Abstract: Disclosed herein are systems and method for forming and executing a backup strategy. In one aspect, an exemplary method comprises, for each file of files from one or more data sources that is being evaluated to form the backup strategy for the file, updating a frequency database, evaluating a uniqueness for the file stored at a data source of the one or more data sources by comparing at least a portion of data of the file to the frequency database, categorizing the file into a hierarchy of logical types according to properties of the file, and forming the backup strategy for the file according to the uniqueness and categorization of the file.

Abstract: Disclosed herein are systems and methods for generating tokens using SMPC compute engines. In one aspect, a method may hash, by a node, a data input with a salt value. The method may split, by the node, the hashed data input into a plurality of secret shares, wherein each respective secret share of the plurality of secret shares is assigned to a respective SMPC compute engine of a plurality of SMPC compute engines. The respective SMPC compute engines may be configured to collectively hash the respective secret share with a secret salt value, unknown to the plurality of SMPC compute engines. The respective SMPC compute engine may further receive a plurality of hashed secret shares from remaining SMPC compute engines of the plurality of SMPC compute engines, and generate a token, wherein the token is a combination of the hashed respective secret share and the plurality of hashed secret shares.

Abstract: Disclosed herein are systems and method for seamlessly migrating from an existing software to a new software. In one exemplary aspect, a method may comprise retrieving usage activity information of the existing software from the at least one computing device and identifying settings from the existing software to migrate. The method may further comprise converting, based on an internal database with metadata information about the new software, the settings in the existing software to corresponding settings in the new software, and determining, based on the usage activity information, a migration plan indicative of a sequence of tasks for installing the new software and removing the existing software such that a quality of service associated with accessing the plurality of features on the at least one computing device does not decrease to less than a threshold quality of service. The method may further comprise executing the migration plan.

Abstract: Disclosed herein are systems and methods for dynamic job performance in secure multiparty computation (SMPC). The method may comprise receiving an SMPC query that indicates a processing job to be performed on a data input. The method may split the data input to generate a plurality of partial data inputs, based on parameters and the query type of the SMPC query. The method may generate a plurality of jobs to perform on the plurality of partial data inputs and determine a combined result of the processing job. The method may adjust the amount of worker processes in a worker pool based on at least one of: required computation, time of day, date, financial costs, power consumption, and available network bandwidth.

Abstract: Disclosed herein are systems and methods for generating tokens using SMPC compute engines. In one aspect, a method may hash, by a node, a data input with a salt value. The method may split, by the node, the hashed data input into a plurality of secret shares, wherein each respective secret share of the plurality of secret shares is assigned to a respective SMPC compute engine of a plurality of SMPC compute engines. The respective SMPC compute engines may be configured to collectively hash the respective secret share with a secret salt value, unknown to the plurality of SMPC compute engines. The respective SMPC compute engine may further receive a plurality of hashed secret shares from remaining SMPC compute engines of the plurality of SMPC compute engines, and generate a token, wherein the token is a combination of the hashed respective secret share and the plurality of hashed secret shares.

Abstract: Disclosed herein are systems and methods for synchronizing anonymized linked data across multiple queues for SMPC. The systems and methods guarantee that data is kept private from a plurality of nodes, yet can still be synced within a local queue, across the plurality of local queues. In conventional SMPC frameworks, specialised data known as offline data is required to perform key operations, such as multiplication or comparisons. The generation of this offline data is computationally intensive, and thus adds significant overhead to any secure function. The disclosed system and methods aid in the operation of generating and storing offline data before it is required. Furthermore, the disclosed system and methods can help start functions across multi-parties, preventing concurrency issues, and align secure input data to prevent corruption.

Abstract: Systems and methods for file sharing over secure connections.

Abstract: Disclosed herein are systems and method efficiently executing a program operation on a cloud-based service. In an exemplary aspect, a method comprises receiving a request to perform a program operation on a cloud-based service and at least one user constraint for performing the program operation, and determining a plurality of sub-operations that are comprised in the program operation. The method comprises identifying a plurality of service component combinations offered by the service provider that can execute the program operation, and identifying, based on a status of each service component, at least one processing constraint of each service component. The method comprises determining, by a machine learning algorithm, a service component combination from the plurality of service component combinations for executing the program operation based on the at least one user constraint and processing constraints. The method comprises executing the program operation by the determined service component combination.

Abstract: Disclosed herein are systems and method for neutralizing hostile individuals using unmanned aerial vehicles (UAVs) comprises deploying one or more UAVs to a location of an individual. The method obtains information about the individual from the one or more UAVs and external sources. The method assigns an aggression factor to the individual based on the obtained information. In response to determining that the aggression factor is greater than an aggression threshold, the method prepares a neutralization action designed to reduce the aggression factor of the individual by: identifying one or more exception conditions of the individual, and selecting, from a plurality of neutralization actions that the one or more UAVs are capable of performing, a neutralization action based on the one or more exception conditions. The method then instructs the one or more UAVs to perform the selected neutralization action on the hostile individuals.

Abstract: Disclosed herein are systems and method for read-optimized de-duplication of blocks of data. In one aspect, an exemplary method comprises for each page of a newly received block of data, computing a page hash and assigning a page context ID, computing an index of a page node for storing the page and selecting the page node, when the selected page node contains a copy of the page, adding a page reference to a block descriptor with the page being referenced by the page hash augmented by the page context ID, otherwise, storing the page in plain storage; and for the block of data, storing the block descriptor in a block node of the de-duplication engine, the block of data being referenced by a block hash and the block descriptor containing at least a list of pages of the block stored in page nodes of the de-duplication engine.

Abstract: A technique is described for protecting file data from malicious programs, in particularly, by decrypting data that has been maliciously encrypted by software such as ransomware. The described technique generates a copy of a first block of a plurality of files stored on a computing device, and also intercepts request(s) from a process executing on the computing device to obtain certain types of random data and system entropy, which are recorded. When the system detects that the plurality of files have been encrypted by a malicious program, the described system determines a cryptographic key determined based on the generated copies of the first blocks of the plurality of files and on the recorded random data, and uses that key to decrypt the plurality of files.

Abstract: Disclosed herein are systems and method for method for predictive data protection. In one aspect, an exemplary method comprises selecting data stored on a computing device for backing up, according to a predetermined schedule for performing a backup; collecting features associated with the computing device where the data for the backup is stored, the features comprising device information for the computing device, user information for a user of the data, and external information associated with a locale of the computing device; analyzing the features to determine a set of backup parameters for the backup, wherein the backup parameters comprise scheduling parameters and destination storage parameters; generating a backup plan based on the set of parameters for performing the backup; and performing the backup of the data according to the backup plan.

Abstract: Disclosed herein are systems and method for performing secure computing while maintaining data confidentiality. In one exemplary aspect, a method receives, via an application, both data and a request to perform a secure operation on the data, wherein the secure operation is to be performed using a secure compute engine on a cloud platform such that the data is not viewable to a provider of the cloud platform. The method applies transformations to the data so that the data is not viewable to the provider. The method transmits the transformed data to the secure compute engine on the cloud platform to perform the secure operation on the transformed data, receives a result of the secure operation from the secure compute engine, and transmits the result to the application.

Abstract: Aspects of the present disclosure describe methods and systems for optimized re-striping in an erasure encoded storage. In one exemplary aspect, a method may receive a request to re-stripe a plurality of data blocks arranged as a tile in the erasure encoded storage, wherein the request comprises a desired tile width. The method may identify (1) a number of data blocks in the tile and (2) a width of the tile. The method may determine a maximum number of data blocks that do not need to be rearranged when reconfiguring the tile to the desired tile width. Furthermore, the method may determine a tile reconfiguration with the desired tile width that does not rearrange the maximum number of the data blocks of the tile, and may re-stripe the tile in accordance with the tile reconfiguration.

Abstract: Disclosed herein are systems and method for minimizing fan noise during a data backup. In one exemplary aspect, a method may comprise initiating, at a computing device, a data backup at a first backup rate, wherein the computing device comprises a fan that regulates an internal temperature of the computing device. The method may comprise calculating a noise level of the fan. The method may comprise comparing the noise level to a threshold noise level. In response to determining that the noise level exceeds the threshold noise level based on the comparison, the method may comprise reducing a backup rate of the data backup to a second backup rate, such that the noise level equals the threshold noise level. The method may comprise performing the data backup at the second backup rate.

Abstract: Disclosed herein are systems and method for deep dynamic analysis for protecting endpoint devices from malware. In one aspect, an exemplary method comprises launching a deep analysis process, by a deep analysis tool, the launching including: injecting a dynamically loaded component into an address space of an application code and initializing, by the dynamically loaded component, to allow an execution activity, by the injected dynamically loaded component, parsing dependencies of run-time linkages, hooking system functions, creating an application memory map with separate application and system code areas, transferring control back to the application code, and performing on-sample-execution activity, obtaining control of exception handler and monitoring attempts to use the exception handler, changing an available area, logging accesses, inspecting exception reasons and applying policies, determining whether or not the application of the sample is a malware, and sending a final verdict.

Abstract: Disclosed herein are systems and methods for pattern-based QoS violation prediction. In one exemplary aspect, a method may comprise identifying a service on a computing device that is connected to a plurality of client devices and determining a plurality of micro-services comprised in the identified service. The method may comprise parsing access information to detect that a first client device is accessing a micro-service. The method may comprise determining, for a first period of time, QoS evaluation parameters for the access between the micro-service and the first client device. The method may comprise identifying changes in the QoS evaluation parameters within the first period of time, detecting a predetermined QoS violation pattern, and executing a QoS action based on the predetermined QoS violation pattern.

Abstract: Methods and systems are provided for modifying configuration of a storage system using artificial intelligence. An exemplary method comprises collecting, over a period of time, health and parameter information of the storage system. The method comprises predicting, using a machine learning algorithm, upcoming events that may degrade performance of the storage system based on the health and parameter information. The method comprises determining that the storage system will not operate in accordance with a set of goals based on the upcoming events. In response to determining that the storage system will not operate in accordance with the set of goals, the method comprises generating parameter changes, and applying the parameter changes to the storage system.

Abstract: Disclosed herein are systems and methods for updating select files in an image backup. In an exemplary aspect, a method comprises performing an image backup of a storage device comprising a plurality of files. The method comprises selecting a file of the plurality of files based on file selection rules and subsequent to the image backup, detecting that the file has exited a full consistency state. The method comprises monitoring the file to detect a return to the full consistency state. In response to detecting that the file has returned to the full consistency state, the method comprises identifying a physical address of at least one sector comprising the file on the storage device, and updating a version of the file previously captured in the image backup with a version of the file after returning to the full consistency state.

Abstract: Disclosed herein are systems and method for read-optimized de-duplication of blocks of data. In one aspect, an exemplary method comprises for each page of a newly received block of data, computing a page hash and assigning a page context ID, computing an index of a page node for storing the page and selecting the page node, when the selected page node contains a copy of the page, adding a page reference to a block descriptor with the page being referenced by the page hash augmented by the page context ID, otherwise, storing the page in plain storage; and for the block of data, storing the block descriptor in a block node of the de-duplication engine, the block of data being referenced by a block hash and the block descriptor containing at least a list of pages of the block stored in page nodes of the de-duplication engine.