Abstract: Systems and methods for detecting a malware injection interested processes. The method includes identifying one or more trusted processes, monitoring at least one thread associated with the trusted processes using at least one control point, detecting activity at the at least one thread based on the at least one control point and determining a timestamp of the detected activity, receiving from the trusted processes at least one execution stack corresponding to the timestamp and indicating the at least one control point used to monitor the at least one thread, applying a first malware detector to the at least one execution stack to generate a first verdict, collecting the first verdict and auxiliary information corresponding to the trusted processes at the given timestamp, and applying a second malware detector to the first verdict and the auxiliary information to generate a second verdict.

Abstract: Systems and methods for detecting a phishing attack in an email message. The method includes intercepting and evaluating an email, and generating a reputation score based on the evaluation of the email message. If the malicious component is detected, the email is blocked, if not, a trust score is generated. A determination is made whether the email is generated by AI, based on LLM. A certainty score is generated which is indicative of intentions and context of the email message being malicious. When the certainty score is higher than a threshold, a combined score by combining the reputation score, the trust score, and the certainty score. When the combined reputation score is higher than a threshold, the email is blocked, and if lower, a summary is generated by a summary AI engine. Based on a comparison with known malware summaries, the email is flagged or blocked.

Abstract: Systems and methods for secure deduplication of encrypted content. A system generally includes a client, a key server, a fingerprint index, and a storage service. The client can perform chunking of a file, hashing of chunks to generate tags, and encryption of chunks using a salted key from the key server. The fingerprint index checks for duplicate ciphertexts using the tags. The storage service saves non-duplicate ciphertext.

Abstract: Systems and methods for simplified software backup. Generative artificial intelligence (AI) based on a large language model (LLM) is utilized to determine a backup restore operation for a backup request for a target system using a metadata tracked during a previous backup of the target system, and execute the backup restore operation to satisfy the backup request.

Abstract: A system and method for validating the consistency of a computer backup mounts the backup as a virtual machine on a hypervisor host. A screenshot of the virtual machine's boot screen is recorded and sent to a machine-learning service for verification of boot status. The resulting boot status as successful or failed is recorded in metadata associated with that computer backup.

Abstract: Systems and methods for firmware protection of industrial control systems. A kernel-level agent operating at a kernel mode intercepts a request to the resource, collects data associated with the intercepted request, and sends the collected data to a security service. A security service receives the collected data, analyzes the collected data to determine a verdict, and sends the verdict to the kernel-level agent. The kernel-level agent then executes a security action for the resource based on the verdict.

Abstract: Systems and methods for the protection of information systems utilize business impact analysis (BIA) data to assess the risk of security mitigation operations. A detected security incident is enriched using BIA data. A proposed mitigation action and a risk of implementing the proposed mitigation action are determined using the enriched data so that an administrator user can understand the impact or risk to the business for the proposed mitigation action.

Abstract: Disclosed herein are systems and methods for generating an intuitive network management user interface (UI). A method includes: receiving network information of at least one client network and at least one cloud network, wherein the network information includes a network identifier of each device within a given network, a status of the given network, network policies associated with the given network; determining a plurality of connections between the at least one client network and the at least one cloud network based on the network information; generating, for display, the network management UI including a three-column graphical structure wherein a first column includes first visualized information of the at least one client network, a second column includes second visualized information of the plurality of connections, and a third column includes third visualized information of the at least one cloud network.

Abstract: A system for automatic recognition of security incidents includes a processor coupled to a memory storing instructions, the processor being configured to implement the instructions for an automatic incident generator (AIG) with at least one type of events related to the system, and access to a repository of information about previously recorded incidents with the events related to these previously recorded incidents, to monitor a plurality of events, identify sequences of events including suspected signatures that are capable of constituting an incident, calculate a degree of variance (DoV) of the suspected signatures and at least one signature related to a previously recorded incident, compare the DoV to at least one threshold and, if the DoV is less (or less or equal) to the threshold, identify the incident and optionally initiate the workflow related to the identified incident.

Abstract: Disclosed herein are systems and method for determining environment dimensions based on environment pose. In one aspect, the method may include training, with a dataset including a plurality of images featuring an environment and labelled landmarks in the environment, a neural network to identify a pose of an environment. The method may comprise receiving an input image depicting the environment, generating an input tensor based on the input image, and inputting the input tensor into the neural network, which may be configured to generate an output tensor including a position of each identified landmark, a confidence level associated with each position, and a pose confidence score. The method may include calculating a homography matrix between each position in the output tensor along a camera plane and a corresponding position in an environment plane in order to output an image that visually connects each landmark along the environment plane.

Abstract: Systems and methods for automatically identifying outliers in Machine Learning training datasets. The method includes gaining access to a training set for the neural network NN. For each element of the training dataset, an embedding vector is generated, which is a numeric representation of the corresponding element. A centroid of all the embedding vectors of all the elements of the training set is computed equal to an average of all the embedding vectors of all the elements of the training set. A dissimilarity score is generated for each element of the training set by calculating a distance between the embedding vector corresponding to the element and the centroid. The method further includes identifying the elements from the training set with embedding vectors having the dissimilarity score higher than or equal to a predetermined threshold value.

Abstract: Systems and methods for generating video highlights with a certain label and a specific duration (SD) using a trained ranking neural network (RankNet). The system obtains a request for highlight generation, specific duration, and a specific label. The video is split into a set of fragments of pre-defined duration forming a sequence. Digital representation in a form of 3D spatio-temporal embedding is generated for each fragment by a spatio-temporal encoder. Using the embedding value, a rank of each fragment is identified by a trained Ranking Neural Network. Ranks are recorded into a data structure. A minimum number of fragments are selected to cover the SD using a criteria comprising comparing ranks of different fragments. A video highlight is generated from concatenated selected fragments with a truncation, if necessary.

Abstract: Methods and systems for identification and classification of errors in a submitted solution. A method includes generating a graph representation of the plurality of pre-selected error-free solutions and the submitted solution. Graph representation of an error-free solution from the plurality of pre-selected error-free solutions is selected with the minimal distance from the graph representation of the submitted solution. The graph representation of the submitted solution is compared to that of the selected error-free solution. The difference between the graph representations is then identified. The differences are then mapped to the submitted solution and the selected error-free solution. Using a graphical user interface, the difference between the submitted solution and the selected error-free solution are displayed as an explanation of an error in the submitted solution.

Abstract: Systems and methods for augmenting a training dataset. The method includes gaining access to at least one insufficient training dataset for training a neural network NN. A generative convolutional neural network GCNN is trained using the training set or a subset thereof. At least one additional item is generated by the GCNN trained on the existing training set, and the generated item is added to the original training set.

Abstract: The techniques described herein relate to systems and methods for executing a verifiable confidential computation using both an MPC network and a blockchain network. An exemplary method includes: assigning using at least one smart contract in the blockchain network: a first owner node that stores private data, a plurality of controller nodes that each store a respective data share of the private data, a first analyst node that indicates a respective computation of the secure MPC to execute on each corresponding data share stored on the plurality of controller nodes, and a plurality of processor nodes that execute each respective computation of the secure MPC on each corresponding data share and output a result; executing the secure MPC on the private data of the first owner node using the plurality of controller nodes, the first analyst node, and the plurality of processor nodes; recording the result on a blockchain.

Abstract: Systems and methods for automatic generation of highlights of video. The system includes a video processor to select one type of the video to be analyzed and split video clips from the video. The video processor recognizes positive clips, negative clips, and auxiliary clips. A spatio-temporal encoder is configured to select, from the recognized clips, a main positive clip, a main negative clip, and auxiliary positive and negative clips, and generate a three-dimensional (3D) embedding vector of each clip. The selected clips are processed by a ranking network having a self-attention layer. The self-attention layer, using a query head, a key head and the value head produces self-attention resultant vector on which an activation function is performed. A rank value is thus obtained for the selected clip. Based on the rank value, video highlights are generated.

Abstract: Systems and methods for automatically enhancing the quality of images in the training set of a neural network NN. A method includes gaining access to a training set including a plurality of images. Using at least one image quality assessment method, at least one image is identified from a plurality of images in the training set, which matches a low-quality criterion as at least one low-quality image. At least one image enhancement method is used for enhancing the at least one low-quality image to obtain at least one enhanced image. The at least one low-quality image is replaced with the corresponding at least one enhanced image in the training set.

Abstract: A system for detection of binary files containing a known malware code fragment includes a processor coupled to a memory storing instructions, the processor being configured to implement the instructions to process an unknown binary file (UBF) and a known malicious source code file (KMSCF) to decompile the UBF into a text-based unknown source code (USC) and identify whether the KMSCF is contained within the USC.

Abstract: A method for predicting at least one property of a crystal of a material, with the crystal exhibiting at least one point defect. At least one module samples structures of materials and point defects of the crystal. The method comprises: providing a neural network. The neural network comprises: receiving as input a structure of the material and an ideal crystal unit cell structure. The neural network also comprises: outputting at least one target quantity and using a generated set of data and representing the point defect. The point defect represents a set of coordinates and a type of the point defect and a crystal unit cell structure. The neural network further comprises: receiving as input at least one of a cloud of defect points and a global state vector. The neural network additionally comprises outputting a vector.

Abstract: The present disclosure relates to a system and method implemented for lowering the number of fingerprints of fragments of a file added to the digital fingerprint library using a winnowing window method. The digital fingerprint library stores fingerprints of fragments of files matching certain criteria, e.g., containing protected information. When an unknown file is examined, that library is used to compare fingerprints of fragments of size N from the unknown file to the fingerprints stored in the library. The method automatically determines criteria for adding fingerprints to the digital fingerprint library or skipping them.