Abstract: Systems, methods, and computer program products for identifying a fraudulent device. A device analytics engine receives device data from a computing device, the device data including parameters associated with the computing device. The device analytics engine selects a set of rules in a plurality of rules that indicate at least one parameter in the plurality of parameters in the device data for determining a device identifier. The set of rules are evaluated in an order until the device identifier is determined from the at least one parameter indicated in the set of rules, the device data, and previously stored data from multiple computing devices. A score is generated for the computing device using one or more of the device identifier, device data, a set of rules, and previously receive device data that corresponds to the device identifier. A computing device is identified as a fraudulent computing device based on the score.

Abstract: One or more embodiments include techniques for automating vehicle routines. The techniques include receiving a rule that includes one or more deterministic elements and a machine learning element; collecting, during operation of the vehicle, a set of vehicle data based on the machine learning element; training a machine learning model that corresponds to the machine learning element using the set of vehicle data, wherein the machine learning model is used to process the machine learning element during execution of the rule.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: In one aspect, a computerized system for locating anomalous query activity with a cloud-based database, comprising: with an atypical query engine: analyzing and understanding data within a cloud-based database, processing all accesses to the data within cloud-based database and SAAS environment, generating a list of user that accesses a table from a location in the cloud-based database using, and capture a set of specified key statistics about the cloud-based database query; and role suggestion engine: generating a user behavior fingerprint comprising a history of the user's behavior within the cloud-based database, identifying that a user is an outlier with respect to behavior with respect to the set of specified key statistics, and suggesting a new role within an enterprise managing the cloud-based database for the user, wherein the fingerprint of the outlier user is used to generate the suggestion for the new role.

Abstract: In one aspect, a computerized method for locating one or more shadow vulnerable datastores for cloud-platform datastores includes the step of identifying a cloned data store of an original datastore in a cloud database instance. It includes the step of determining that the cloned datastore comprises a shadow vulnerable datastore. It includes the step of defining a security posture of the cloned datastore. It includes the step of publishing a digitized data clone security differential report comprising the security posture and one or more remediations to fix security posture issues.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: A computerized method for implementing risk discovery with a set of unified security and privacy policies, includes the step of discovering a set of data and a set of data accesses within an enterprise computing system. The method includes the step of classifying the set of discovered data and the set of data accesses with an identification that shows which of the data assets are important or critical for the enterprise. The method includes the step of determining which of the set of discovered data and the set of data accesses have or are associated with sensitive information. The method includes the step of placing the set of discovered data and the set of data accesses that are associated with sensitive information into a set of discovered information about the infrastructure. The method includes the step of determining which of the set of discovered data and the set of data accesses are relevant in the context of a specified governmental data privacy regulation.

Abstract: In one aspect, a method for implementing a cloud-platform push for one or more known data breaches includes the step of, for each data breach of the one or more known data breaches, providing a functionality that maps one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes generating a security rule for each mapped kill chain or TTP based on the functionality that maps the one or more kill chains or Tactics, Techniques, and Procedures (TTPs) for a specified set of security dimensions. A step includes pushing the security rule to an enterprise so that the enterprise is aware of a vulnerability in the data breach. A step includes generating a customized posture for a Virtual private cloud (VPC) in the enterprise's cloud-based network. A step includes determining that the data breach can occur within the enterprise's cloud-based network.

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

Abstract: Techniques are disclosed relating to a graphical user interface (GUI) for editing classification rules. The graphical user interface may include a display of a modified threshold value for a classification rule, where values on one side (e.g. above) the threshold value indicate a first type of classification, and values on the other side (e.g. below) indicate a second type of classification. Machine learning techniques may be used to suggest a modified threshold value to the user, who may accept the modified value, or may provide, via the GUI, their own modified value, which can be different from a suggested value. Graphical indications of accuracy for the classification rule may be displayed.

Abstract: Systems, methods, and computer program products for identifying a fraudulent device. A device analytics engine receives device data from a computing device, the device data including parameters associated with the computing device. The device analytics engine selects a set of rules in a plurality of rules that indicate at least one parameter in the plurality of parameters in the device data for determining a device identifier. The set of rules are evaluated in an order until the device identifier is determined from the at least one parameter indicated in the set of rules, the device data, and previously stored data from multiple computing devices. A score is generated for the computing device using one or more of the device identifier, device data, a set of rules, and previously receive device data that corresponds to the device identifier. A computing device is identified as a fraudulent computing device based on the score.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: Methods and systems for preparing acetone from cumene hydroperoxide (CHP) are disclosed. The disclosed methods involve cleaving CHP to form a cleavage product stream. In some embodiments, the cleavage product stream is separated into an overhead stream and a bottoms stream. The bottoms stream is neutralized, washed and then treated in a crude acetone column to provide a crude acetone stream. The overhead stream of the cleavage product is flashed forward in the process, bypassing the neutralization, washing, and crude acetone column and is then combined with the crude acetone stream. The combined acetone streams are provided to an acetone product column. According to some embodiments, the acetone product column comprises a side draw for obtaining a recycle acetone stream, which is recycled to the cleavage reactor(s). The recycle acetone side draw may be located lower on the acetone product column than the point from which product acetone is obtained.

Abstract: There are provided systems and methods for a shared prediction engine for machine learning model deployment. A service provider may provide AI hosting platforms that allow for clients, customers, and other end users to upload AI models for execution, such as machine learning models. A user may utilize one or more user interfaces provided to a client device by the service provider to select machine learning models to perform predictive services based on input features provided in an input string. Thereafter, a machine learning engine may host and execute the models during an instance of the engine provided to the client device. The engine may then process the input features in a processing thread remotely from the client device during the instance so that machine learning predictions may be determined. Thereafter, an output string for the predictions and model explanations may be provided to the client device.

Abstract: There are provided systems and methods for predictive data aggregations for real-time detection of anomalous data. A service provider, such as an electronic transaction processor for digital transactions, may access feature data for accounts prior to the feature data being used in a live risk analysis system, for example, at a designated time and/or for a designated time period. The service provider may predetermine data values from the feature data, such as aggregates of the feature data that are for certain time periods and utilized by the live risk analysis system. This processing may be done in a batch processing job in order to determine data values for multiple accounts. These data values are prestored in an available database for a distributed computing system of the service provider. Thereafter, when the live risk analysis system requires the data values, the data values may be immediately retrieved.

Abstract: Methods and systems for preparing acetone from cumene hydroperoxide (CHP) are disclosed. The disclosed methods involve cleaving CHP to form a cleavage product stream. In some embodiments, the cleavage product stream is separated into an overhead stream and a bottoms stream. The bottoms stream is neutralized, washed and then treated in a crude acetone column to provide a crude acetone stream. The overhead stream of the cleavage product is flashed forward in the process, bypassing the neutralization, washing, and crude acetone column and is then combined with the crude acetone stream. The combined acetone streams are provided to an acetone product column. According to some embodiments, the acetone product column comprises a side draw for obtaining a recycle acetone stream, which is recycled to the cleavage reactor(s). The recycle acetone side draw may be located lower on the acetone product column than the point from which product acetone is obtained.

Abstract: A computer implemented method for providing workload resource management to applications in an embedded system. The method includes receiving, by an application-specific basic runtime environment (BRE), workload resource requirements of an application installed on the embedded system. The method includes obtaining, by the application-specific BRE, the workload resource requirements from an operating system of the embedded system. The method includes providing, by the application-specific BRE, the workload resource requirements to the application. The method includes initiating, by the application-specific BRE, the execution of the application on the embedded system.

Abstract: Pure machine learning classification approaches can result in a “black box” solution where it is impossible to understand why a classifier reached a decision. This disclosure describes generating new classification rules leveraging machine learning techniques. New rules may have to meet evaluation criteria. Legibility of those rules can be improved for understanding. A machine learning classifier can be created that is used to identify possible candidate classification rules (e.g. from a group of decision trees such as a random forest classifier). Classification rules generated with the assistance of machine learning may allow for identification of transaction fraud or other classifications that a human analyst would be unable to identify. A selection process can identify which possible candidate rules are effective. The legibility of those rules can then be improved so that they can be more easily understood by humans.

Abstract: Techniques are disclosed relating to tuning fraud-detection rules using machine learning. In some embodiments, a server system may maintain rule information indicative of a plurality of fraud-detection rules for a transaction system. For example, in some embodiments, the server system may implement a fraud-detection service for the transaction system. In some embodiments, the server system may select a first rule to update, where the first rule includes one or more evaluation criteria and one or more corresponding user-defined threshold values. The server system may apply a machine learning algorithm to training data associated with the transaction system to generate an updated version of the first rule. The server system may then compare a performance of the first rule and the updated version of the first rule and, based on that performance, determine whether to suggest the updated version of the first rule to the transaction system.

Abstract: Embodiments relate to systems and methods that facilitate coordination amongst host devices that share network resources in order to use available bandwidth effectively. Embodiments can ensure the host devices themselves take responsibility for sending their data via shared network bandwidth, keeping access to bandwidth fair to all the host devices. Embodiments also include adapting to a continuously changing network bandwidth allocation policy for the shared network resource. In one embodiment, this includes using tokens (e.g., small chunk messages) to represent a grant to a host device to send a specified number of bytes over the network. Using a token generator module and a distributed queue, embodiments provide a unique and adaptive way to manage data transmissions among host devices within available resources.