Abstract: A system and method for regulating a motorsport racing event are disclosed. The system comprises sensor modules for sensing a plurality of race parameters to generate a plurality of input signals. A data analysis module receives the input signals for analysis. A decision-making module receives the analyzed signal and computes a recommendation or a decision corresponding to the level of violation. A penalty and recommendation module receives information associated with the recommendation or the decision and presents the recommendation or the decision.

Abstract: Described herein are systems and methods for controlling access to a protected resource based on various criteria. In one exemplary aspect, a method comprises designating a plurality of program data installed on a computing system as protected program data; intercepting, by a kernel mode driver, a request from an untrusted application executing on the computing system to alter at least one of the protected program data; classifying, by a self-defense service, the untrusted application as a malicious application based on the intercepted request and information related to the untrusted application; and responsive to classifying the untrusted application as a malicious application, denying, by the kernel mode driver, access to the at least one of the protected program data.

Abstract: Disclosed herein are systems and method for performing failover during a cyberattack. In one exemplary aspect, a method comprises monitoring a computing device for the cyberattack and detecting that the cyberattack is in progress. While the cyberattack is in progress, the method comprises identifying a failover device that corresponds to the computing device, hardening the failover device to prevent the cyberattack from affecting the failover device, and performing failover by switching from the computing device to the failover device.

Abstract: Disclosed herein are systems and method for isolating private information in streamed data. In an exemplary aspect, a method may comprise receiving a stream of data, for storage in a first storage device, and an indication of how the stream will be utilized by an end user. The method may comprise comparing the indication against a plurality of rules, wherein each rule indicates a type of private information that should be isolated from a given input stream based on a respective indication of usage for the given input stream. The method may comprise identifying and extracting a first type of private information that should be isolated from the stream, modifying the stream by removing the first type of private information from the stream, storing the modified stream in the first storage device, and storing the extracted first type of private information in a different location from the modified stream.

Abstract: A system and method for optimizing the performance of an autonomous race car in real-time during a race event are disclosed. An autonomous race car controller unit is pre-fed with a first set of initial parameter values and a second set of initial parameter values. A set of sensors is configured for measuring a first and a second set of real-time parameter values after the starting of the race event. A performance optimization module is configured to generate a corrective course by receiving the first and second sets of real-time parameters and detecting the presence of errors between a control command given by the controller unit and its execution.

Abstract: The present disclosure relates to pre-processing of files to better prepare them for the process of comparing fingerprints of fragments of fixed size N from these files to other files that contain similar information but may be structured differently. The pre-processing method and system are applied to files with known protected data before fingerprints of some of the N-fragments from these files are added to the digital fingerprint library and to the unknown files before the fingerprints of some of their N-fragments are compared to the fingerprints of other N-fragments of data stored in the digital fingerprint library.

Abstract: System and method for detecting and curing a hollowing attack is disclosed herein. The method comprises monitoring real-time process memory parameters of a target process; retrieving real-time process memory parameters of the target process; comparing the real-time process memory parameters of the target process with reference process parameters of the target process stored in a system storage of the computing system and parameters of the process creation call-back notification; detecting a hollowing attack based on the comparison in previous step; in response to detecting the hollowing attack, determining a threat source file of malicious code; determining address space of the hollowed process on the computing system based on system log data; and curing the computing system by blocking execution of the threat source file and deleting threat resources associated therewith from the computing system.

Abstract: A system and a method for automatically assigning a hierarchical security level to a source of data, e.g., a file or a database, that can be used as a source to generate, e.g., to calculate or to extract, fingerprints of fragments of a fixed size N using a digital fingerprint library that contains fingerprints of known fragments fixed size and their hierarchical security levels are disclosed herein. The method comprises assignment of an initial hierarchical security level to a source of data and further comparison of fingerprints of its fragments of fixed size to the fingerprints of fingerprints of fixed size and their related hierarchical security levels stored in the digital fingerprint library.

Abstract: The present disclosure relates to a system and method implemented for lowering the number of fingerprints of fragments of a file added to the digital fingerprint library using a winnowing window method. The digital fingerprint library stores fingerprints of fragments of files matching certain criteria, e.g., containing protected information. When an unknown file is examined, that library is used to compare fingerprints of fragments of size N from the unknown file to the fingerprints stored in the library. The method automatically determines criteria for adding fingerprints to the digital fingerprint library or skipping them.

Abstract: A system and method for adding a fingerprint of a fragment of fixed size and hierarchical classification level to a digital fingerprint library containing information about fingerprints of fragments of fixed size and their hierarchical classification levels and used to identify files that contain known fragments of data in an environment with hierarchical information security classification.

Abstract: The invention relates to a system and method that relates to creation of a digital fingerprint library for storing information of a document containing protected information. The system mainly includes a fragment generator, a fingerprint value generator, and the digital fingerprint library. The fragment generator generates fragments of the document using a sliding window method. Fragment length is determined heuristically, can be hardcoded in the program or be a parameter in GUI. The fingerprint value generator generates a fingerprint value, e.g., its hash, for each fragment. The fingerprint value represents the information related to respective fragments. The digital fingerprint library then stores the fingerprint value. Fingerprint values of individual fragments serve as key values to provide a mechanism for comparing fragments of unknown files to the digital fingerprint library.

Abstract: Disclosed herein are systems and method for generating file systems of data sources incompatible with anti-virus scanners. In one exemplary aspect, the method includes: receiving, from an AV scanner, a request to scan a data source for malicious activity, wherein the data source includes a plurality of files, and wherein the AV scanner has a plurality of compatible file types that the AV scanner is capable of scanning; determining that the plurality of files are inaccessible to the AV scanner; generating a file system corresponding to the data source by parsing contents of the data source; generating a virtual volume including a plurality of sparse files corresponding to the plurality of files in the data source; populating at least one sparse file in the virtual volume with respective parsed content of a corresponding file in the data source; and instructing the AV scanner to scan the virtual volume.

Abstract: An anomaly detection system uses an AI engine to analyze configurations and backups to identify and assess anomalies. Backup data and configurations are used to characterize events as either secure or insecure.

Abstract: A system and method of anti-malware analysis including iterative techniques that combine static and dynamic analysis of untrusted programs or files. These techniques are used to identify malicious files by iteratively collecting new data for static analysis through dynamic run-time analysis.

Abstract: A method of continuous development of an internal threat scan engine based on an iterative quality assessment includes iteratively performing a dynamic assessment of a quality of a threat detection with a frequency defined for each of objects in an object collection, wherein a result of the dynamic assessment includes internal and external scan results of the objects and a consistency verdict of the internal and external scan results of the objects, changing a frequency of scanning iteration of the objects based on the consistency verdict of the external and internal scan results of the objects, classifying the objects based on the result of the dynamic assessment, and creating a development task including the internal and external scan results of the objects, meta-data of the objects, and automated test results to provide details for developing a software to fix inconsistency of the internal and external scan results.

Abstract: Disclosed herein are systems and method for adjusting data protection levels based on system metadata. A method may include monitoring a computing device for a cyberattack, wherein a kernel driver of the computing device is configured to allow access to kernel control paths and hash tables in accordance with a first protection level, and detecting that the cyberattack is in progress. While the cyberattack is in progress, the method may include identifying kernel control paths and hashes of software objects that will be affected by the cyberattack, and configuring the kernel driver to disable access to the identified kernel control paths and hashes of the software objects in accordance with a second protection level, wherein the second protection level includes greater access restrictions to the computing device than the first protection level.

Abstract: A system and method are disclosed for performing non-invasive scan of a target device. The system is configured for: i) loading an endpoint protection agent to a target device; ii) providing a remote direct memory access of the target device to the remote security server for reading a memory of the target device; iii) scanning, by a second memory scan engine of the remote security server, the memory of the target device upon the violation of the security policy; iv) identifying, by the second memory scan engine of the remote security server, a threat on the target device; and v) sending, by the remote security server, a security response action to the endpoint protection agent on the target device in accordance with the security policy.

Abstract: Disclosed herein are systems and method for managing software item access. A method may include: monitoring usage of a plurality of software items distributed over a network of computing devices; identifying a first software item that is being actively used on a first computing device; identifying a contract for the network governing the usage of the plurality of software items, wherein the contract includes at least one usage condition that the first computing device has to comply with to access the first software item of the plurality of software items; determining whether a discrepancy between the at least one usage condition in the contract and the active usage of the first software item exists; and in response to determining that the discrepancy exists, adjusting parameters of the active usage of the first software item on the first computing device to comply with the at least one usage condition.

Abstract: A method for verifying a set of computer-executable instructions using at least one failing test generated by a test-case generator is disclosed herein. The method comprises verifying the set of computer-executable instructions by a verification module using a plurality of predefined verification conditions; determining if the verification is successful; in response to successful verification, label the set of computer-executable instructions as successful; and in response to unsuccessful verification, generate at least one counterexample, with respect to a proof failure and corresponding to at least one failed verification condition of the plurality of the predefined verification conditions, and generate a failing test, by a test-case generator, based on at least one counterexample. A program verification tool for testing the set of computer-executable instructions is also disclosed.

Abstract: Disclosed herein are systems and methods for indexing and searching an encrypted archive. In one exemplary aspect, a method comprises generating, by a hardware processor, an encrypted data archive based on a user backup performed using a backup plan with an encryption flag enabled and a user key; generating, by the hardware processor, an index key for the encrypted data archive; encrypting, by the hardware processor, the index key using the user key; storing, by the hardware processor, the index key in a secure data storage; creating and mounting, by the hardware processor, an encrypted file system folder for the encrypted data archive using the index key; decrypting, by the hardware processor, data in the encrypted data archive using the user key; and indexing, by the hardware processor, the decrypted data.