Abstract: Disclosed are systems and methods for determining an execution location for a utility component. In an exemplary aspect, the systems and methods comprise receiving, at a client device, a request to execute the utility component that performs an action on a target component; determining the execution location of the utility component; determining whether the execution location is on the client device or on a remote application server; and responsive to determining the execution location is on the remote application server, transmitting the request to be executed within a remote session between the client device and the remote application server.

Abstract: Disclosed herein are systems and method for inspecting archived slices for malware using empty spare files. In one exemplary aspect, the method comprises generating a backup slice and a virtual volume comprising a list of files in the backup slice and associated file information. The method comprises mounting the virtual volume to a disk. The method comprises creating, in the virtual volume, empty sparse files that are placeholders of the files reference in the list of files. The method comprises detecting a change between a respective empty sparse file and a corresponding file in a previous backup slice and accordingly storing the actual content of the file in the virtual volume in place of the respective empty sparse file. The method comprises scanning the virtual volume for malicious software and generating a cured slice that replaces the backup slice in the backup archive upon detection.

Abstract: Zero round trip secure communications are implemented based on noisy secrets with a polynomial secret sharing scheme. A sender identifies two negotiated noisy secrets associated with an encrypted message to send to a receiver system. The sender utilizes a first negotiated noisy secret for sub-key selection, and generates a secret polynomial using Shamir's polynomial-based secret sharing scheme with N positive integer points and a message key as a secret. The sender divides the first negotiated noisy secret into a plurality of sub-keys, and divides a second negotiated noisy secret into test blocks of a length equivalent to a length of a sub-key. The sender utilizes each of the plurality sub-keys for encrypting a corresponding test block along with one unique point of the secret polynomial. Moreover, the sender sends all encrypted test blocks and corresponding encrypted points of the secret polynomial to the receiver with the encrypted message.

Abstract: Disclosed herein are methods and systems for providing data recovery recommendations. In an exemplary aspect, a method may comprise identifying a plurality of storage devices. For each respective device of the plurality of storage devices, the method may comprise extracting a respective input parameter indicative of a technical attribute of the respective device, inputting the respective input parameter into a machine learning algorithm configured to output both a first likelihood of the respective device needing a data recovery and a second likelihood that the data recovery will fail, and determining a respective priority level of the respective device based on the first likelihood and the second likelihood. The method may comprise normalizing each respective priority level, and recommending a device of the plurality of storage devices for a test data recovery procedure based on each normalized priority level.

Abstract: A method for controlling movement of an elevator car includes driving the car vertically to a landing; activating a park brake; and holding the car immovable with the park brake. The holding includes compressing a guide rail by compression members with a first compression force; opening a door for allowing loading and/or unloading the car; maintaining the door open for allowing loading and/or unloading the car while the car is held immovable; and starting closing movement of the door. After the starting closing movement of the door, relieving the brake for allowing the elevator car to start to move vertically.

Abstract: The present disclosure is directed to an ion funnel and associated systems, where the ion funnel includes a plurality of electrodes each define an opening having an associated inner dimension and receive a RF voltage. The associated inner dimensions progressively reduce in size from approximately a first inner dimension to approximately a second inner dimension. The electrodes define an internal chamber having an outer dimension that reduces at a convergence angle of approximately 30 degrees for at least a majority of a length of the internal chamber from the first inner dimension to the second inner dimension. Additional systems and methods are provided for transferring ions from an ion funnel to an ion mobility device having a pressure greater than that of the ion funnel, for selectively transferring ions from the ion funnel to the ion mobility device, and for stripping ions of certain molecules adducted thereto during transfer.

Abstract: Aspects of the disclosure describe methods and systems for performing an antivirus scan using file level deduplication. In an exemplary aspect, prior to performing an antivirus scan on files stored on at least two storage devices, a deduplication module calculates a respective hash for each respective file stored on the storage devices. The deduplication module identifies a first file stored the storage devices and determines whether at least one other copy of the first file exists on the storage devices. In response to determining that another copy exists, the deduplication module stores the first file in a shared database, replaces all copies of the first file on the storage devices with a link to the first file in the shared database, and performs the antivirus scan on (1) the first file in the shared database and (2) the files stored on the storage devices.

Abstract: Disclosed herein are systems and method for performing secure computing while maintaining data confidentiality. In one exemplary aspect, a method receives, via an application, both data and a request to perform a secure operation on the data, wherein the secure operation is to be performed using a secure compute engine on a cloud platform such that the data is not viewable to a provider of the cloud platform. The method applies transformations to the data so that the data is not viewable to the provider. The method transmits the transformed data to the secure compute engine on the cloud platform to perform the secure operation on the transformed data, receives a result of the secure operation from the secure compute engine, and transmits the result to the application.

Abstract: Disclosed herein are systems and methods for synchronizing anonymized linked data across multiple queues for SMPC. The systems and methods guarantee that data is kept private from a plurality of nodes, yet can still be synced within a local queue, across the plurality of local queues. In conventional SMPC frameworks, specialised data known as offline data is required to perform key operations, such as multiplication or comparisons. The generation of this offline data is computationally intensive, and thus adds significant overhead to any secure function. The disclosed system and methods aid in the operation of generating and storing offline data before it is required. Furthermore, the disclosed system and methods can help start functions across multi-parties, preventing concurrency issues, and align secure input data to prevent corruption.

Abstract: A system and method that provides customized graphical user interfaces on mobile devices based on user inputs. An exemplary method includes detecting a computing device remotely connected to a remote server over a network and having an active session of a software application running on the remote server. Moreover, the method further includes identifying and selecting one or more hotkey buttons based on the detected software application, transmitting the one or more hotkey buttons to the computing device to be displayed in a customized interface while the software application is active, detecting an activation of the one or more hotkey buttons displayed on the computing device, and executing, by the remote server, an operation for the active software application in response to the activation of the one or more hotkey button by the user.

Abstract: Disclosed herein are systems and method for determining data storage insurance policies. In an exemplary implementation, a method comprises receiving a request to add a data storage insurance policy to a plurality of data files. The method comprises extracting data file attributes and determining a data recovery score for each respective data file based on a uniqueness, criticality, and/or importance of the respective data file. The method comprises determining a hardware score for each of a plurality of performance tiers comprising at least one storage server, based on an available capacity, a performance cost, and/or data recovery scores of data files currently stored at each of the plurality of performance tiers. The method comprises selecting and executing a data storage insurance policy for the respective data file based on a plurality of data recovery rules and/or the comparison of the data recovery score and the hardware score.

Abstract: A data storage system uses erasure coding in combination with hashgraph to organize stored data and recover that data in a computing environment.

Abstract: The IOC Infrastructure management system (100) and method is disclosed for building an IOC infrastructure and its management thereof. The system mainly includes a IOC processing unit and an endpoint engine. The IOC processing unit is configured to i) source raw IOCs from a plurality of external sources, ii) convert format of the raw IOCs into a predetermined format of an IOC database using a parser unit, where each parser of the parser unit corresponds to at least one IOC format, iii) build and apply syntax tree to the parsed IOCs, where the syntax tree supports complex expression-based toolsets, such as YARA, and sort the IOCs lexicographically to avoid duplication of IOC entry and render the malware detection scanning process faster and efficient.

Abstract: A system and method of anti-malware analysis including iterative techniques that combine static and dynamic analysis of untrusted programs or files. These techniques are used to identify malicious files by iteratively collecting new data for static analysis through dynamic run-time analysis.

Abstract: A method of continuous development of an internal threat scan engine based on an iterative quality assessment includes iteratively performing a dynamic assessment of a quality of a threat detection with a frequency defined for each of objects in an object collection, wherein a result of the dynamic assessment includes internal and external scan results of the objects and a consistency verdict of the internal and external scan results of the objects, changing a frequency of scanning iteration of the objects based on the consistency verdict of the external and internal scan results of the objects, classifying the objects based on the result of the dynamic assessment, and creating a development task including the internal and external scan results of the objects, meta-data of the objects, and automated test results to provide details for developing a software to fix inconsistency of the internal and external scan results.

Abstract: A system and method of anti-malware analysis including iterative techniques. These techniques are used to create a file attribute tree used by a machine learning analyzer to identify malicious files.

Abstract: A system and method are disclosed for performing non-invasive scan of a target device. The system is configured for: i) loading an endpoint protection agent to a target device; ii) providing a remote direct memory access of the target device to the remote security server for reading a memory of the target device; iii) scanning, by a second memory scan engine of the remote security server, the memory of the target device upon the violation of the security policy; iv) identifying, by the second memory scan engine of the remote security server, a threat on the target device; and v) sending, by the remote security server, a security response action to the endpoint protection agent on the target device in accordance with the security policy.

Abstract: In part, the disclosure relates to a backup and restoration system for a transactional log based journaling application. The system includes a transactional log backup process executing on one or more computing devices; an archive stored in non-transitory computer readable memory; and a binary difference file generator in electronic communication with the archive and responsive to instructions from the transactional log backup process. In one embodiment, the binary difference file generator includes a backup driver in electrical communication with and responsive to communication signals from the transactional backup process.

Abstract: The subject matter of this specification can be implemented in, among other things, a method that includes storing first client information identifying a first client device, identifying a location of the first client device, and identifying a first remote access session that provides the first client device access to resources of the remote access system. The method further includes receiving access information identifying an access device and a user account associated with the first client information. The access information indicates that the user account has been successfully authenticated by the access device. The method further includes, in response to the receipt of the access information, causing the first client device to connect to the first remote access session with the remote access system as a background process of the client device while a user interface of the client device remains locked.

Abstract: Disclosed herein are systems and method for classifying objects in an image using a color-based machine learning classifier. A method may include: training, with a dataset including a plurality of images, a machine learning classifier to classify an object in a given image into a color class from a set of color classes of a first size; receiving an input image depicting at least one object belonging to the set of color classes; determining a subset of color classes that are anticipated to be in the input image based on metadata of the input image; generating a matched mask input indicating the subset set of color classes in the input image, wherein the subset of color classes is of a second size that is smaller than the first size; and inputting both the input image and the matched mask input into the machine learning classifier.