Abstract: The methods and systems disclosed herein generally relate to automated execution and evaluation of computer network training exercises, such as in a virtual environment. A server executes a first attack action by a virtual attack machine against a virtual target machine based on a cyber-attack scenario, wherein the virtual target machine is configured to be controlled by the user computer. The server receives a user response to the first attack action, determines, using a decision tree, a first proposed attack action based on the user response, and executes an artificial intelligence model to determine a second proposed attack action based on the user response. The server selects a subsequent attack action from the first proposed attack action and the second proposed attack action and executes the subsequent attack action by the virtual attack machine against the virtual target machine.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which detects and defends against malware in-flight regardless of the specific nature and methodology of the underlying attack. The analytic server learns the system's normal behavior during testing and evaluation phase and trains a machine-learning model based on the normal behavior. The analytic server monitors the system behavior during runtime comprising the runtime behavior of each sub-system of the system. The analytic server executes the machine-learning model and compares the system runtime behavior with the normal behavior to identify anomalous behavior. The analytic server executes one or more mitigation instructions to mitigate malware. Based on multiple available options for mitigating malware, the analytic server makes an intelligent decision and takes the least impactful action that have the least impact on the system to maintain mission assurance.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a SilverlineRT system that prioritizes and analyzes security alerts and events. The server builds an attack tree based on attack detection rules. The server monitors large-scale distributed systems and receives alerts from various devices. The server determines attacks using the attack tree while excluding false alarms. The server determines impact and risk metrics for attacks in real-time, and calculates an impact score for each attack. The server ranks and prioritizes the attacks based on the impact scores. The server also generates real-time reports. By consider the mission and system specific context in the analysis alert information, the server gives insight into the overall context of problems and potential solutions, improving decision-making. By showing the impacts of alters, the server allows security personnel to prioritize responses and focus on highest value defense activities.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a terrain segmentation and classification tool for synthetic aperture radar (SAR) imagery. The server accurately segments and classifies terrain types in SAR imagery and automatically adapts to new radar sensors data. The server receives a first SAR imagery and trains an autoencoder based on the first SAR imagery to generate learned representations of the first SAR imagery. The server trains a classifier based on labeled data of the first SAR imagery data to recognize terrain types from the learned representations of the first SAR imagery. The server receives a terrain query for a second SAR imagery. The server translates the second imagery data into the first imagery data and classifies the second SAR imagery terrain types using the classifier trained for the first SAR imagery. By reusing the original classifier, the server improves system efficiency.

Abstract: Disclosed herein are embodiments of systems and methods that dynamically reconfigure a multi-tiered system of network devices and software applications in response to an ongoing and/or anticipated cyber-attack. The dynamic reconfiguration of the network devices may consist of a wide range of processes, which may include generating new network addresses for individual network devices; reconfiguring the network devices by creating firewalls, changing protocols between the network devices in a multi-tier reconfiguration solution, changing the cloud infrastructure provider of the network devices, even when the underlying network infrastructure ecosystem differs across cloud service providers (CSPs); and maintaining a secure and updated data model of a record of reconfigured network devices and their dependencies to allow legitimate users of the network devices to understand reconfiguration actions that are hidden from malicious users such as hackers and cyber-attackers.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which improves the cybersecurity of a unified system comprising a plurality of sub-systems. The analytic server may instantiate a sub attack tree for each network sub-system within the unified system of distributed network infrastructure. The analytic server may access the sub attack trees of the network sub-systems based on the corresponding identifiers. The analytic server may build a high-level attack tree of the unified system by aggregating the sub attack tree of each sub-system. The analytic server may determine how the interconnection of the plurality of network sub-systems may affect the unified system security. The analytic server may update one or more nodes of the attack tree to reflect the changes produced from the interconnection. The analytic server may build the attack tree based on a set of aggregation rules.

Abstract: Disclosed herein are embodiments of systems and methods that dynamically reconfigure a multi-tiered system of network devices and software applications in response to an ongoing and/or anticipated cyber-attack. The dynamic reconfiguration of the network devices may consist of a wide range of processes, which may include generating new network addresses for individual network devices; reconfiguring the network devices by creating firewalls, changing protocols between the network devices in a multi-tier reconfiguration solution, changing the cloud infrastructure provider of the network devices, even when the underlying network infrastructure ecosystem differs across cloud service providers (CSPs); and maintaining a secure and updated data model of a record of reconfigured network devices and their dependencies to allow legitimate users of the network devices to understand reconfiguration actions that are hidden from malicious users such as hackers and cyber-attackers.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a SilverlineRT system that prioritizes and analyzes security alerts and events. The server builds an attack tree based on attack detection rules. The server monitors large-scale distributed systems and receives alerts from various devices. The server determines attacks using the attack tree while excluding false alarms. The server determines impact and risk metrics for attacks in real-time, and calculates an impact score for each attack. The server ranks and prioritizes the attacks based on the impact scores. The server also generates real-time reports. By consider the mission and system specific context in the analysis alert information, the server gives insight into the overall context of problems and potential solutions, improving decision-making. By showing the impacts of alters, the server allows security personnel to prioritize responses and focus on highest value defense activities.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which detects and defends against malware in-flight regardless of the specific nature and methodology of the underlying attack. The analytic server learns the system's normal behavior during testing and evaluation phase and trains a machine-learning model based on the normal behavior. The analytic server monitors the system behavior during runtime comprising the runtime behavior of each sub-system of the system. The analytic server executes the machine-learning model and compares the system runtime behavior with the normal behavior to identify anomalous behavior. The analytic server executes one or more mitigation instructions to mitigate malware. Based on multiple available options for mitigating malware, the analytic server makes an intelligent decision and takes the least impactful action that have the least impact on the system to maintain mission assurance.

Abstract: The methods and systems disclosed herein generally relate to automated execution and evaluation of computer network training exercises, such as in a virtual environment. A server generates a training system having a virtual attack machine and a virtual target machine where the virtual target machine is operatively controlled by a trainee computer. The server then executes a simulated cyber-attack and monitors/collects actions and responses by the trainee. The server then executes an artificial intelligence model to evaluate the trainee's action and to identify a subsequent simulated cyber-attack (e.g., a next step to the simulated cyber-attack). The server may then train the artificial intelligence model using various machine-learning techniques using the collected data during the exercise.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a terrain segmentation and classification tool for synthetic aperture radar (SAR) imagery. The server accurately segments and classifies terrain types in SAR imagery and automatically adapts to new radar sensors data. The server receives a first SAR imagery and trains an autoencoder based on the first SAR imagery to generate learned representations of the first SAR imagery. The server trains a classifier based on labeled data of the first SAR imagery data to recognize terrain types from the learned representations of the first SAR imagery. The server receives a terrain query for a second SAR imagery. The server translates the second imagery data into the first imagery data and classifies the second SAR imagery terrain types using the classifier trained for the first SAR imagery. By reusing the original classifier, the server improves system efficiency.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which improves the cybersecurity of a unified system comprising a plurality of sub-systems. The analytic server may instantiate a sub attack tree for each network sub-system within the unified system of distributed network infrastructure. The analytic server may access the sub attack trees of the network sub-systems based on the corresponding identifiers. The analytic server may build a high-level attack tree of the unified system by aggregating the sub attack tree of each sub-system. The analytic server may determine how the interconnection of the plurality of network sub-systems may affect the unified system security. The analytic server may update one or more nodes of the attack tree to reflect the changes produced from the interconnection. The analytic server may build the attack tree based on a set of aggregation rules.

Abstract: Disclosed herein are embodiments of systems and methods that dynamically reconfigure a multi-tiered system of network devices and software applications in response to an ongoing and/or anticipated cyber-attack. The dynamic reconfiguration of the network devices may consist of a wide range of processes, which may include generating new network addresses for individual network devices; reconfiguring the network devices by creating firewalls, changing protocols between the network devices in a multi-tier reconfiguration solution, changing the cloud infrastructure provider of the network devices, even when the underlying network infrastructure ecosystem differs across cloud service providers (CSPs); and maintaining a secure and updated data model of a record of reconfigured network devices and their dependencies to allow legitimate users of the network devices to understand reconfiguration actions that are hidden from malicious users such as hackers and cyber-attackers.

Abstract: Disclosed herein are embodiments of systems, methods, and products that execute tools to identify non-malicious faults in source codes introduced by engineers and programmers. The tools may execute a machine learning model on the source codes to perform sentiment analysis and pattern analysis on information associated with the source codes to generate annotated source code files identifying anomalies based on the sentiment analysis and the pattern analysis. One or more threat levels are then identified and ranked based on the one or more anomalies and a ranked list of the one or more threat levels is displayed on a graphical user interface of a computer.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a SilverlineRT system that prioritizes and analyzes security alerts and events. The server builds an attack tree based on attack detection rules. The server monitors large-scale distributed systems and receives alerts from various devices. The server determines attacks using the attack tree while excluding false alarms. The server determines impact and risk metrics for attacks in real-time, and calculates an impact score for each attack. The server ranks and prioritizes the attacks based on the impact scores. The server also generates real-time reports. By consider the mission and system specific context in the analysis alert information, the server gives insight into the overall context of problems and potential solutions, improving decision-making. By showing the impacts of alters, the server allows security personnel to prioritize responses and focus on highest value defense activities.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a terrain segmentation and classification tool for synthetic aperture radar (SAR) imagery. The server accurately segments and classifies terrain types in SAR imagery and automatically adapts to new radar sensors data. The server receives a first SAR imagery and trains an autoencoder based on the first SAR imagery to generate learned representations of the first SAR imagery. The server trains a classifier based on labeled data of the first SAR imagery data to recognize terrain types from the learned representations of the first SAR imagery. The server receives a terrain query for a second SAR imagery. The server translates the second imagery data into the first imagery data and classifies the second SAR imagery terrain types using the classifier trained for the first SAR imagery. By reusing the original classifier, the server improves system efficiency.

Abstract: A food waste disposal system includes a waste disposal machine, a PLC, which controls the operation of the food waste disposal machine; at least one scale connected to a load cell indicator; door sensors; a minicomputer, a network connection, the minicomputer in data communication with an analytics cloud. The minicomputer includes SSL certificates; validates data communicated to the analytics cloud; stores the data in a centralized database and transmit a successful status code to the mini-computer after determining that the data is valid; and transmits an error code if the data validation fails, or another type of system error occurs; examines, aggregates and processes validated data; and determines the amount of waste dumped into the waste disposal machine based on door-open and door-closed states; and pre-aggregates a weight processed data by time or by digester to provide reporting to an end-user.

Abstract: Computer eyewear for reducing the effects of Computer Vision Syndrome (CVS). In one embodiment, the eyewear comprises a frame and two lenses. In some embodiments, the frame and lenses have a wrap-around design to reduce air flow in the vicinity of the eyes. The lenses can have optical power in the range of approximately +0.5 to +2.5 diopters for reducing accommodation demands on a user's eyes when using a computer. The lenses can also include prismatic power for reducing convergence demand on a user's eyes when sitting at a computer. The lenses can also include a partially transmissive mirror coating, tinting, and anti-reflective coatings. In one embodiment, a partially transmissive mirror coating or tinting spectrally filters light to remove spectral peaks in fluorescent or incandescent lighting.

Abstract: Computer eyewear for reducing the effects of Computer Vision Syndrome (CVS). In one embodiment, the eyewear comprises a frame and two lenses. In some embodiments, the frame and lenses have a wrap-around design to reduce air flow in the vicinity of the eyes. The lenses can have optical power in the range of approximately +0.5 to +2.5 diopters for reducing accommodation demands on a user's eyes when using a computer. The lenses can also include prismatic power for reducing convergence demand on a user's eyes when sitting at a computer. The lenses can also include a partially transmissive mirror coating, tinting, and anti-reflective coatings. In one embodiment, a partially transmissive mirror coating or tinting spectrally filters light to remove spectral peaks in fluorescent or incandescent lighting.

Abstract: A new cultivar of Leucothoe plant named ‘ReJoyce’ that is characterized by its wine red and orange foliage that changes to green in summer and then back to wine-red and orange in the fall, its good tolerance to summer heat, its good tolerance to colder temperatures, its compact and arching habit, its easy propagation; allowing 2 to 3 rounds of cuttings per year, and its resistance to fungal diseases.