Abstract: DIY (Do-It-Yourself) is challenging for many novices, requiring extensive knowledge such as the usage of particular tools and the properties of the required materials. Many DIYers use web searches to find relevant information and instructions, but web search is time-consuming and the results often do not fit the DIYers' specific needs. To address these problems, we present a Question Answering (QA) system that can assist DIYers through the whole cycle of a DIY project. Given a natural language question about a DIY project, the QA system described herein provides an answer along with the explanations that are tailored to the DIYers' specific needs.

Abstract: A computer system processes a document. A user viewing a displayed text is monitored and it is determined that the user is experiencing difficulty understanding a query phrase in a displayed text, wherein the displayed text is translated from a first language to a second language. One or more alternative phrases are generated for the query phrase by determining a plurality of candidate phrases based on the context of the query phrase and a tone of the displayed text, scoring each of the plurality of candidate phrases, and selecting a candidate phrase to be the alternative phrase based on the score of the candidate phrase. The one or more alternative phrases are presented to the user. Embodiments of the present invention further include a method and program product for processing a document in substantially the same manner described above.

Abstract: A method for archiving of documents of a query against a cognitive system can be provided. The cognitive system comprises at least a cognitive engine, several stored documents, and a learned model. The method comprises determining a plurality of evidence fragments, a related first list of documents and related metadata. The method also comprises removing a document from the stored documents, redetermining as second result a second list of documents, comparing the first and second list of documents, and upon determining identical documents in the compared first and second list of documents up to a confidence cliff, removing another document. Furthermore, the method comprises repeating the steps of removing, redetermining, and comparing until the first list of documents and the second list of documents differ above the confidence cliff and storing metadata of the documents of the first list, the plurality of evidence fragments, and the first query.

Abstract: A system and method for intelligent visualization of unstructured data in a column-oriented data table includes receiving unstructured data from a plurality of sources for recording into the column-oriented data table having a database schema using a plurality of keys to visualize one or more attributes in the column-oriented data table, determining that a semantically related key is used to visualize the one or more attributes contained in the unstructured data received from the plurality of sources, wherein the semantically related key is different from the plurality of keys and is not synchronized with the database schema of the column-oriented data table, formatting the unstructured data to synchronize the unstructured data with the database schema of the column-oriented data table, and outputting the synchronized unstructured data into the column-oriented data table so that the unstructured data is visualized according to the database schema of the column-oriented data table.

Abstract: Provided are a computer program product, system, and method for determining tags to recommend for a document. A natural language processing module determines a document keyword for a document. A tag database search module determines, a tag in a tag database associated with the document keyword. A domain specific search module determines a domain specific tag in a domain specific knowledge base associated with the document keyword. A recommendation is made of at least one of the tag and the domain specific tag as a recommended tag for the document.

Abstract: In some examples, a search module executing on a computing device may determine that text input has been entered into a search entry field of a search engine. The module may retrieve audio data stored in a buffer. The audio data may be retrieved using an application programming interface of an operating system. The audio data may include audio captured by a microphone prior to the text input being entered. The module may send a search request that includes the text input and context data derived from the audio data to a search engine. The context data may comprise the audio data or additional text derived from the audio data. The context data may be included in metadata of the search request. The search engine may perform a search based on the text input and the context data and provide search results that are displayed in the browser.

Abstract: To extract meaningful information that aids in analysis of a web application or web site based on page summarizations without impractical resource demand, statistical modeling is employed to approximately identify pages across web application transactions and predict meaningful content or items of information within the pages. Statistics are collected on a sample of traffic for a web application. The collected statistics are on tokens generated from messages that correspond to web pages. Statistics are collected by message, by transaction, and across the sampling of messages. Descriptive tokens that meaningfully describe a web page and attribute-value pair tokens are scored. Those of the tokens that satisfy selection criteria are selected as a basis for generating extraction rules. Subsequently, the extraction rules are applied to message payloads to efficiently extract descriptive “tags” and attribute-value pairs.

Abstract: Various embodiments are generally directed to techniques to determine contextual search terms. For example, embodiments include receiving a search query including a search term, the search query to cause performance of a search within a website. Embodiments also include determining a rule comprising one or more criteria is met, the rule associated with the search term and to link the search term with a contextual search term when the one or more criteria are met, appending the contextual search term with the search term in the search query to perform the search within the website, and performing the search within the website utilizing the search query comprising the search term and the contextual search term. Finally, embodiments include returning a result to the website.

Abstract: Systems and methods are provided that use a trained process to reply to a request comprising query data defining a query and context data defining contextual factors for the query from a device. The query is answered by one or more selected APIs of a plurality of APIs that invoke respective services to prepare a response. The trained process determines an execution plan responsive to the query data and the context data and is configured using training to define execution plans comprising selected APIs where a particular API is selected for the plan if it answers at least a portion of the query and the selected APIs together prepare the response optimized for the device according to the context data. The plan is provided to an execution component to execute the plan using the selected APIs and send the response to the requesting device.

Abstract: One embodiment provides a method, including: receiving a query from a user requesting assistance regarding instructions for performing a task; identifying, within steps of the instructions, words that can be visualized, wherein the identifying comprises identifying relationships between terms within the query to generate a step query; retrieving, for each of the steps, a plurality of images representing the identified words; identifying at least one object occurring within the plurality of images corresponding to more than one of the steps; selecting an image for each of the steps of the instructions, wherein the selecting an image comprises selecting an image for each step such that the identified at least one object is represented similarly in each selected image including the identified at least one object; and presenting the instructions as visualized instructions by presenting the selected images for each of the steps in order.

Abstract: A platform for design of a lighting installation generally includes an automated search engine for retrieving and storing a plurality of lighting objects in a lighting object library and a lighting design environment providing a visual representation of a lighting space containing lighting space objects and lighting objects. The visual representation is based on properties of the lighting space objects and lighting objects obtained from the lighting object library. A plurality of aesthetic filters is configured to permit a designer in a design environment to adjust parameters of the plurality of lighting objects handled in the design environment to provide a desired collective lighting effect using the plurality of lighting objects.

Abstract: Automated methods and systems are disclosed that classify a first component and a second component of a roof with data points being part of, or extracted from, at least one image and/or point cloud. The first component and the second component may have a polygonal base and at least one edge. Evidence of a soft constraint and a hard constraint may be identified via the data points and such evidence may be associated with the first component and the second component. At least one hypothesis model of the roof may be generated using relationships between the first component and the second component, the soft constraint and the hard constraint. The hypothesis model may be transformed into a three-dimensional model. The three-dimensional model may be used to generate a roof report of the roof.

Abstract: A system and method for construction estimation using aerial images is provided. The system receives at least one aerial image of a building. An estimation engine processes the aerial image at a plurality of angles to automatically identify a plurality (e.g., perimeter and interior) lines in the image corresponding to a plurality of features of a roof the building. The estimation engine allows users to generate two-dimensional and three-dimensional models of the roof by automatically delineating various roof features, and generates a report including information about the roof of the building.

Abstract: A cable driving a large system such as cable driven machines, cable cars or tendons in a human or robot is typically modeled as a large number of small segments that are connected via joints. The two main difficulties with this approach are satisfying the inextensibility constraint and handling the typically large mass ratio between the small segments and the larger objects they connect. This disclosure introduces a more effective approach to solving these problems. The introduced approach simulates the effect of a cable instead of the cable itself using a new type of distance constraint called ‘cable joint’ that changes both its attachment points and its rest length dynamically. The introduced approach models a cable connecting a series of objects as a sequence of cable joints, reducing the complexity of the simulation from the order of the number of segments in the cable to the number of connected objects.

Abstract: The present disclosure provides for generating multiphase flow properties of porous media based on one or more input parameters. For instance, the multiphase flow properties may be a capillary pressure-saturation relationship for the porous media. The one or more input parameters include an interfacial tension along an interface between a wetting fluid and a non-wetting fluid, a contact angle between the interface and a pore wall of the porous media, and a pore throat size. The pore throat size is based on subparameters including a saturation of the wetting fluid, a saturation of the non-wetting fluid, a porosity of the porous media, and an orientation angle between a representative pore body size and a representative pore throat size.

Abstract: An estimation method is performed by a computer for estimating a far field of electromagnetic waves or heat. The method includes: generating an emphasis pattern image obtained by emphasizing each target element of a pattern image of a target circuit by an emphasizing method that corresponds to a type of each target element, with respect to the target element which is at least a part of elements included in the target circuit; and estimating the far field of electromagnetic waves or heat radiated from the target circuit by an existing estimation model using the emphasis pattern image.

Abstract: Techniques and a system for visualization or interaction with a quantum processor are provided. In one example, a system includes a quantum programming component and a visualization component. The quantum programming component manages a quantum programming process to generate topology data for a quantum processor that is indicative of a physical topology of a set of qubits associated with the quantum processor. The visualization component generates visualization data for the topology data that comprises a set of planar slice elements arranged to correspond to the physical topology of the set of qubits. The set of planar slice elements indicate one or more operations performed at a time step associated with the quantum programming process.

Abstract: This disclosure describes methods and systems for building a spatial model to predict performance of processing chamber, and using the spatial model to converge faster to a desired process during the process development phase. Specifically, the method obtains virtual metrology (VM) data from sensors of the chamber and on-board metrology (OBM) data from devices on the wafers; obtains in-line metrology data from precision scanning electron microscope (SEM); and also obtains an empirical process model for a given process. The empirical process model is calibrated by using the in-line metrology data as reference. A predictive model is built by refining the empirical process model by a machine-learning engine that receives customized metrology data and outputs one or more spatial maps of the wafer for one or more dimensions of interest across the wafer without physically processing any further wafers, i.e. by performing spatial digital design of experiment (Spatial DoE).

Abstract: A pirated video identification system for network operators to detect and identify both encrypted and unencrypted Internet protocol (IP) pirated video. The system uses ground truth data gathered from various video player clients as input to train a machine learning that then is used to analyze both real-time and historical IP flow data from a network to identify the IP addresses of both the source and destination of pirate video traffic on the network. They system can be used to aid in accurately measuring the volume and scale of pirated video traffic on a network as well as aiding in taking countermeasures against both the distributors and consumers of the pirated video.

Abstract: To resolve a conflict between CMIS secondary types and certain ECM features such as content server categories, and allow the underlying ECM system to be fully CMIS-compliant, an ECM-independent ETL tool comprising a CMIS-compliant, repository-specific connector is provided. Operating on an integration services server at an integration tier between an application tier and a storage tier where the repository resides, the connector is particular configured to support CMIS secondary types and specific to the repository. On startup, the connector can import any category definition from the repository. The category definition contains properties associated with a category in the repository. When the category is attached to a document, the properties are viewable via a special category object type and a category identifier for the category. Any application can be adapted to leverage the ECM-independent ETL tool disclosed herein.

Abstract: Systems and methods for facilitating tokenization of modifiable game assets on a distributed blockchain may: generate a smart contract configured to contain license keys associated with the modifiable game assets and to effectuate transfers of the license keys to purchasers; post the smart contract to a distributed blockchain; receive sales information describing a first game asset that is usable within the online gaming platform and intended to be offered for sale to gaming users of the online gaming platform; obtain verification information that indicates the first game asset has passed or failed a verification; tokenize the first game asset into a tokenized game asset on the distributed blockchain, responsive to the verification passing successfully; and offer the tokenized game asset for sale.

Abstract: According to an example aspect of the present invention, there is provided servicing variable frequency drives such that servicing history transparency is facilitated. License keys of a variable frequency drive are generated based on a hardware fingerprint of the variable frequency drive, when the hardware fingerprint is changed. The license keys and transactions corresponding to hardware configurations of variable frequency drives are stored in a block chain.

Abstract: Methods and systems for deploying an enhanced processing system that performs reflection based endpoint security testing are described herein. A computing system may determine, by performing reflection on a web server library, controller types corresponding to an API. For each of the controller types, the computing system may determine method information objects corresponding to the respective controller types. Based on calls to an endpoint method for each of the one or more method information objects, the computing system may determine endpoint failures associated with the API. The endpoint methods may correspond to each of the one or more method information objects. Based on the determined endpoint failures associated with the API, the computing system may adjust one or more endpoints of the API.

Abstract: The herein disclosed technology provides methods and systems that utilize machine learning solutions to identify web-based channels that are sources pirated copyright material, such as by using a machine learning classifier that is trained on historical copyright piracy data and channel features that may be determined and analyzed for each of a collection of channels without analyzing video or audio content of the channel.

Abstract: An account server receives from a user terminal an access request message containing an account identifier. A security question is retrieved from an accounts database. An authentication query message containing the security question is communicated toward the user terminal. A registered text counting rule that is associated with the account identifier is retrieved from the accounts database. Text of the security question is processed using the registered text counting rule to generate a computed security number. An authentication response message containing an answer from the user to the security question is received. A determination is made whether the answer from the user matches the computed security number. The operations selectively allow electronic access by the user terminal to information stored in a data structure associated with the account identifier within the accounts database, based on whether the answer contained in the authentication response message matches the computed security number.

Abstract: A method of operation and non-transitory computer readable medium are provided for a mobile communications device which includes memory storing program instructions and a processor coupled to a first input that passively collects input data and a second input that collects response data based on a challenge. A statistical behavioral model is generated based upon passively collected input data for the user. A level of assurance (LOA) is determined based upon the statistical behavioral model and the passively collected input data from the first input. The LOA is compared with a threshold and based on the comparison: the mobile device operation is enabled as a result of determining that the LOA meets or exceeds the threshold without requiring response data from the at least one second input, otherwise, the challenge is generated and the mobile device operation is enabled responsive to valid response data from the second input.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for a biometric authentication system. In one aspect, a method includes, a vibrating component of a mobile device is vibrated; a vibration signal of the mobile device is detected as a user grips the mobile device; a dynamic grip signature is determined for the user based on the detected vibration signal; and the user is authenticated based on a comparison of the dynamic grip signature to an initial grip template.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for authenticating a user based on passive affective and knowledge-based authentication (AKBA). In one aspect, a method includes data associated with eye movements and ocular dynamics of the user are captured with a camera as the user looks at a graphical user interface (GUI) of a device; an AKBA signature of the user is determined based on the captured data; the user is authenticated based on a comparison of the AKBA signature with an AKBA template associated with the user; and an access to a subset of functions of an application is granted.

Abstract: One embodiment provides a method, including: detecting, from a user and using a sensor operatively coupled to an information handling device, for facial features associated with an authorized user; requesting, using a prompt provided by an output device operatively coupled to an information handling device, the user to mimic at least one emotion; detecting, responsive to the requesting, at least one facial expression provided by the user; and authenticating the user responsive to determining that: the at least one facial expression corresponds to at least one accepted facial expression associated with the at least one emotion and the at least one facial expression comprises the facial features. Other aspects are described and claimed.

Abstract: Techniques are described herein for dialog-based enrollment of individual users for single- and/or multi-modal recognition by an automated assistant, as well as determining how to respond to a particular user's request based on the particular user being enrolled and/or recognized. Rather than requiring operation of a graphical user interface for individual enrollment, dialog-based enrollment enables users to enroll themselves (or others) by way of a human-to-computer dialog with the automated assistant.

Abstract: Interaction characteristics of a user interacting with a virtual reality (VR) terminal are obtained through preset sensing hardware in response to a request for execution of a target task requiring user identity verification. The obtained interaction characteristics of the user are compared with preset interaction characteristics of an authorized user of the VR terminal to verify identity of the user. The target task is executed and the user is authenticated as an identity-verified user of the VR terminal based on a successful user identity verification.

Abstract: According to one embodiment of the present invention, a system includes at least one processor and authenticates a user. The system monitors interactions on a network site and identifies an interaction requiring user authentication. An inquiry is generated to authenticate the user based on an activity history for the user. A plurality of candidate responses are determined for the inquiry, where at least one candidate response for the inquiry includes information for an item associated with the activity history for the user. The inquiry is presented to the user, and user selection of one or more of the candidate responses is enabled as a reply to the inquiry. The identified interaction is performed in response to verification of the reply to the inquiry authenticating the user. Embodiments of the present invention further include a method and computer program product for authenticating a user in substantially the same manner described above.

Abstract: A dyschromatopsia deciding method and apparatus is provided. The apparatus includes an I/O interface configured to receive an input for a program, a memory configured to store the input for the program and a processing result of the input, and a processor configured to execute the program, wherein the processor is configured to provide first CAPTCHA information for distinguishing between a person and a machine together with second CAPTCHA information for deciding dyschromatopsia, receive first CAPTCHA input information corresponding to the first CAPTCHA information and second CAPTCHA input information corresponding to the second CAPTCHA information together with authentication information, authenticate a user based on the first CAPTCHA input information, decide dyschromatopsia of the user based on the second CAPTCHA input information, and store a decision result of the dyschromatopsia in response to a decision that the user has the dyschromatopsia.

Abstract: To increase the effectiveness of push authentication, a push authentication can be augmented with another authentication factor. A push authentication can be augmented with the “what you know” factor, effectively merging the “what you know” factor into the “what you have” factor. Using a collection of “what you know” factor queries (e.g., knowledge-based questions), an authentication server can select a subset of the “what you know” factor queries and incorporate the selected one or more factor queries into a message that conveys the push authentication notification.

Abstract: The disclosed technology is generally directed to the authentication of software. In one example of the technology, a private attestation key is stored in hardware. In some examples, during a sequential boot process a hash is calculated, in an order in which the software stages are sequentially booted, of each software stage of a plurality of software stages. The hashes of each software stage of the plurality may be cryptographically appended to an accumulation register. The accumulation register may be used to attest to validity of the software stages. The plurality of software stages may include a first bootloader, a runtime for a first core of a multi-core processor, and a runtime for a first execution environment for a second core of the multi-core processor.

Abstract: An embodiment of a system is disclosed in which a computer system may receive a sequence of failed login attempts to access a user account, and assess a risk level associated with the sequence of failed login attempts. The risk level may be assessed based on a plurality of characteristics of the sequence of failed login attempts. Based on the assessed risk level, the computer system may select a lockout policy that includes a lockout period. The computer system may determine that a lockout threshold, corresponding to a number of failed login attempts, has been reached. In response to determining that the lockout threshold has been reached, the computer system may prevent further login attempts during the lockout period. In addition, the computer system may permit subsequent login attempts after the lockout period has ended.

Abstract: An authentication server in an illustrative embodiment is configured to communicate with one or more client devices over a network. Responsive to a successful login to a user account by a client device, the authentication server provides the client device with a login cookie for the user account for potential utilization in one or more subsequent logins to the user account. The authentication server initializes a cookie-specific counter for the login cookie, and increments the cookie-specific counter for each of one or more unsuccessful logins to the user account made utilizing the login cookie. Responsive to the cookie-specific counter reaching a specified value, the authentication server locks the user account for any subsequent logins to the user account made utilizing the login cookie. The authentication server resets the cookie-specific counter responsive to a successful login to the user account made utilizing the login cookie.

Abstract: Exemplary embodiments relate to the secure storage of security questions through an immutable log, such as a blockchain. The security questions may be stored in a centralized location, accessible from an application or browser tab running on the user's device. When a security question is required, such as to perform a password reset on a website, the website may interact with the application or browser tab, which retrieves the question(s) from the blockchain. The user may enter their answers to the question(s), which may be hashed by the application or tab. The hashed answers may be entered into the original requesting website, which may verify with the blockchain that the correct answers have been provided. Thus, the requesting website sees neither the questions nor the answers. Additional security features may include logging requests for questions, so that a user can determine if a security question may have been compromised.

Abstract: A threat level analyzer probes for one or more threats within an application container in a container system. Each threat is a vulnerability or a non-conformance with a benchmark setting. The threat level analyzer further probes for one or more threats within a host of the container service. The threat level analyzer generates a threat level assessment score based on results from the probing of the one or more threats of the application container and the one or more threats of the host, and generates a report for presentation in a user interface including the threat level assessment score and a list of threats discovered from the probe of the application container and the host. A report is transmitted by the threat level analyzer to a client device of a user for presentation in the user interface.

Abstract: A request to access one or more server resources is received from a user device. Based on the request, a purported version of a browser running on the user device is determined. The user device executes a program within the browser, according to various embodiments, which throws one or more exceptions associated with one or more particular browser versions. The results of the exceptions may be analyzed to determine whether the purported version of the browser appears to be a true version of the browser. If the analysis indicates that the purported version of the browser is not accurate, the request to access the one or more server resources may be evaluated at an elevated risk level. Inaccurately reported browser versions may indicate an attempt to gain unauthorized access to an account, and thus, being able to detect a falsely reported browser version can help improve computer security.

Abstract: Methods and systems to generate training data for a model are described. A processor may receive operational data collected by a component of a vehicle. The processor may receive a selection indicating a processing mode to process the operational data. The processor may identify, based on the processing mode, a simulation component configured to simulate the component of the vehicle. The processor may transform the operational data into an instruction for the simulation component. The instruction may be in a format executable by the simulation component to simulate the component of the vehicle. The processor may receive an output of the simulation performed by the simulation component. The processor may train a model using the received output, where the model is being trained to detect abnormal behavior exhibited by the vehicle.

Abstract: A controlling method of an electronic apparatus is provided. The controlling method of the electronic apparatus includes monitoring whether an application executed by the electronic apparatus performs a potentially malicious action, detecting that the application is a suspicious application based on the monitoring of the potentially malicious action, and isolating the suspicious application. The isolating may include at least one of: blocking communication with other applications stored in the electronic apparatus (or executed by the electronic apparatus) or blocking access to a shared memory (or shared directory). The controlling method may also include, based on the suspicious application being identified as not being malicious after the isolating of the suspicious application, releasing the isolating of the suspicious application.

Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.

Abstract: A virtualized storage for use in performing dynamic analysis of a sample is configured, at least in part by copying the sample to the virtualized storage. A virtual machine emulator is launched using a snapshot of a virtualized platform. A location of the copied sample in an image corresponding to the virtualized storage is determined, at least in part by identifying an offset. The copied sample is installed and dynamic analysis is performed on the sample.

Abstract: A trusted computing environment may be dynamically certified by providing a selectable boot option that controls running a loadable boot image in one of a test mode and a production mode. The test mode may automate running a processing standard validation test to obtain a processing standard validation test result. Responsive to running the processing standard validation test with a successful test result, a record indicating the successful test result and the loadable boot image is stored within the trusted computing environment, utilizing a certification process. Responsive to running the production mode, the trusted computing environment and the loadable boot image may be loaded.

Abstract: Embodiments detailed herein include, but are not limited to, a hardware processor to execute instructions and security circuitry to perform pre-boot operations including signature verification of a portion of firmware in a firmware storage hardware and initiating recovery upon a signature verification failure. The hardware processor comprises a plurality of cores in some embodiments. The hardware processor a multicore processor in some embodiments.

Abstract: According to some embodiments, a system, method and non-transitory computer-readable medium are provided to protect a decision manifold of a control system for an industrial asset, comprising: a detection and neutralization module including: a decision manifold having a receiver configured to receive a training dataset comprising data, wherein the decision manifold is operative to generate a first decision manifold with the received training dataset; and a detection model; a memory for storing program instructions; and a detection and neutralization processor, coupled to the memory, and in communication with the detection and neutralization module and operative to execute program instructions to: receive the first decision manifold, wherein the first decision manifold separates a normal operating space from an abnormal operating space; determine whether there are one or more inadequacies with the detection model; generate a corrected decision manifold based on the determined one or more inadequacies with the

Abstract: To facilitate distinguishing between topics which belong to the same or similar semantic fields, previously-known domain information is modeled with a bipartite graph. The bipartite graph created for the software security domain indicates a set of risks and a set of mitigation actions. A topic categorization system utilizes the bipartite graph to identify which risks and mitigation actions were discussed in a conversation by first using existing NLP techniques to extract relevant topics from conversation text and subsequently mapping the topics to the bipartite graph. A security assessment report identifying potential security threats and corresponding mitigation actions is generated based on the resulting mappings. Conversation fragments which were extracted and mapped are included in the assessment report.

Abstract: A semiconductor device includes a monitoring circuit receiving a first supply signal and generating a flag signal by monitoring a second supply signal provided to a monitored circuit; a watchdog circuit disposed in the monitoring circuit, receiving the first supply signal, and generating a watchdog signal; and a comparison circuit receiving the flag signal and the watchdog signal and generating a first signal which has a first level under an abnormal condition and a second level under a normal condition. The second level is different than the first level. The watchdog circuit sets the watchdog signal to a third level when the level of the first supply signal is lower than a first reference level. When the watchdog signal has the third level, the comparison circuit allows the first signal to have the first level regardless of the level of the flag signal.

Abstract: A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using a plurality of composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a different attack information asset protection providing multiple different attack protections each churn cycle.