Abstract: The invention relates to a scaled holographic medium comprising a layer construction B?-C1?-C2?, to a process for producing the sealed holographic medium, to a kit of parts, to a layer construction comprising a protective layer and a substrate layer and to the use thereof.

Abstract: Described herein are systems and methods for controlling access to a protected resource based on various criteria. In one exemplary aspect, a method comprises designating a plurality of program data installed on a computing system as protected program data; intercepting, by a kernel mode driver, a request from an untrusted application executing on the computing system to alter at least one of the protected program data; classifying, by a self-defense service, the untrusted application as a malicious application based on the intercepted request and information related to the untrusted application; and responsive to classifying the untrusted application as a malicious application, denying, by the kernel mode driver, access to the at least one of the protected program data.

Abstract: Disclosed herein are systems and methods for continuous user authentication during access of a digital service. In an exemplary aspect, a continuous authentication module may receive, at a computing device, initial authentication credentials of the user. The initial authentication credentials enable access to a service via the computing device. While the service is being accessed, the continuous authentication module may continuously monitor whether an unauthorized user has replaced the user in accessing the service by comparing usage attributes of the service with historic usage attributes associated with the user. In response to determining that the unauthorized user has replaced the user, the continuous authentication module may cease the access to the service via the computing device.

Abstract: Disclosed herein are systems and methods for preventing anti-forensics actions. In one exemplary aspect, a method may identify a suspicious object from a plurality of objects on a computing device and monitor actions performed by the suspicious object. The method may intercept a first command by the suspicious object to create and/or modify a digital artifact on the computing device and subsequent to intercepting the first command, intercept a second command by the suspicious object to delete at least one of the suspicious object and the digital artifact. In response to intercepting both the first command to create and/or modify the digital artifact and the second command to delete at least one of the suspicious object and the digital artifact, the method may block the second command, and may store the suspicious object and the digital artifact in a digital repository.

Abstract: Disclosed herein are systems and method for verifying user identity. In one exemplary aspect, a method comprises receiving sensor data from at least one sensor and parsing the sensor data to determine a plurality of identifiers of a user authorized to access data via a computing device. The method comprises generating, for each identifier, an event including the user. The method comprises intercepting, on the computing device, a data access request including an identifier of the user. The method comprises verifying whether the data access request is from the user authorized to access data by generating a chain of events including the user for a period of time preceding the data access request, determining a deviation of the chain of events from a target chain of events, and in response to determining the deviation is less than a threshold deviation value, granting the data access request.

Abstract: Disclosed herein are systems and method for performing recovery using a backup image. In one exemplary aspect, a method comprises scanning a plurality of files on one or more storage devices of a computing device. The method may determine a first set of files from the plurality of files that will be used during recovery of the one or more storage devices, and tag a second set of files that will not be used during recovery. The method may copy the second set of files that have been tagged to an external storage device, and may store the first set of files in a backup image for the computing device (excluding the tagged second set of files from the backup image). The method may add, to the backup image, a respective link to each of the tagged second set of files in the external storage device.

Abstract: Disclosed herein are systems and method for backing up data in a load-balanced clustered environment. A clustered resource to be backed up is selected, wherein the clustered resource is stored on a common storage system and operated on by a cluster-aware application executing on at least a first node and a second node of a computing cluster. A load-balanced application may migrate the clustered resource from the first node with a high-load consumption to the second node with low-load consumption. A list of changes made by both nodes are received and merged. A backup agent then generates a consistent incremental backup using data retrieved from the common storage system according to the merged list of changes to the clustered resource.

Abstract: Disclosed herein are systems and methods for pattern-based QoS violation prediction. In one exemplary aspect, a method may comprise identifying a service on a computing device that is connected to a plurality of client devices and determining a plurality of micro-services comprised in the identified service. The method may comprise parsing access information to detect that a first client device is accessing a micro-service. The method may comprise determining, for a first period of time, QoS evaluation parameters for the access between the micro-service and the first client device. The method may comprise identifying changes in the QoS evaluation parameters within the first period of time, detecting a predetermined QoS violation pattern, and executing a QoS action based on the predetermined QoS violation pattern.

Abstract: A method of identifying and locating tissue abnormalities in a biological tissue includes irradiating an electromagnetic signal, via a probe defining a transmitting probe, in the vicinity of a biological tissue. The irradiated electromagnetic signal is received at a probe, defining a receiving probe, after the signal is scattered/reflected by the biological tissue. Blood flow information pertaining to the biological tissue is provided. Based on the received irradiated electromagnetic signal and the blood flow information, tissue properties of the biological tissue are reconstructed. A tracking unit determines the position of at least one of the transmitting probe and the receiving probe while the step of receiving is being carried out, the at least one probe defining a tracked probe. The reconstructed tissue properties are correlated with the determined probe position so that tissue abnormalities can be identified and spatially located.

Abstract: Polymeric tube-in-shell heat exchangers with twisted tubes are provided. The heat exchanger may include one or more polymeric tube bundles, wherein each of the one or more polymeric tube bundles includes at least one tube twisted about its length or at least one pair of tubes twisted or wound around each other. The presently disclosed polymeric tube-in-shell heat exchangers with twisted tubes may be especially suited for applications where the use of polymer tubes offers advantages, such as in the case of acid solutions, food and beverage fluids, and carbon capture applications where the use of metal heat exchangers destroy the amines used for capture.

Abstract: Disclosed herein are systems and method for subduing target individuals using unmanned aerial vehicles (UAVs) comprises deploying one or more UAVs to a location of an individual. The method obtains information about the individual from the one or more UAVs and external sources. The method assigns an aggression factor to the individual based on the obtained information. In response to determining that the aggression factor is greater than an aggression threshold, the method prepares a neutralization action designed to reduce the aggression factor of the individual by: identifying one or more exception conditions of the individual, and selecting, from a plurality of neutralization actions that the one or more UAVs are capable of performing, a neutralization action based on the one or more exception conditions. The method then instructs the one or more UAVs to perform the selected neutralization action on the hostile individuals.

Abstract: A method of testing non-volatile memory cells formed on a die includes erasing the memory cells and performing a first read operation to determine a lowest read current RC1 for the memory cells and a first number N1 of the memory cells having the lowest read current RC1. A second read operation is performed to determine a second number N2 of the memory cells having a read current not exceeding a target read current RC2. The target read current RC2 is equal to the lowest read current RC1 plus a predetermined current value. The die is determined to be acceptable if the second number N2 is determined to exceed the first number N1 plus a predetermined number. The die is determined to be defective if the second number N2 is determined not to exceed the first number N1 plus the predetermined number.

Abstract: Disclosed herein are systems and method for authenticating user identity based on supplemental environment data. When a structured approach to acquiring user identifiers (e.g., facial images, voice clips, biometric data, etc.) of authorized user is inconclusive (e.g., a matching face is similar, but not a direct match) the systems and methods describe retrieving supplemental environment data that indirectly verifies a presence of the user in an environment. The systems and methods further comprise determining whether the supplemental environment data indicates that a respective identifier belongs to the user, and in response to determining that the supplemental environment data indicates that the respective identifier belongs to the user, authenticating the respective identifier as belonging to the user and storing the respective identifier in a database of identifiers.

Abstract: A system and method are disclosed for identifying malicious activity on a target device based on behavior analysis of the target device. The system includes a behavioral analyzer run on a virtual machine connected to the target device. The virtual machine collects system events and parameters from the target device and run a script, independent of the target device, to detect a threat. The script is a set of instructions executed to analyze behavior of an object by processing and correlating the events. The script includes a rule structure which stores signatures and expressions of the known malwares. By correlating the selected event parameters with known malware parameters, it is determined whether the event imposes a threat or not. A finite state machine is used for the state transition table.

Abstract: A system and method for detecting malware using hierarchical clustering analysis. Unknown files classified by clustering and in view of known malicious and known safe files. Machine learning models and detection rules are used to enhance classification accuracy.

Abstract: A system and method for firewall policy control in a system comprising endpoints, including functionality for isolating network elements on endpoints under management. An endpoint management agent cooperates with a remote management service to carry out policy management and synchronization, implement isolation mode when required, and perform related supporting tasks.

Abstract: The invention relates to the use of at least one open-chain, optionally branched, ether isocyanate having an NCO functionality?1, wherein 2 or 3 carbon atoms are present between at least one NCO group and at least one ether-oxygen atom, optionally in the presence of other reactants such as alcohols, amines, water, CO2, or of other reactants having an NCO functionality?1, optionally in the presence of at least one catalyst, to increase the reaction speed and/or to reduce the optionally required catalyst amount during isocyanate modification. The invention further relates to a process for modifying isocyanates, to the modified isocyanates as such and to a two-component system or one-component system and to the moldings, coatings and composite parts obtainable therefrom.

Abstract: Disclosed herein are systems and method for malicious behavior detection in processing chains comprising identifying and monitoring events generated by a first process executing on a computing device; storing snapshots of data modified by any of the events; determining a level of suspicion for the first process, wherein the level of suspicion is a likelihood of the first process being attributed to malware based on the data modified by any of the events; in response to determining that the first process is not trusted based on the determined level of suspicion, identifying at least one sub-process of the first process; and restoring, from the snapshots, objects affected by the first process and the at least one sub-process.

Abstract: Disclosed herein are systems and methods for protecting user data. In one aspect, an exemplary method comprises, by a hardware processor, detecting one or more user files modified by a user on a user device; identifying user actions executed by the user to modify the one or more user files; training a machine learning algorithm to identify whether an arbitrary user action is performed by the user, wherein the user actions used by the user to modify the one or more user files are comprised in a training dataset of the machine learning algorithm; detecting a user action to modify a user file; determining, using the machine learning algorithm, whether the user action classifies as being performed by the user; and in response to determining that the machine learning algorithm classifies the user action as being performed by the user, modifying the user action to mask an identity of the user.

Abstract: Disclosed herein are systems and method for scanning objects of a computing device, by an anti-malware, using a white list created for an organization based on data of the organization. In one aspect, an exemplary method comprises obtaining one or more objects of the organization from the computing device, and for each obtained object of the one or more objects, computing a hash value of the obtained object, determining whether the obtained object is whitelisted, and scanning the obtained object based on whether the obtained object is whitelisted, wherein the whitelist is created based on scanning of objects stored in archives of the organization, and the obtained object is determined as being whitelisted when the computed hash value of the obtained object matches a hash value of an object in a whitelist created for the organization.