Abstract: The present application discloses a method, system, and computer system for detecting malicious files. The method includes executing a sample in a virtual environment, and determining whether the sample is malware based at least in part on memory-use artifacts obtained in connection with execution of the sample in the virtual environment.

Abstract: Methods and systems for dynamic network link prediction include generating a dynamic graph embedding model for capturing temporal patterns of dynamic graphs, each of the graphs being an evolved representation of the dynamic network over time. The dynamic graph embedding model is configured as a neural network including nonlinear layers that learn structural patterns in the dynamic network. A dynamic graph embedding learning by the embedding model is achieved by optimizing a loss function that includes a weighting matrix for weighting reconstruction of observed edges higher than unobserved links. Graph edges representing network links at a future time step are predicted based on parameters of the neural network tuned by optimizing the loss function.

Abstract: A malware detector has been designed that uses a combination of NLP techniques on dynamic malware analysis reports for malware classification of files. The malware detector aggregates text-based features identified in different pre-processing pipelines that correspond to different types of properties of a dynamic malware analysis report. From a dynamic malware analysis report, the pre-processing pipelines of the malware detector generate a first feature set based on individual text tokens and a second feature set based on n-grams. The malware detector inputs the first feature set into a trained neural network having an embedding layer. The malware detector then extracts a dense layer from the trained neural network and aggregates the extracted layer with the second feature set to form an input for a trained boosting model. The malware detector inputs the cross-pipeline feature values into the trained boosting model to generate a malware detection output.

Abstract: A methodology as described herein allows cyber-domain tools such as computer aided-manufacturing (CAM) to be aware of the existing information leakage. Then, either machine process or product design parameters in the cyber-domain are changed to minimize the information leakage. This methodology aids the existing cyber-domain and physical-domain security solution by utilizing the cross-domain relationship.

Abstract: Methods and systems for dynamic network link prediction include generating a dynamic graph embedding model for capturing temporal patterns of dynamic graphs, each of the graphs being an evolved representation of the dynamic network over time. The dynamic graph embedding model is configured as a neural network including nonlinear layers that learn structural patterns in the dynamic network. A dynamic graph embedding learning by the embedding model is achieved by optimizing a loss function that includes a weighting matrix for weighting reconstruction of observed edges higher than unobserved links. Graph edges representing network links at a future time step are predicted based on parameters of the neural network tuned by optimizing the loss function. dynamic graph representation learning that includes receiving, by a processing device, graphs, each of the graphs having a known graph link between two vertices, each of the graphs being associated with one of a plurality of previous time steps.

Abstract: A novel methodology for providing security to maintain the confidentiality of additive manufacturing systems during the cyber-physical manufacturing process is featured. This solution is incorporated within the computer aided manufacturing tools such as slicing algorithms and the tool-path generation, which are in the cyber-domain. This effectively mitigates the cross domain physical-to-cyber domain attacks which can breach the confidentiality of the manufacturing system to leak valuable intellectual properties.

Abstract: A methodology as described herein allows cyber-domain tools such as computer aided-manufacturing (CAM) to be aware of the existing information leakage. Then, either machine process or product design parameters in the cyber-domain are changed to minimize the information leakage. This methodology aids the existing cyber-domain and physical-domain security solution by utilizing the cross-domain relationship.

Abstract: A novel methodology for providing security to maintain the confidentiality of additive manufacturing systems during the cyber-physical manufacturing process is featured. This solution is incorporated within the computer aided manufacturing tools such as slicing algorithms and the tool-path generation, which are in the cyber-domain. This effectively mitigates the cross domain physical-to-cyber domain attacks which can breach the confidentiality of the manufacturing system to leak valuable intellectual properties.

Abstract: A novel methodology for providing security to maintain the confidentiality of additive manufacturing systems during the cyber-physical manufacturing process is featured. This solution is incorporated within the computer aided manufacturing tools such as slicing algorithms and the tool-path generation, which are in the cyber-domain. This effectively mitigates the cross domain physical-to-cyber domain attacks which can breach the confidentiality of the manufacturing system to leak valuable intellectual properties.