Abstract: Decoy data is generated from regular data. A deep neural network, which has been trained with the regular data, is trained with the decoy data. The trained deep neural network, responsive to a client request comprising input data, is operated on the input data. Post-processing is performed using at least an output of the operated trained deep neural network to determine whether the input data is regular data or decoy data. One or more actions are performed based on a result of the performed post-processing.

Abstract: Decoy data is generated from regular data. A deep neural network, which has been trained with the regular data, is trained with the decoy data. The trained deep neural network, responsive to a client request comprising input data, is operated on the input data. Post-processing is performed using at least an output of the operated trained deep neural network to determine whether the input data is regular data or decoy data. One or more actions are performed based on a result of the performed post-processing.

Abstract: Decoy data is generated from regular data. A deep neural network, which has been trained with the regular data, is trained with the decoy data. The trained deep neural network, responsive to a client request comprising input data, is operated on the input data. Post-processing is performed using at least an output of the operated trained deep neural network to determine whether the input data is regular data or decoy data. One or more actions are performed based on a result of the performed post-processing.

Abstract: A neural network is trained using a training data set, resulting in a set of model weights, namely, a matrix X, corresponding to the trained network. The set of model weights is then modified to produce a locked matrix X?, which is generated by applying a key. In one embodiment, the key is a binary matrix {0, 1} that zeros (masks) out certain neurons in the network, thereby protecting the network. In another embodiment, the key comprises a matrix of sign values {?1, +1}. In yet another embodiment, the key comprises a set of real values. Preferably, the key is derived by applying a key derivation function to a secret value. The key is symmetric, such that the key used to protect the model weight matrix X (to generate the locked matrix) is also used to recover that matrix, and thus enable access to the model as it was trained.

Abstract: Mechanisms are provided for protecting a neural network model against model inversion attacks. The mechanisms generate a decoy dataset comprising decoy data for each class recognized by a neural network model. The mechanisms further configure the neural network model to generate a modified output based on the decoy dataset that directs a gradient of the modified output to the decoy dataset. The neural network model receives and process input data to generate an actual output. The neural network model modifies one or more actual elements of the actual output to be one or more corresponding modified elements of the modified output, and returns the one or more corresponding modified elements, instead of the one or more actual elements, to the source computing device.

Abstract: A method includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic and clustering, using a processor on the computer, the HTTP traffic according to a client IP (Internet Protocol) into a web session tree. A client tree structure of the web session tree is generated and the client tree structure is compared with tree structures of exploit kit samples.

Abstract: Mechanisms are provided for protecting a neural network model against model inversion attacks. The mechanisms generate a decoy dataset comprising decoy data for each class recognized by a neural network model. The mechanisms further configure the neural network model to generate a modified output based on the decoy dataset that directs a gradient of the modified output to the decoy dataset. The neural network model receives and process input data to generate an actual output. The neural network model modifies one or more actual elements of the actual output to be one or more corresponding modified elements of the modified output, and returns the one or more corresponding modified elements, instead of the one or more actual elements, to the source computing device.

Abstract: Decoy data is generated from regular data. A deep neural network, which has been trained with the regular data, is trained with the decoy data. The trained deep neural network, responsive to a client request comprising input data, is operated on the input data. Post-processing is performed using at least an output of the operated trained deep neural network to determine whether the input data is regular data or decoy data. One or more actions are performed based on a result of the performed post-processing.

Abstract: Methods, systems, and computer readable media for detecting a compromised computing host are disclosed. According to one method, the method includes receiving one or more domain name system (DNS) non-existent domain (NX) messages associated with a computing host. The method also includes determining, using a host score associated with one or more unique DNS zones or domain names included in the one or more DNS NX messages, whether the computing host is compromised. The method further includes performing, in response to determining that the computing host is compromised, a mitigation action.

Abstract: A method of detecting exploit kits includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic. The HTTP traffic is clustered into a web session tree according to a client IP (Internet Protocol. A client tree structure of the web session tree is generated. The client tree structure is compared with tree structures of exploit kit samples.

Abstract: A method includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic and clustering, using a processor on the computer, the HTTP traffic according to a client IP (Internet Protocol) into a web session tree.

Abstract: A method of detecting exploit kits includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic. The HTTP traffic is clustered into a web session tree according to a client IP (Internet Protocol. A client tree structure of the web session tree is generated. The client tree structure is compared with tree structures of exploit kit samples.

Abstract: A method of detecting exploit kits includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic. The HTTP traffic is clustered into a web session tree according to a client IP (Internet Protocol. A client tree structure of the web session tree is generated. The client tree structure is compared with tree structures of exploit kit samples.

Abstract: A method of detecting exploit kits includes receiving, at an input port of a computer, indication of HTTP (Hypertext Transfer Protocol) traffic. The HTTP traffic is clustered into a web session tree according to a client IP (Internet Protocol. A client tree structure of the web session tree is generated. The client tree structure is compared with tree structures of exploit kit samples.

Abstract: Methods, systems, and computer readable media for detecting a compromised computing host are disclosed. According to one method, the method includes receiving one or more domain name system (DNS) non-existent domain (NX) messages associated with a computing host. The method also includes determining, using a host score associated with one or more unique DNS zones or domain names included in the one or more DNS NX messages, whether the computing host is compromised. The method further includes performing, in response to determining that the computing host is compromised, a mitigation action.