Abstract: Phishing attacks cause financial frauds and credential thefts. The conventional blacklist, whitelist and Machine Learning (ML) based methods fail to provide an accurate detection of phishing attacks. The present disclosure provides a layered approach wherein a URL domain name is compared with blacklist domains and whitelist domains. Further, the URL undergoes Internet Protocol (IP) address checking followed by context checking. A clicked context is verified based on the number of search results from a popular search engine. Otherwise, the typed context is checked for non-ASCII characters in the domain name. Further, the URL is checked for any brand name. Further, the domain is checked for any misspelling. Further, the URL is examined using a Machine Learning (ML) model. Finally, the URL is classified as phishing if a number hits in a popular search engine is less. Here a phishing alert is generated in each layer based on the corresponding decision.

Abstract: The disclosure relates to a method and a system for sequencing asset segments of privacy policy using optimization techniques. The asset segments are sequenced based on several constraints associated with preferences of a source entity and a target entity. Further the disclosure also determines a target entity violation factor that represents a conflict between the preferences associated with the source entity and the target entity. In an embodiment the disclosed method and system optimally sequences the plurality of asset segments using several optimization techniques that include a basic sequence generation technique, a source entity sequence optimizing technique and a target entity sequence optimizing technique considering constraints. Hence the disclosure bridges a communication gap between several stakeholders by optimally displaying the most relevant privacy policy (mapped to the asset segments) considering the constraints or preferences associated with both the source entity and the target entity.

Abstract: Protecting consumer data is a key responsibility of an organization. The method of protection need to compare the data with policy documents. Ontology and a threshold to select an optimal match plays a key role in such comparison. The conventional automatic threshold computation methods are complex and not based on semantic similarity. The present disclosure generates an Entity Relationship (ER) model from an input document and is converted into a first ontology. The first ontology and a second ontology obtained from a relational database are compared by an ontology matching algorithm. Further, the plurality of many to many correspondences are optimized to one to one correspondence by an optimization method. Further, a plurality of optimal one to one correspondence is generated based on a threshold. The threshold is computed based on symmetric and transitive property. Further, semantically similar entities are selected based on the optimal one to one correspondence.

Abstract: This disclosure relates generally to a method and system for extraction of SQL queries in an application. Various conventional approaches models SQL query extraction at a specific program point problem as an instance of string expression problem. Many string analysis based solutions are not scalable for large applications and those which are scalable do not account explicitly for the heap based flow. In an embodiment, the disclosed method and system utilizes a multi-criteria slicing based model which takes into account the data flowing through heap and contributing to SQL queries generation.

Abstract: This disclosure relates generally to system and method for assessing insider influence on enterprise assets. Existing work focuses on the detection of insider threat and does not consider the influence of an insider on their peers and subordinates. The present disclosure aggregates and preprocesses the enterprise data specific to the individuals received from various sources, and further creates an enterprise graph between entities. Weights of every edge connected between any two entities in the enterprise graph is then calculated. Community of the individuals are detected wherein, relevant insider(s) are identified, and susceptibility of the individuals for probable influence by relevant insider(s) based on the analysis scenarios(s) is calculated. Paths taken by the relevant insider(s) is calculated for estimating probability of data loss.

Abstract: The disclosure relates to sequencing of asset segments of privacy policies. The asset segments are sequenced based on a set of constraints. In an embodiment the asset segments are sequenced using a set of pre-defined predecessors and a set of pre-defined successors of each asset segment through a feasible sequence generation technique and a sequence generation technique based on the constraints, wherein the constraints are preferences associated with the source entity and the target entity. Hence the disclosure bridges a communication gap between the source entity and the target entity by optimally displaying the most relevant privacy policy (mapped to the asset segments) based on the constraints associated with the source entity and the target entity. Further the disclosed system also determines a violation factor that represents a conflict between the preferences associated with the source entity and the target entity.

Abstract: This disclosure relates generally to consent management, and more particularly to a method and system for generating consent recommendation. The system determines a user aspect indicating consent preferences of the user, and identifies/predicts a reference privacy profile as matching the user aspect. The system uses a machine learning model to process the user aspect and to predict the matching reference privacy profile. Further, based on the matching reference privacy profile, the system generates one or more consent recommendations. The system can also be configured to obtain feedback for the generated consent recommendations and re-recommends consents based on the obtained feedback.

Abstract: This disclosure relates generally to online learning against data poisoning attack. Conventional methods used data sanitization techniques for online learning against data poisoning attack. However, these methods do not remove poisoned data points from training dataset completely. Embodiments of the present disclosure method provide an influence based defense method for secure online learning against data poisoning attack. The method initially filters a subset of poisoned data points in the training dataset for training a machine learning model using data sanitization technique. Further the method computes an influence of the data points and performs an influence minimization based on a predefined threshold. Updated data points for the learning model are generated and used for training the machine learning model. The disclosed method can be used against data poisoning attacks in applications such as spam filtering, malware detection, recommender system and so on.

Abstract: System and method for contract management in a data marketplace are disclosed. In an embodiment, the system performs refactoring of a contract, during which the system extracts terms and conditions from the contract and generates a simplified view of the contract. The system further performs a requirement validation based on the contract, during which the system determines features of data entity matches requirements specified by a first party or not, based on domain specific ontologies. If the data entity features are not matching with the requirements, then the system fetches one or more relevant attributes from a list of ontologies, verifies whether the features of entity along with the selected feature(s) satisfy the requirements or not. The system accordingly generates an agreeable requirement document as output of the requirement validation.

Abstract: Data-driven applications depend on training data obtained from multiple internal and external data sources. Hence poisoning of the training data can cause adverse effects in the data driven applications. Conventional methods identifies contaminated test samples and avert them from entering into the training. A generic approach covering all data-driven applications and all types of data poisoning attacks in an efficient manner is challenging. Initially, data aggregation is performed after receiving a ML application for testing. A plurality of feature vectors are extracted from the aggregated data and a poisoned data set is generated. A plurality of personas are generated and are further prioritized to obtain a plurality of attack personas. Further, a plurality of security assessment vectors are computed for each of the plurality of attack personas. A plurality of preventive measures are recommended for each of the plurality of attack personas based on the corresponding security assessment vector.

Abstract: Systems and methods for computing data privacy-utility tradeoff is disclosed. Large data hubs like data marketplace are a source of data that may be of utility to data buyers. However, output data provided to data sellers is required to meet the privacy requirements of data sellers and at the same time maintain a level of utility to data buyers. Conventionally known methods of achieving data privacy tend to suppress components of data that may result in reduced utility of the data. Systems and methods of the present disclosure compute this tradeoff to establish need for data transformation, if any, before data is shared with data sellers.

Abstract: This disclosure relates generally to a method and system for extraction of SQL queries in an application. Various conventional approaches models SQL query extraction at a specific program point problem as an instance of string expression problem. Many string analysis based solutions are not scalable for large applications and those which are scalable do not account explicitly for the heap based flow. In an embodiment, the disclosed method and system utilizes a multi-criteria slicing based model which takes into account the data flowing through heap and contributing to SQL queries generation.

Abstract: Method and system for analyzing unstructured data for compliance enforcement is disclosed. The system provides a comprehensive compliance enforcement platform, which enables purpose based data processing in an enterprise to support automatic discovery of purposes and linking between data fields and purposes. The system creates a single view of data associated with the data subject for enforcing the data subject's right for data protection and privacy. The system supports database like transactions for unstructured data over web and ensures Atomicity, Consistency, Isolation and Durability (ACID) properties of these transactions. Thus, the system creates a uniform data layer or a web view for data residing in the unstructured and semi-structured data, spread across the enterprise. The transactions on the unstructured data include READ operation, UPDATE operation, and DELETE operation using hypertext transfer protocol (http) over the unstructured data.

Abstract: This disclosure relates generally to a method and system for biometric verification. Conventional biometric verification method and system performs one or more computations in non-encrypted domain, thereby leading to security threats. The disclosed method includes performing computations such as enrollment and verification feature vector computation, dimensionality reduction of said feature vectors, and comparison of dimensionally reduced encrypted feature vectors to obtain matching scores indicating the extent of match therebetween between in encrypted domain using fully homomorphic encryption, thereby leading to secure biometric verification.

Abstract: Conventionally, biometric template protection has been achieved to improve matching performance with high levels of security by use of deep convolution neural network models. However, such attempts have prominent security limitations mapping information of images to binary codes is stored in an unprotected form. Given this model and access to the stolen protected templates, the adversary can exploit the False Accept Rate (FAR) of the system. Secondly, once the server system is compromised all the users need to be re-enrolled again. Unlike conventional systems and approaches, present disclosure provides systems and methods that implement encrypted deep neural network(s) for biometric template protection for enrollment and verification wherein the encrypted deep neural network(s) is utilized for mapping feature vectors to a randomly generated binary code and a deep neural network model learnt is encrypted thus achieving security and privacy for data protection.

Abstract: This disclosure relates generally to automatic conversion of text-based privacy policy (PP) to video format. Typically, the PP are cognitively loaded with the content and hence difficult to read and understand. The disclosed method and system facilitate in automatic conversion of text-based PP to video format. Said video formats may incorporated in animated forms for ease of understanding of the user. The disclosed system identifies segments from target PP and maps them to template PP segments stored in a template repository. The template PP segments selected from the template repository are mapped to short video templates or snippets stored in a video repository to identify video templates representative of the selected template segments. The selected video templates are sequenced in an optimal manner considering preferences and dependencies to obtain the portions of or complete target PP.

Abstract: System and method for contract management in a data marketplace are disclosed. In an embodiment, the system performs refactoring of a contract, during which the system extracts terms and conditions from the contract and generates a simplified view of the contract. The system further performs a requirement validation based on the contract, during which the system determines features of data entity matches requirements specified by a first party or not, based on domain specific ontologies. If the data entity features are not matching with the requirements, then the system fetches one or more relevant attributes from a list of ontologies, verifies whether the features of entity along with the selected feature(s) satisfy the requirements or not. The system accordingly generates an agreeable requirement document as output of the requirement validation.

Abstract: This disclosure relates generally to selection of cloud service providers in a multi-cloud. The selection of cloud service providers (CSPs) in a multi-cloud environment is challenging as it depends on multiple criteria such as security, usability, latency, and service cost. In an embodiment, for each CSP and multi-CSP combination, two decision problems are solved; namely, a VM selection problem and a cloud region selection problem, taking latency requirement and DR laws constraints into consideration. By solving the VM selection and CC selection problems, the service cost and the user to cloud region mapping are estimated. Using said estimates and other qualitative criteria, a multi-cloud multi-criteria decision problem is solved using MCDM techniques to rank the CSP combinations for each application. Based on the ranks and a constraint on a service cost of the entity one of a CSP and a CSP combination is selected for each application.

Abstract: This disclosure relates generally to automatic conversion of text-based privacy policy (PP) to video format. Typically, the PP are cognitively loaded with the content and hence difficult to read and understand. The disclosed method and system facilitate in automatic conversion of text-based PP to video format. Said video formats may incorporated in animated forms for ease of understanding of the user. The disclosed system identifies segments from target PP and maps them to template PP segments stored in a template repository. The template PP segments selected from the template repository are mapped to short video templates or snippets stored in a video repository to identify video templates representative of the selected template segments. The selected video templates are sequenced in an optimal manner considering preferences and dependencies to obtain the portions of or complete target PP.

Abstract: This disclosure relates generally to malware detection, and more particularly to system and method for detecting and mitigating ransomware threats. For a User Equipment being monitored, the system performs a behavior analysis of corresponding file system to determine whether any anomalous behavior that would amount to a ransomware threat is associated with flies associated with the file system change, if present, then the system virtualizes the file system on the fly. If information pertaining to the identified anomalous behavior is present in any of the reference databases in the system, then all the I/O calls are terminated or the file system is virtualized for rest of the session. If data pertaining to the identified anomalous behavior is not found in any of the associated databases, then new behavioral features and structural patterns of the identified anomalous behavior and the associated processes are extracted, and the reference databases are updated accordingly.