Abstract: The disclosed concepts relate to implementation of application and application engine functionality using machine learning. One example method involves obtaining a seed image representing a seeded application state and mapping the seed image to at least one seed image token using an image encoder. The example method also involves inputting the at least one seed image token as a prompt to a neural dreaming model that has been trained to predict training sequences obtained from one or more executions of one or more applications, the training sequences including images output by the one more applications during the one or more executions and inputs to the one or more applications during the one or more executions. The example method also involves generating subsequent image tokens with the neural dreaming model, and decoding the subsequent image tokens with an image decoder to obtain subsequent images.

Abstract: In an embodiment, an apparatus and system comprising a first inductor with a first diameter; and a switched inductor including a metal layer and a switch; wherein when the switch is closed the switch connects the metal layer of the switched inductor to form an inductor with a parallel circuit enabling current to flow through the switched conductor; and wherein when the switch is open, current is not enabled to flow through the switched conductor. In another embodiment, a method for tuning a high-Q inductor, the method comprising closing a switch of a switched inductor, wherein the switch connects the switched inductor to a first inductor; wherein closing the switch enables current to flow though the switched inductor as well as the first inductor to change the inductance of the high Q inductor.

Abstract: Various embodiments of the present disclosure are directed to automatic improved network architecture generation. In this regard, embodiments may process data representing a network architecture to generate an improved network architecture that resolves one or more vulnerabilities associated with the network architecture.

Abstract: Various embodiments described herein relate to an asset discovery engine with a deep vulnerabilities scanner with respect to assets in an industrial network. In an embodiment, a request to perform an asset vulnerability assessment of one or more assets within a network is received, the request comprising an asset descriptor describing the one or more assets. In response to the request, aggregated asset property data associated with the one or more assets is obtained based on the asset descriptor. Furthermore, the asset vulnerability assessment is performed based on the aggregated asset property data and asset vulnerability signature data stored in an asset vulnerability signature repository. In response to determining that the asset vulnerability assessment satisfies a defined criterion, one or more actions associated with the network are performed.

Abstract: Various embodiments described herein relate to providing unidirectional communication of data via a data diode between distinct networks. In an embodiment, an operational technology (OT) data packet associated with one or more asset devices connected to a first network with a first classification is received. Additionally, one or more attributes of the OT data packet are compared to a set of flow rules associated with a flow table for a network switch of the first network. Based at least in part on whether a match is identified between the one or more attributes of the OT data packet and at least one flow rule of the set of flow rules, the OT data packet is transmitted to a second network associated with a second classification.

Abstract: Embodiments of the present disclosure provide for remote access of a device, for example an operational technology device or an information technology device, in a manner with improved cybersecurity. Some embodiments receive remote action data from a client device in response to an initiated remote access action of the remote action data from the client device to a remotely accessible device, quarantine the remote action data from the client device, generate malicious determination data indicating whether the remote action data is determined as malicious by processing the remote action data, and determine whether to block transfer of the remote action data to the remotely accessible device based at least in part on the malicious determination data.

Abstract: A method of cybersecurity performance analyzing for customer site(s) including assets in a networked system including different asset types, and a virtual security engine (VSE) server. The customer site is coupled to a Security Center (SC) including a SC server, and a cybersecurity hardening compliance engine (CHCE). The VSE server collects identification data and security configuration data from the asset types, and transfers the data to a SC database. Responsive to a user request to generate a cybersecurity hardening compliance report, the CHCE sends a query to the SC database to retrieve at least a portion of the data, uploads a cybersecurity benchmark including cybersecurity configuration rules (CCRs) for least a selected asset type, compares the data of the assets to the CCRs, and generates from results of the comparing a cybersecurity report including a quantitative measure of cybersecurity performance for the assets of the selected asset type.

Abstract: Embodiments of the present disclosure generally provide for control system configuration error processing. At least some example embodiments identify a configuration error set associated with one or more subcomponents of a control system, and providing enhanced processing tools and/or insight with respect to the identified configuration error(s). Example embodiments are configured for collecting a configuration log set associated with a control system; identifying, based on at least the configuration log set and an standard configuration data object, a configuration error set associated with at least one subcomponent device of the control system; generating a configuration report data object based on the identified configuration error set; and causing rendering of a configuration action playback interface, wherein the configuration action playback interface configured based on at least the configuration error set, and wherein the configuration action playback interface is configured for user interaction.

Abstract: A method for wireless communication by a first user equipment (UE) includes receiving, from a second UE, a codec mode request (CMR) for a new bit rate. The method also includes transmitting, to a network device, a recommended bit rate (RBR) query in response to the new bit rate exceeding a current bit rate. The method still further includes communicating with the second UE using the new bit rate or the current bit rate. A method of wireless communication by a network device includes transmitting, to an originating UE, an RBR for a new bit rate. The method also includes receiving, from a terminating UE, an RBR query in response to the new bit rate exceeding a current bit rate. The method further includes transmitting, to the terminating UE, a response to the RBR query.

Abstract: In various embodiments, network traffic data associated with an industrial network is monitored based on a networking event rule set related to defined networking events. The network traffic data is related to a set of asset devices in communication via the industrial network, and the networking event rule set is used to determine a networking event associated with the set of asset devices. A cybersecurity event level for the networking event is determined based on a comparison between a networking event feature set for the networking event and a predefined cybersecurity event feature set for a set of predefined cybersecurity events. In response to a determination that the cybersecurity event level for the networking event satisfies a predefined cybersecurity threat level threshold, a modification is made to one or more configuration parameters for one or more asset devices from the set of asset devices associated with the networking event.

Abstract: Embodiments of the disclosure provide improvements for managing access of nodes, including wireless nodes, to a network including operational technology device(s) (e.g., a wireless OT network). Some embodiments include detecting a node from at least one message communication over a wireless OT network, authenticating node identification information that uniquely identifies the node, confirming that the node is permissioned to access the wireless OT network by at least validating authentication information associated with the node, confirming that the node is attempting an authorized action by at least validating authorization information associated with the at least one message communication, and assigning an access indicator based at least in part on the authenticating of the node identification information, the validating of the authentication information, and the validating of the authorization information.

Abstract: Various embodiments described herein relate to cybersecurity risk assessment and mitigation for industrial control systems. In an embodiment, a request to perform a cybersecurity assessment of a set of industrial assets is received. Additionally, the set of industrial assets are correlated to industrial asset data associated with the set of industrial assets and a first industrial asset feature set is compared to a cybersecurity rules set to determine a cybersecurity threat level indicator for respective industrial assets from the set of industrial assets. In response to the cybersecurity threat level indicator satisfying a defined criterion, one or more cybersecurity countermeasure actions for the respective industrial assets are then determined based on a comparison between a second industrial asset feature set and a predefined industrial asset feature set for a set of predefined industrial assets associated with one or more predefined cybersecurity countermeasures.

Abstract: Embodiments of the present disclosure provide for improved methodologies for managing initiation of an automated healing process for operational technology devices in a network. Some embodiments include identifying at least one operational technology (OT) device connected to a network that is vulnerable to at least one cybersecurity risk, where the at least one OT device is wirelessly connected to the network, identifying at least one computer-executable resolution to the at least one cybersecurity risk, executing a simulation that tests performance of the network with resolution of the at least one cybersecurity risk utilizing the at least one computer-executable resolution, generating a solution implementation report based at least in part on the simulation, and determining whether to automatically initiate the at least one computer-executable resolution based at least in part on the solution implementation report.

Abstract: Learning iterations, individual ones of which include a respective bucket group selection phase and a class boundary refinement phase, are performed using a source data set whose records are divided into buckets. In the bucket group selection phase of an iteration, a bucket is selected for annotation based on output obtained from a classification model trained in the class boundary refinement phase of an earlier iteration. In the class boundary refinement phase, records of buckets annotated as positive-match buckets for a target class in the bucket group selection phase are selected for inclusion in a training set for a new version of the model using a model enhancement criterion. The trained version of the model is stored.

Abstract: Learning iterations, individual ones of which include a respective bucket group selection phase and a class boundary refinement phase, are performed using a source data set whose records are divided into buckets. In the bucket group selection phase of an iteration, a bucket is selected for annotation based on output obtained from a classification model trained in the class boundary refinement phase of an earlier iteration. In the class boundary refinement phase, records of buckets annotated as positive-match buckets for a target class in the bucket group selection phase are selected for inclusion in a training set for a new version of the model using a model enhancement criterion. The trained version of the model is stored.

Abstract: A method comprises receiving data corresponding to execution of one or more applications, accessing at least one function from a codes as a service source, and training the at least one function based, at least in part, on one or more parameters, wherein the training is performed using a first portion of the data. In the method, a deployment version of the at least one function is generated based, at least in part, on the training, and the deployment version of the at least one function is applied to a second portion of the data to perform at least one service.

Abstract: Various embodiments of the present disclosure are directed to automatic improved network architecture generation. In this regard, embodiments may process data representing a network architecture to generate an improved network architecture that resolves one or more vulnerabilities associated with the network architecture.

Abstract: A method for identifying a user of an electronic device, includes: capturing at least one image frame of a portion of the user’s face; extracting facial descriptors from the at least one image frame of the portion of the user’s face; generating first facial descriptor coordinates by using the facial descriptors; determining a first distance between the first facial descriptor coordinates and second facial descriptor coordinates; resizing the first facial descriptor coordinates at least one of radially and angularly based on the first distance between the first facial descriptor coordinates and the second facial descriptor coordinates, and a weight associated with the facial descriptors used to generate the first facial descriptor coordinates.

Abstract: A method comprises receiving data corresponding to execution of one or more applications, accessing at least one function from a codes as a service source, and training the at least one function based, at least in part, on one or more parameters, wherein the training is performed using a first portion of the data. In the method, a deployment version of the at least one function is generated based, at least in part, on the training, and the deployment version of the at least one function is applied to a second portion of the data to perform at least one service.

Abstract: Various embodiments of the present disclosure are directed to automatic network architecture configuration maintenance. A network architecture for a particular organization, user, or other entity, may include various networked devices, any of which may be vulnerable to one or more cyberattacks due to outdated software, hardware, and/or firmware configurations. Embodiments include apparatuses, computer program products, and methods for retrieving an updated device configurations data object, identifying a vulnerable networked device set based at least in part on the updated device configurations data object and a detected networked device set, and generating a device cyber risk score data object set that may be output and/or otherwise provided to one or more systems, devices, or the like.