-trained using training data determined to be potentially poisoned. By doing so, malicious attacks intending to influence the AI model using poisoned training data may be prevented. To do so, a first level of strength of a first causal relationship present in historical training data may be compared to a second level of strength of a second causal relationship present in a candidate training data set. The first level of strength and the second level of strength may be expected to be similar within a threshold. If a difference between the first level of strength and the second level of strength is not within the threshold, the candidate training data may be treated as including poisoned training data.

Abstract: A search engine responding to a user query to find relevant data assets in a federation business data lake (FBDL) system. The search engine receives a search query from an unprivileged user or a user not having sufficient privileges to access the FBDL. It returns initial results to the unprivileged user including a first data asset recommendation responsive to the search query. It then determines a causal reason that the first data asset was recommended, and uses a similarity engine conditioned on the causal reason to return a replacement data asset in response to the search query.

Abstract: Compressing files is disclosed. An input, which is associated with an original file and new content, is to be compressed. The input includes a consensus sequence of the original file and the new content. The new content is aligned based using the consensus sequence of the original file in order to generate a new consensus sequence that reflects both the original content and the new content. The compression engine generates a new compression matrix and a new consensus sequence. Using the new consensus sequence, pointer pairs are generated. Each pointer pair identifies a subsequence of the consensus matrix. The new compressed file includes the pointer pairs and the new consensus sequence.

Abstract: A search engine responding to a user query to find relevant data assets in a federation business data lake (FBDL) system by monitoring and recording interactions of known users interacting with data assets in the FBDL system. Predicted data usage for unknown or new users is derived by training a generative model that uses reconstructive self-supervised learning (SSL) techniques to generate possible values for missing data usage features of the unknown users. The predicted usage is then used to generate similarity scores that are combined for those of the known users to help inform the search engine processing to return relevant results to a target user.

Abstract: Methods and systems for inference generation are disclosed. To manage inference generation, a system may include an inference model manager and any number of data processing systems. The inference model manager may represent an inference model as a bipartite graph in order to obtain portions of the inference model. Each portion of the inference model may be distributed to one data processing system so that the data processing systems may collectively generate inferences usable by a downstream consumer. Portions of the inference model may be obtained so that each portion matches the available computing resources of a data processing system throughout the distributed environment. In addition, the portions may be obtained in order to reduce inter-data processing system communications during execution of the inference model.

Abstract: Compressing files is disclosed. An input file to be compressed is first aligned. When the file has multiple axes or dimensions, the file is aligned along each of the axes. Aligning the file includes splitting the file into sequences that can be aligned along each of the axes or dimensions. Aligning the file generates a compression tensor, where each row or dimensional space of the compression tensor corresponds to part of the file. A consensus tensor is determined from the compression tensor. Using the consensus tensor, pointer lists are generated. Each pointer lists identifies a subsequence or portion of the consensus tensor. The compressed file includes the pointer lists and the consensus tensor.

Abstract: Methods and systems for authenticating data processing systems throughout a distributed environment without user intervention are disclosed. To authenticate data processing systems without user intervention, a system may include a network core and one or more data processing systems. The network core may attempt to authenticate data processing systems using a security questionnaire. Security questions in the security questionnaire may be based on telemetry data obtained from the data processing system prior to a loss of a root of trust. To conserve computing resources, only telemetry data with a security score that exceeds a security score threshold may be retained. The network core may provide the data processing system with a security questionnaire and the data processing system may use similar telemetry data to respond to the security questionnaire. If the answers to the security questions are considered accurate, the data processing system may be re-authenticated.

Abstract: One example method includes defining an airgap control policy that specifies a threshold data value, generating a value for a set of data, determining whether the value that has been generated for the data meets or exceeds the threshold data value, and opening the air gap when the value that has been generated for the data meets or exceeds the threshold data value. The airgap is closed automatically when the value that has been generated for the data meets or exceeds the threshold data value.

Abstract: A method includes searching a group of PITs, identifying one of the PITs as having an indicator of an occurrence of an event involving data associated with the identified PIT, restoring the data, running a production system copy using the data, and while the production system copy is running, taking increasingly granular backups of the data until the event is located. The event may be a corruption of the data, or other problem.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system. Consequently, the impact of compromise of a data processing system may be limited by the distributed authority.

Abstract: Ensuring data consistency across multiple monitoring services is described. If a synchronization criterion is satisfied, a data originator service, which monitors at least one component of a data protection platform, sends a synchronization indicator to monitoring services that monitor the components of the data protection platform. If at least one of the monitoring services responds to receiving the synchronization indicator by initiating synchronization of updated data, the data originator service sends the updated data to the at least one of the monitoring services, which stores the updated data received from the data originator service. If each of the monitoring services that received the synchronization indicator either stored the updated data or is yet to initiate synchronization of the updated data, the data originator service enables simultaneous update of a display of the updated data for a user of any of the monitoring services.

Abstract: One example method includes receiving, at a remote site from a production site, copies of production site assets, storing, at the remote site, the copies of the production site assets, using, at the remote site, the copies of the production site assets to restore a temporary production site, running the temporary production site at the remote site, and restoring, from the remote site to the production site, the copies of the production site assets.

Abstract: Methods and systems for managing artificial intelligence (AI) models are disclosed. As AI models are updated over time using new training data, the new training data may be screened and snapshots of the AI models may be obtained. Screening the new training data may reduce the likelihood that AI models become tainted and provide undesired inferences. The snapshots may be used to remediate tainted AI models when trained using poisoned training data that was not screened. Use of snapshots may reduce the computational expense for remediating the impact of poisoned training data.

Abstract: Methods and systems for managing access to data stored in data storage systems are disclosed. To prevent malicious parties from gaining access to sensitive data stored in a data storage system, an access control system may be implemented. The access control system may include a registration process that assigns cryptographic key pairs to registered combinations of users and devices. The combinations may include an end device, a user of the end device, and an auxiliary device associated with the end device (e.g., a display device). When an end device requests sensitive data, the requesting device (e.g., end device), an associated user, and an associated display device may be authenticated using the key pairs generated during registration. The sensitive data may be encrypted pre-transit using device-specific encryption (e.g., using a public key of the display device) to protect sensitive data from malicious parties that may gain access to the end device.

Abstract: Methods and systems for authenticating data processing systems throughout a distributed environment without user intervention are disclosed. To authenticate data processing systems without user intervention, a system may include a network core and one or more data processing systems. A previously established root of trust between the network core and a data processing system may be lost and the network core may attempt to re-authenticate the data processing system using shared knowledge. The shared knowledge may be based on data obtained from the data processing system and an inference generated by a twin inference model. The network core may provide the data processing system with a security questionnaire based on the shared knowledge and the data processing system may use the twin inference model to respond to the security questionnaire. If the answers to the security questions are considered accurate, the data processing system may be re-authenticated.

Abstract: Methods and systems for securing distributed systems are disclosed. The distributed systems may include data processing systems subject to compromise by malicious entities. If compromised, the data processing systems may impair the services provided by the distributed system. To secure the distributed systems, the data processing systems may implement a security framework. The security framework may utilize a hierarchy that defines authority for validating trusted entities. The hierarchy may vest authority across the distributed system, and may be based on a reputation (e.g., weighted reputation) of each of the data processing systems within the distributed system. If the reputation indicates that a data processing system is compromised, the data processing system may be ejected and a communication topology of the distributed system may be remodeled.