Abstract: Disclosed herein are systems and method for detecting malicious activity on a web server. A method may include: retrieving a first backup and a second backup of a web server from a backup archive that stores a plurality of backups of the web server, wherein the first backup was generated at a first time and the second backup was generated at a second time; detecting at least one change between the first backup and the second backup; determining whether the at least one change is associated with malicious activity based on a plurality of security rules and a plurality of machine learning models and a severity of the malicious activity; and in response to determining that the severity is greater than a threshold severity, executing a rollback function of the web server to a backup that does not include the malicious activity.

Abstract: Disclosed herein are systems and method for restoring files from a backup, the method including: retrieving a time indicator from a time server associated with a backup server; synchronizing time between the backup server and a computing device performing a backup, based on the time indicator; performing the backup of files from the computing device to the backup server, wherein a malicious process modifies at least one file being backed up at an incident time during the backup and performs an attempt to change a time of the computing device such that a modification timestamp of the at least one file precedes the incident time; blocking the attempt to change the time of the computing device; subsequent to completing the backup, detecting the malicious process infecting the computing device; and performing a restoration of the backup on the computing device.

Abstract: Systems and methods for threat detection and analysis. A method includes monitoring at least one thread associated with at least one user process on a computing device. The method further includes detecting specific-system calls associated with at least one user process at user level. The specific-system calls are analyzed by applying a filter to system calls sequence feature sets associated with the specific-system calls for detecting one or more events of interest. A capture of a full stack trace of at least one user process is requested if the system calls sequence feature set is filtered and at least one event of interest is detected. A first level monitoring is provided to the computing device, which includes processing and analyzing the captured full stack trace by a machine learning (ML) stack trace analyzer to generate a first verdict for threat detection and analysis.

Abstract: Disclosed herein are systems and method for classifying objects in an image using a color-based neural network. A method may include: training a neural network to classify an object in a given image into a color class from a set of color classes; determining, from the set of color classes, a subset of color classes that are anticipated to be in a received input image based on image metadata; generating a matched mask input indicating the subset; inputting both the input image and the matched mask input into the neural network, wherein the neural network is configured to: determine a first semantic embedding of the input image and the matched mask input; outputting a color class associated with a second semantic embedding with a least amount of distance to the first semantic embedding from a plurality of semantic embeddings.

Abstract: A system and method for optimizing the performance of an autonomous race car in real-time during a race event are disclosed. An autonomous race car controller unit is pre-fed with a first set of initial parameter values and a second set of initial parameter values. A set of sensors is configured for measuring a first and a second set of real-time parameter values after the starting of the race event. A performance optimization module is configured to generate a corrective course by receiving the first and second sets of real-time parameters and detecting the presence of errors between a control command given by the controller unit and its execution.

Abstract: Disclosed herein are systems and method for performing network accelerated scheduling. In one aspect, a method may receive, at a programmable switch comprising a scheduler, a job comprising a plurality of tasks from a client. The method may store, on the programmable switch, the plurality of tasks in a queue. The method may receive an indication from a first executor on a working node that the first executor is available for task execution. The method may schedule, using a scheduling policy, at least one task in the queue to be performed by the first executor. The method may transmit the at least one task to the first executor. The method may receive a task completion indication from the first executor.

Abstract: Disclosed herein are systems and method for performing data backups using a persistent cache. A method may include storing at least one archive metadata page of a plurality of archive metadata pages in a local persistent cache, wherein the archive metadata pages are associated with a plurality of files backed up from a local storage volume of the computing device to an archive; detecting that a file of the plurality of files is modified on the local storage volume; performing an incremental backup of the modified file, by: determining whether an archive metadata page of the modified file is stored in the persistent cache, in response to determining that the archive metadata page of the modified file is comprised in the at least one archive metadata page, retrieving the archive metadata page from the persistent cache; and executing the incremental backup of the modified file using the archive metadata page.

Abstract: Disclosed herein are systems and method for reference-based detection of phishing webpages. In one aspect, a method includes inputting, for a webpage with a first domain, (1) textual data into a machine learning model (MLM) that outputs a first vector with probabilities of the textual data being associated with known brands, (2) HTML data into an MLM that outputs a second vector with probabilities of the HTML data being associated with the known brands, (3) at least one image into an MLM that outputs a third vector with probabilities of the at least one image being associated with the known brands. The model may input the first, second, and third vectors into an MLM that outputs a brand of the webpage. The method may block the webpage in response to determining that the first domain of the webpage does not match at least one domain corresponding to the brand.

Abstract: Systems and methods for simplified software backup. Generative artificial intelligence (AI) based on a large language model (LLM) is utilized to determine a backup restore operation for a backup request for a target system using a metadata tracked during a previous backup of the target system, and execute the backup restore operation to satisfy the backup request.

Abstract: In one aspect, a system may receive, via a user graphical user interface, a request to perform a data migration from a source data center to a destination data center. A system may in response to receiving the request, perform the data migration by: (1) creating a copy of a tenants structure that lists information about each tenant of the source data center, wherein a respective tenant is a representation of a user on a platform level, (2) creating and activating, on the destination data center, a plurality of new user accounts that match a main login body and suffix of a plurality of existing user accounts on the source data center, (3) re-registering, at the destination data center, agents from the source data center; and (4) migrating backup data from the source data center to the destination data center.

Abstract: Disclosed herein are systems and method for executing jump-based content-defined data chunking. In one aspect, a method may generate, for a byte stream of data, a primary window and a secondary window that overlaps with the primary window. A method may scan the byte stream for data chunks using the primary window and the secondary window, wherein the scanning comprises (a) executing, based on minimum values in the secondary window when shifted along the primary window, a jump mechanism in which the primary window and the secondary window are shifted forward by a fixed amount of bytes on the byte stream and (b) marking cut-off points of detected data chunks based on maximum values within and outside the primary window. A method may output the cut-off points of the detected data chunks.

Abstract: Systems and methods for hiding data inside data communications other than a primary message (e.g. primary data). An encoder coupled to a message generator can include hidden data not inside the primary message, but inside secondary data, such as additional technical information or metadata. An injector can inject hidden data in secondary data received as part of a data transmission.

Abstract: Systems and methods for web UI development, including supporting and rendering UI using multiple frameworks and migrating between different frameworks. Systems and methods can train different adapters for converting UI models in declarative abstract view into framework-specific code and render UI from the code using multiple or optimal frameworks.

Abstract: A system and method implemented for installing sequential automatic updates partially distributed in a computing environment. The system includes an update server to identify a first group of nodes having applications that require updates. An update task manager sends an update task to an update agent installed at each node of a first group of the nodes. The update agent determines availability of each software component of a software application that requires the update. If the software components are ready, the update is delivered by uninstalling a previous version and installing the updated version at the software components. During the update installation, progress of the update is monitored, and completion of the update is reported to the nodes. Update availability is monitored, and emergency updates are delivered forcefully if available.

Abstract: Systems and methods for uncovering a conservation law in physical systems including evaluating collected data by a representation learning system. Analyzing the collected data by a topological learning analysis system, transferring the data into at least two displayable trajectories. Generating a distance matrix by computing so-called Wasserstein distances between the trajectories, with the distance matrix showing a shape space between the trajectories. Embedding the shape space of the distance matrix into lower dimensions by using a so-called uniform manifold approximation and projection (UMAP). Determining at least two scores for different embeddings to choose a score, representing the shape space, and/or representing a minimal dimensionality. Using a symbolic regression to identify a closed form of the integrals of motion.

Abstract: Virtual file honeypots (VFHs) are deployed to protect real files in a computing system. The storage footprint is reduced because the virtual file honeypots do not require storage resources. VFHs are generated to appear the same as other files in a computing system, presenting an attractive attack surface as bait to reveal malicious processes and agents. The VFHs are generated on-demand and are not backed up in system storage. The use of VFHs requires less storage capacity than real honeypot files and conserves computing system resources.

Abstract: Systems and methods for safeguarding the authenticity and integrity of a real-time video feed generated by a webcam. A video frame includes a sequence of frame images and key frames within the sequence. A method includes generating the video feed by the webcam at a first computing device, identifying a key frame [kf] in the video feed, digitally signing the key frame [kf] using a private key of a private key-public key pair, embedding the digitally signed key frame [kf] in the video feed, transmitting the video feed to second computing device, identifying the next key frame [kf+1] in the video feed, and determining a similarity value of the next key frame [kf+1] and the key frame [kf] to determine whether to digitally sign and embed the digitally signed key frame [kf+1] in the video feed.

Abstract: A system may store user data associated with a usage of a software application. A system may receive a request for the user data from a developer of the software application. A system may determine whether the user data is generated from a first version of the software application or a second version of the software application. A system may in response to determining that the user data is generated from the first version of the software application, retrieving a first dictionary that indicates an anonymization scheme for transmitting the user data of the first version of the software application, wherein each version of the software application has a different dictionary. A system may execute the anonymization scheme on the user data to generate anonymized user data. A system may transmit the anonymized user data to the developer in response to the request.

Abstract: Systems and methods for protecting certain personal data used by large language models. A user can ask artificial intelligence to provide an answer that can include personal or sensitive data. Systems and methods determine which data is restricted and personal, and which data is not. Personal or sensitive data is handled according to handling rules.

Abstract: Systems and methods for mitigating potential security incidents. A system includes a data ingestion module, a graphical user interface (GUI), a generative AI model, an enrichment module, and a mitigation module. The generative AI model is pretrained on a large language model (LLM) using a dataset of known security incidents and the computer system's infrastructure, and analyses potential security incidents and generates incident overviews, leveraging its understanding of attack frameworks and previous incident data. The enrichment module incorporates user interactions, enhancing the incident overviews with accurate information. The mitigation module proposes mitigation actions based on the generative AI model's insights gained from prior incidents. The system enables natural language interaction through the GUI and provides graphical representations of the incidents.