Abstract: Automated document ingestion (ADI) provides a comprehensive system and method to streamline document ingestion automation through developing, deploying, and monitoring machine learning models and tools. The system is designed to integrate alongside existing manual entry pipelines within a company. ADI has multiple components to accomplish each step of this task, namely document enhancements, an augmented data entry user interface, and a machine learning operations (ML Ops) pipeline.

Abstract: Methods, apparatus, and systems to determine a niche market of items or services, the first phase of which identifies a gap between demand and supply for a set of items. Session logs may be evaluated to compare transactions involving a specific item to those of a larger group of items. The resultant information identifies areas of high demand, but with low availability. The niche market information may be provided as direct merchandising items for sellers. In one example, the method generates niche market item web pages in specific categories. Additional methods, apparatus, and systems are disclosed.

Abstract: When data is to be stored in or transferred to a storage system including a controller, the controller causes a selected offload instance to compress or to decompress the data to be stored in or to be transferred to the storage system, the selected offload instance being one or more offload instances that support a specific compression scheme and to which a compression or decompression load is to be offloaded.

Abstract: A method, computer system, and a computer program product for personalized content generation. Exemplary embodiments may include receiving content and a desired personality from which to personalize the content, as well as applying the desired personality to the content via application of a personalization model to the content.

Abstract: Systems and methods for dynamic data processing and graphical user interface generation are provided. A system may include a network interface configured to request and receive, via a computer network from one or more sources in remote locations, electronic record data associated with an individual; an input filter configured to identify structured and unstructured information in the electronic record data; a data selector configured to analyze the structured and unstructured information; a timeline generator configured to generate, based on the analysis, interface information for displaying an interactive graphical user interface configured to present an event timeline of events in the electronic record data; and a display configured to provide the interactive graphical user interface based on the generated interface information.

Abstract: An artificial intelligence (AI) search system can build or include one or more knowledge graphs and databases of indexes. The knowledge graphs can encode information and relationships from a variety of domains. The databases of indexes can store pointers to public and/or private data and raw content in those domains. An example of a domain includes fields requiring or handling geospatial data. The AI search system can receive a user query and process the query with AI models, including language models and knowledge graphs to identify data matching the intention and context of the user query. The AI search system can present relevant results in an assortment of user interfaces.

Abstract: Systems and methods are provided for implementing adaptable embedded search engine functionality. In an aspect, a shared SERP system receives a user search query from a first search utility among a plurality of search utilities, which is associated with corresponding apps that are different from each other. A router of the shared SERP system provides the user search query and location information to a first query builder among one or more query builders of the shared SERP system. The first query builder constructs a query request corresponding to the user search query, based on the provided user search query and location information. A first query executor among one or more query executors of the shared SERP system executes the query request to produce search results. A component renderer of the shared SERP system renders one or more UX components within the first SERP, based on the search results.

Abstract: An artificial intelligence (AI) search system can build or include one or more knowledge graphs and databases of indexes. The knowledge graphs can encode information and relationships from a variety of domains. The databases of indexes can store pointers to public and/or private data and raw content in those domains. An example of a domain includes fields requiring or handling geospatial data. The AI search system can receive a user query and process the query with AI models, including language models and knowledge graphs to identify data matching the intention and context of the user query. The AI search system can present relevant results in an assortment of user interfaces.

Abstract: Digital content layout encoding techniques for search are described. In these techniques, a layout representation is generated (using machine learning automatically and without user intervention) that describes a layout of elements included within the digital content. In an implementation, the layout representation includes a description of both spatial and structural aspects of the elements in relation to each other. To do so, a two-pathway pipeline that is configured to model layout from both spatial and structural aspects using a spatial pathway, and a structural pathway, respectively. In one example, this is also performed through use of multi-level encoding and fusion to generate a layout representation.

Abstract: A vehicle identification system may perform operations that include: receiving a scan request that includes an image that comprises image data; identifying one or more vehicles within the image based on the image data based on computer vision and object recognition; generating bounding boxes based on the identified vehicles; cropping the image based on one or more of the bounding boxes; classifying a vehicle depicted within the cropped image; and presenting a notification that includes a display of the classification of the vehicle at the client device.

Abstract: In various implementations, a keyword assignment and predictive intelligence model scrapes content of web pages and stack ranks them according to a coordinates-based embedding system. The model further analyzes weblog data associated with user identifiers and stack ranks those user identifiers according to keywords associated with the weblog data. In particular embodiments, machine learning is applied to account for the entire web journey associated with the user identifiers associated with users, predicting future page URLs as well as content, products, services, information, etc., that the users may seek.

Abstract: Techniques for learning and using content type embeddings. The content type embeddings have the useful property that a distance in an embedding space between two content type embeddings corresponds to a semantic similarity between the two content types represented by the two content type embeddings. The closer the distance in the space, the more the two content types are semantically similar. The farther the distance in the space, the less the two content types are semantically similar. The learned content type embeddings can be used in a content suggestion system as machine learning features to improve content suggestions to end-users.

Abstract: Embodiments of the present disclosure provide a page display method and apparatus, an electronic device, and a medium. The method includes: displaying a content browsing page, where the content browsing page includes a target control, and the target control indicates a target attribute; and displaying an updated target control on the content browsing page in response to a browsing parameter on the content browsing page satisfying a set condition, where the updated target control indicates an updated target attribute. The target attribute is applied to a page to be used for interaction, and the page to be used for interaction and the content browsing page are pages of different themes.

Abstract: According to an aspect, a method may include generating, by an interface-guided diffusion model, a UI-compatible output image in response to one or more prompts including user-generated text and input condition data. The input condition data includes user interface (UI) layout information about at least one UI element included in an interface of an application. The method includes providing the UI-compatible output image to the application.

Abstract: Generally discussed herein are devices, systems, and methods for training a partial differential equation (PDE) solver. A method can include training a neural network (NN) operator to estimate a partial differential equation (PDE) solution by in a first iteration, predicting, by the NN operator, an initial value for the PDE solution, in a subsequent iteration, adding noise to the initial value, in the subsequent iteration, estimating, by the NN operator, the noise resulting in predicted noise, determining a difference between the initial value and the predicted noise resulting in a refined value, and updating parameters of the NN operator based a difference between the refined value and a corresponding ground truth for the PDE.

Abstract: A non-transitory computer-readable recording medium stores an information processing program for causing a computer to execute processing including repeatedly performing a specific operation of calculating a solution of a parameter by using a function until the number of upper digits whose values match between a characteristic value that corresponds to a solution of the parameter calculated last time and a characteristic value that corresponds to a solution of the parameter calculated this time becomes equal to or greater than a first threshold.

Abstract: Multiply-accumulate processors within a tensor processing unit simultaneously execute, in each of a sequence of multiply-accumulate cycles, respective complex-data multiply operations using a shared complex data operand and respective fast-Fourier-transform parameters, each of the multiply-accumulate processors applying a new complex input data operand and respective fast-Fourier-transform parameter in each successive multiply-accumulate cycle to accumulate, as a component of a resultant fast Fourier transform, a respective sum of complex multiplication products.

Abstract: Method and apparatus for improved machine learning transformation operations on interleaved data are provided. A first interleaved data tensor having an unrealized set of dimensions is received, and a transformation operation to apply to the first interleaved data tensor is determined. A realized set of dimensions for output of the transformation operation is determined based on the unrealized set of dimensions and the transformation operation. A second interleaved data tensor is generated by applying the transformation operation to the first interleaved data tensor, comprising copying input elements in the first interleaved data tensor to output elements in the second interleaved data tensor based on indices in the realized set of dimensions.

Abstract: A multi-rule decision method of evaluating comprehensive performance of a battery stack includes selecting multiple indexes affecting the performance of the battery stack as a single-performance decision rule of the battery stack to form a decision rule vector. The method includes based on classical best worst method, obtaining a weight of each evaluation person of the comprehensive performance of the battery stack for the single-performance decision rule of the battery stack in the decision rule vector. The method includes based on entropy theory, aggregating the weight of the single-performance decision rule of the battery stack determined by each evaluation person of the comprehensive performance of the battery stack to obtain an importance weight of the evaluation persons of the comprehensive performance of the battery stack satisfying the iteration stop condition and a final comprehensive weight of the single-performance decision rule of the battery stack.

Abstract: A quantum-inspired parallel annealing method that enables full parallelism and improves solution quality, resulting in significant speed and energy improvement when implemented in analog memristor crossbars. Tasks are experimentally solved, including unweighted and weighted Max-Cut and traveling salesman problem using an integrated memristor chip. The method claimed herewith effective exploits the natural parallelism, analog conductance states and all-to-all connection provided by memristor technology, and therefore demonstrates significant improvements in time- and energy-efficiency compared to previous simulated annealing and Ising machine implemented on other technologies, having a large potential for solving complex optimization problems with greater efficiency.

Abstract: Systems and methods for lightweight proxy virtualization of a plurality of sensor data streams in a device are described. A processor can receive a plurality of sensor data streams from a plurality of sensors. The processor can identify missing sensor data in a sensor data stream among the plurality of sensor data streams. The processor can predict a value of the missing sensor data by running a machine learning model trained using sensor data determined based on at least one of a plurality of co-existence probabilities of the plurality of sensor data streams and a plurality of co-prediction accuracies of the plurality of sensor data streams.

Abstract: In one aspect, a computer-implemented method for recommending an optimal configuration for a target system is provided. The method includes obtaining a plurality of samples, wherein each sample corresponds to a system configuration. The method includes extracting, from each of the plurality of samples, a plurality of features. The method includes grouping the plurality of samples into one or more clusters, wherein each cluster comprises a set of one or more samples. The method includes calculating, for each respective cluster of the one or more clusters, one or more metrics for each extracted feature based on the set of one or more samples in the respective cluster. The method includes calculating, for each respective cluster of the one or more clusters, a weight for each extracted feature based on the calculated one or more metrics for each extracted feature. The method includes obtaining a set of one or more requirements for a target system.

Abstract: A method for classifying network traffic includes accessing processed network data that includes multiple groups. Each group includes multiple URL data objects and is associated with an entity. The method includes generating a dynamic intent score for each group by generating a comparison value for each URL data object within a group, selecting highest comparison values for the URL data objects within the group, generating the dynamic intent score by averaging the selected highest comparison values, and ranking the groups according to their respective dynamic intent scores. The comparison value for each URL data object is generated by scraping a webpage associated with a URL data object to generate a first scraped text data object, creating web embeddings by providing the scraped text data object to a machine learning module, and generating a comparison value by comparing the web embeddings with reference embeddings.

Abstract: To carry out a learning technique in which a solution of a parameter is not likely to be a locally optimal solution, a learning apparatus includes: a learning means for setting a parameter (?) included in a score function (f) for carrying out two-class classification of data, the learning means setting the parameter (?) such that, in a square having a horizontal axis representing a false positive rate and a vertical axis representing a true positive rate, an area of a region in which the false positive rate is not more than a given threshold is minimized in a region over a receiver operating characteristic (ROC) curve obtained from a training data group.

Abstract: The invention described herein is directed to a secure text messaging and object sharing mobile application connected to a DRM cloud service that provides encryption, digital rights management (DRM) of the text and of the attachments, blockchain transactions, the capability of attaching documents, photos and so forth, the capability of interfacing with a user's contacts application, and that operates in both Android and iOS environments.

Abstract: The invention relates to a container treatment system comprising at least one container treatment machine for treating containers and a central rights assignment system, the container treatment machine comprising a user interface for recognizing an identification element and for entering a user password, and the container treatment machine being designed to transmit identification data of a user to the central rights assignment system based on a recognized identification element and/or a recognized user password, the central rights assignment system being designed to transmit access data to the container treatment machine based on obtained identification data of a user, the access data defining group-based and/or user-based access rights for the container treatment machine, and the container treatment machine being designed to grant access rights to a user depending on obtained access data.

Abstract: Various aspects of the present disclosure generally relate to user devices. In some aspects, a user device may generate, using a fingerprint sensor of the user device, fingerprint information associated with a finger press of a user of the user device. The user device may authenticate the user in association with the fingerprint information. The user device may determine, in association with force information generated by a force sensor of the user device, an amount of force applied to a display screen of the user device by the finger press. The user device may perform, in association with authenticating the user, an action that is associated with the amount of force applied to the display screen. Numerous other aspects are described.

Abstract: A method of controlling a drive video record system includes providing a camera module for monitoring an area around a vehicle, a first memory for storing video transmitted from the camera module, and a controller including a second memory for storing a computer program for controlling storage of the video and a processor for executing the computer program, where through execution of the computer program, the processor acquires password information of a user, acquires video or audio according to a set condition, and encrypts and stores the video or audio based on the password information.

Abstract: A system and method for secure biometric enrollment includes externally activating a user device, obtaining an initial biometric sample of a user subsequent to externally activating the user device, storing the initial biometric sample as a trusted sample in a trusted template, obtaining at least one subsequent biometric sample, comparing the at least one subsequent biometric sample to the trusted template, and based on the comparing, when the at least one subsequent biometric sample does not match the initial biometric sample in the trusted template, storing the at least one non-matching subsequent biometric sample into a temporary buffer until an additional subsequent biometric sample is obtained and does match the initial biometric sample in the trusted template, placing the matching additional subsequent biometric sample into the trusted template and retroactively extending trust of association with the user to the non-matching at least one subsequent biometric sample in the temporary buffer.

Abstract: The password, a half century old concept that many depend on to preserve the confidentiality and integrity of data is badly broken, and accordingly places data and systems at great risk of loss or breach. This paper describes a passive and user independent means of applying concepts of identity, device trust, and risk based authentication to secure access to on-premise and cloud based resources; many of which rely solely on passwords. Additionally, this novel approach to authentication can further facilitate truly mobile computing, while maintaining, if not improving the overall user experience.

Abstract: In at least some embodiments, systems and methods of the present disclosure enable content selections for securing communications between agent devices and user devices. A request is received for a communication between an agent device and a user device. A user record associated with the user device is determined based on the characteristic. The security system may obtain content items for authenticating the agent device for the user device with the user record. A set of the plurality of content items are determined for display to the agent device. The set of the plurality of content items are transmitted to the user device associated with the user record. A content item identified by a content item selection is received. A match is determined between the selected content item and the set of content items. The communication is transmitted, responsive to the match, with a predetermined type data request for the user device to satisfy the authentication request.

Abstract: Methods and systems for securing extended functionality of endpoint devices are disclosed. To extend the functionality of endpoint devices, pre-provisioned code modules may be stored in management systems. To invocate the extended functionality of the endpoint devices, the endpoint devices may request copies of the pre-provisioned code modules from the management systems. Access to the pre-provisioned code modules may be secured using multiple layers of security. If the requirements of the multiple layers of security are fulfilled, access to the pre-provisioned code modules may be provided to extend the functionality of the endpoint devices.

Abstract: Disclosed herein is a trusted platform module (TPM) for authenticating a secure system, the TPM including: one or more registers to automatically generate and maintain hash values indicating current state values of the TPM, secure memory to store a key in association with a secure system, and a processor in network communication with the registers and the secure memory. During a secure boot up process, the processor can perform operations including: deriving the key for the secure system from the hash values that are automatically generated by the one or more registers, calculating a Hash-based Message Authentication Code (HMAC) value using the key, generating, based on the HMAC value, an authentication login token for the secure system, and advancing the hash values that are maintained by the one or more registers from their initial state during the secure boot up process.

Abstract: Systems and methods are described for authorizing users and/or devices. An example method may comprise receiving, from a user device, a request to access a function associated with a service account. The request may comprise an identifier of the user device. The example method may comprise determining, based on the identifier, a primary authority holder of the service account. The example method may comprise determining that a first record on a first distributed ledger associated with the primary authority holder indicates that the user device is associated with the primary authority holder. The example method may comprise determining that a second record on a second distributed ledger associated with the user device indicates that the user device is associated with the primary authority holder. The example method may comprise granting, based on the request, the first record, and the second record, the user device access to the function.

Abstract: A component authentication method includes, after a computer is powered on, a baseboard management controller (BMC) in the computer sends an authentication request to one component in the computer, to initiate access authentication on the component. The component sends an access request to the BMC, where the access request carries an access authentication certificate of the component. After verification on the access authentication certificate of the component succeeds, the BMC sends an access response to the component such that, before the component is booted, the BMC verifies the access authentication certificate of the component, and the component is allowed to be booted only if the verification succeeds.

Abstract: Disclosed are example methods, systems, and devices that allow for generation and maintenance of a central identity databank for a user's digital life. The identity databank may include identity elements with payload values and metadata values corresponding immutable attributes of the user. A multifactor identity authentication protocol allows service provider devices to more reliably validate transactions with user devices via an identity system. The identity databank may include passwords, which may be generated by the identity system linked to user accounts and/or service providers. The passwords may be provided to service provider devices, eliminating the need for users to conceive of a multitude of varying passwords for the user's accounts.

Abstract: Computer generated password criteria generated in response to a required password change can include detecting a request for a new password for a program. A password criteria for the new password is generated, which is different than a previous password criteria. A submitted new password is received and a determination is made when the submitted new password meets each of the password criteria for the new password. Responsive to determining the submitted new password meets each of the password criteria for the new password, access is allowed to the program.

Abstract: Provided is a method for securely executing an application, wherein a memory space of said application comprises an execution enclave configured to access a memory of the second device storing sealed data obtained by a sealing enclave by sealing on a first device a predetermined message with a first hardware key associated to said first device based on a value depending on an identity of said sealing enclave, and comprising, performed by said execution enclave to verify that the second device is authorized to execute the application. Other embodiments disclosed.

Abstract: Systems and methods include responsive to a user attempting to access content in a cloud-based system, obtaining the content associated with the user; sending the content to a sandbox for processing; rendering the content within an isolated browser, thereby allowing the user to interact with the content during the processing; and receiving a verdict from the sandbox, wherein the verdict labels the content as one of malicious, benign, and unknown, and performing an action based thereon.

Abstract: In some implementations, a device may obtain an indication of one or more permissions associated with a dataset shared by a data provider via a first execution environment. The device may obtain an indication of one or more data processing applications associated with respective intents, wherein the one or more data processing applications are executable via a second execution environment, and wherein the respective intents indicate an intended use of data in association with the one or more data processing applications. The device may detect a data usage violation associated with a data processing application, from the one or more data processing applications, that has accessed and processed data from the dataset in the second execution environment, based on an intent associated with the data processing application not being permitted by the one or more permissions. The device may perform an action based on detecting the data usage violation.

Abstract: A secure element is configured to execute bytecode in a runtime environment and/or an applet. The secure element is configured to engage a free bytecode in a bytecode range that is unused according to the programming language specification with a user-defined bytecode. The chip card is furthermore configured to provide an allocation table for converting the user-defined bytecode into a standard bytecode sequence, the conversion taking place according to the context of the use of the user-defined bytecode. The solution permits a memory space saving.

Abstract: Systems and methods for compartmentalization. In some embodiments, in response to receiving a compartment update request, a target compartment of a compartment transition triggering the compartment update request may be determined, and a compartment configuration corresponding to the target compartment may be loaded, wherein the compartment configuration indicates at least one address range associated with the target compartment.

Abstract: A non-transitory computer readable medium contains instructions that when executed cause one or more processors to perform cybersecurity operations that include detecting an interpreter-based application configured to exhibit native functionality and to generate a plurality of execution contexts following receipt of an original input code. An interpreter-based cybersecurity agent is injected within the detected interpreter-based application, which is itself configured for execution by the interpreter-based application prior to execution of the original input code. Exposed APIs are patched using the injected interpreter-based cybersecurity agent to cause patched APIs to exhibit non-native functionality in order to thwart exploitations.

Abstract: A method includes receiving precursor alerts from a precursor detector that detects events from a processing unit, wherein each precursor alert comprises information of an event from the processing unit, the information of an event from the processing unit, detecting a first event in the precursor alerts indicating undesirable behavior and including a first score that is above a first value, setting a first timer for a first period of time, accumulating a score update with the first score of the first event. Upon the score update reaching or exceeding a first threshold value within the first period of time, generating a refined alert.

Abstract: A system and method for securing a computing infrastructure. A method includes performing reconnaissance with respect to a computing infrastructure in order to identify a plurality of portions of the computing infrastructure and a plurality of components of the computing infrastructure; correlating the plurality of portions of the computing infrastructure with the plurality of components of the computing infrastructure; identifying an integration point among the computing infrastructure based on the correlation, wherein the integration point is one of the plurality of components of the computing infrastructure through which the computing infrastructure is integrable; and performing at least one mitigation action based on the identified integration point.

Abstract: Systems and methods are provided for protecting identity information in a directory, such as Active Directory. A method, according to one implementation, include the step of conducting a scan of a directory of a network domain to gain visibility of one or more vulnerabilities of the directory. The one or more vulnerabilities define a potential security risk that would allow an attacker to leverage identity-related information from the directory. The method further includes the step of guiding an administrator regarding management of the directory to reduce the potential security risk. Also, the method includes the step of monitoring the directory for one or more attacks to leverage the identity-related information.

Abstract: A method of enhancing network security across a plurality of tenants is disclosed herein. The method can include: providing a Security Information, and Event Management (SIEM) management application configured to be hosted by a SIEM provider server communicably coupled to a tenant server; coupling, via a data connector, the SIEM management application to a log source hosted by the tenant server, wherein the data connector is configured the control a flow of data to and from the log source; generating, via the SIEM management application, a JavaScript Object Notation (JSON) based solution bundle for the log source; visually displaying, via a user interface of the SIEM management application, a proposed SIEM protocol for the tenant server based, at least in part, on the JSON-based solution bundle; and deploying, via the SIEM management application, the proposed SIEM protocol from the SIEM provider server to the tenant server.

Abstract: Artificial intelligence, in the form of machine-learning models, are implemented to dynamically detect when an online or mobile app application is being filled-out/submitted by an autonomous software program/bot (e.g., an invalid application submission), as opposed to a human (i.e., a valid application submission). Telemetry data is captured from the mobile application or web/online application that is indicative as to whether the application forms are being filled-out by a human or an autonomous software program. The telemetry data is applied to machine learning models to determine if the telemetry data results in a recognized pattern that indicates autonomous software program data entry or, conversely, human data entry. In the event that an application submission is determined to be filled-out by an autonomous software program/bot, subsequent submission and/or further processing of the application is denied.

Abstract: A system can receive a request that is associated with a user account to perform an operation on the system. The system can evaluate the request based on a security breach policy to produce a security result. The system can, in response to determining that the security result indicates that there is a possible security breach, determine not to perform the operation, and perform a mitigating action regarding the possible security breach. The system can, in response to the security result indicating that the possible security breach does not exist, perform the operation.

Abstract: A system providing differentiation of devices for home network microsegmentation and device security status reporting is disclosed. The system gathers characteristic data for devices of a non-organizational network. Based on the characteristic data, the system determines whether the devices are associated with an organizational network. If a device is associated with the organizational network, the system automatically generates a microsegmented organizational network that is separately accessible from the non-organizational network and assigns each device associated with the organizational network to the microsegmented organizational network. The system analyzes communications associated with the devices and may determine a risk score for the non-organizational network based on the communications and/or characteristics of the devices and networks.