Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.

Abstract: Disclosed are systems and methods for robocall steering over voice-hosted traffic networks. The disclosed framework provides novel systems and methods for increasing the accuracy and efficiency in tracking, identifying, blocking and preventing robocalls and robocallers. The disclosed systems and methods provide mechanisms for identifying and removing unwanted voice traffic from networks. The disclosed systems and methods analyze voice traffic over a predetermined period of time (e.g., 1 day or 30 days, for example), and leverage this information into a “know your customer” (KYC) score. This score enables incoming calls to be routed, controlled and/or blocked as they are communicated over voice networks.

Abstract: An internal network can include a plurality of linked internal nodes, each internal node being configured to communicate with other internal nodes or with one or more external servers over an external network. The internal network can analyze the configuration of the internal nodes and the network traffic between internal nodes of the internal network and external servers. Based on the analysis, a network vulnerability score measuring the vulnerability of the internal network to attack can be determined. If the vulnerability score is below a threshold, the internal network can be isolated from the external network, for example by preventing internal nodes from communicating with or over the external network.

Abstract: One example method of operation may include identifying one or more call parameters associated with each of a number of calls received over a fixed period of time, assigning scores to each of the calls based on the one or more identified call parameters for each of the plurality of calls, assigning one or more of the calls to a scam call category based on the assigned scores, and responsive to the assigning of the one or more of the calls to a scam call category, determining whether a number of remaining calls of the calls, which are not assigned to the scam call category, have increased or decreased beyond a deviation margin of a target percentage of calls.

Abstract: Presented herein are methodologies for implementing a system and apparatus to estimate a network disruption index and undertake a mitigation action accordingly. A method includes calculating a network disruption index based on at least a disruption score associated with a service request measure, an end-of-life measure, a security incident response measure and a return material authorization measure for respective hardware devices in a network, comparing the network disruption index to a predetermined threshold, and when the network disruption index is above the predetermined threshold, identifying one or more of the hardware devices in the network for a mitigation action and implementing the mitigation action.

Abstract: A system or method for dynamic redundant call recording may include a plurality of recording devices, each recording device having a plurality of recording resources, and a resource allocator. The resource allocator may receive a request from a call receiving node for commencement of a recording session. It may then attempt to connect to a first one of the plurality of recording devices and if successful, establish a recording session between the call receiving node and the recording device, or if not successful, attempting to connect the recording session controller to a second one of the multiple recording devices. Two resource allocators may operate in parallel to establish dual recording using resources at two different recording devices. Call content may be recorded separately from call metadata and may be integrated with the metadata using a unique call ID.

Abstract: Systems and methods for configuration vulnerability checking and remediation are provided. The systems provided herein identify risk based upon service indications of a particular configuration, such that automated risk analysis may be facilitated.

Abstract: A system and method are disclosed for training a machine-learning model to detect characteristics of fraudulent calls. The machine-learning model is trained using audio clips, voice recognition, call handler feedback and general public knowledge of commercial risks to detect and divert fraudulent calls, thereby alleviating the burdens otherwise placed on call center service representatives.

Abstract: A user interface for a fraud detection application includes a visual display; a plurality of panes displayed on the visual display, each pane including an identifier corresponding to a communication received; a graphical representation of a threat risk associated with the identifier; a numeric score associated with the threat risk, wherein the numeric score is a weighted score based on a plurality of predetermined factors updated substantially continuously. The graphical representation may include a status bar indicative of a threat risk associated with the identifier, the threat risk provided by the fraud detection algorithm and based on a weighted score. Each pane may include additional information about the identifier, such as a number of accounts accessed or attempted to be accessed associated with the identifier; a number of days the identifier has been active; a type of channel associated with the identifier; and a number of communications initiated by the identifier over a predetermined period of time.

Abstract: A method provides a security action based on identity profile scores. One or more processors represent an identity profile as a knowledge graph. The processor(s) associate a set of changes of the identity profile across a plurality of identity networks with a fraud score. The processor(s) then implement a security action based on the fraud score.

Abstract: Disclosed in some examples are methods, systems and machine-readable mediums which allow for more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions determined by the user. These systems secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols.

Abstract: The invention introduces a method for producing solid state disk (SSD) devices, performed by a processing unit of a production host, to include steps of: loading a port-mapping configuration table including location information regarding each port connected to the production host; comparing location information in a hardware description file with the location information in the port-mapping configuration table to determine which ports that SSD devices are connected to; displaying a graphical user interface (GUI) on a displayer to indicate which ports are connected by SSD devices; and when an SSD device connected to one port that fails to activate, updating the GUI to display information indicating that an SSD device connected to the corresponding port that fails to activate.

Abstract: Methods and systems are described herein for manipulating a communication acceptance screen, manipulating an interactive communication acceptance icon, and restricting access to accounts based on voice communication parameters. In particular, when a communication is detected from one device to another device, that communication may be risky. Thus, the risk is mitigated by giving a user information about the source of the communication to give a user a chance to reject the communication. In addition, in instances where the user accepts the communication, the system enables monitoring the communication and restricting any accounts that are disclosed within the communication.

Abstract: One example method includes configuring an input device based in part on a type of network with which the input device is expected to be used, configuring an output device based in part on a type of network with which the output device is expected to be used, registering the input device and the output device with an orchestrator, downloading a service needed to process a data stream generated by the input device, configuring an execution pipeline, and the execution pipeline includes the service, receiving the data stream from the input device and processing the data stream with the execution pipeline, and transmitting information relating to the processed data stream to the output device.

Abstract: An apparatus includes a memory and a processor. The memory stores a machine learning algorithm configured to generate, based on a given role of a plurality of roles within an enterprise, a policy for a new user assigned to the given role. The policy includes recommendations of virtual desktop resources of an enterprise system to provide to the new user. The machine learning algorithm was trained using information identifying virtual desktop resources used by a set of existing users of the system, each of whom is assigned to a role of the plurality of roles within the enterprise. The processor receives a request to provide a new user with access to the enterprise system. In response, the processor implements the machine learning algorithm to generate the policy for the new user, and subsequently provisions the new user with the one or more virtual desktop resources recommended by the policy.

Abstract: Disclosed is an incoming call processing method, applied to a mobile terminal and including: after receiving an incoming call carrying an INVITE signaling, determining, according to the INVITE signaling, a type of a calling number corresponding to the incoming call; determining whether the incoming call is a malicious call based on the type of the calling number; and intercepting the incoming call when it is determined that the incoming call is a malicious call. Also disclosed are a mobile terminal and a computer storage medium.

Abstract: A system is described herein that facilitates the easy scheduling and conducting of prison visitations. The system provides a remotely-accessible means for visitors to authenticate themselves, check the availability of those they wish to visit, and schedule a visit with that individual. As part of this process, the system tracks the availability of prison inmates as well as the devices and visit sites that are available to those inmates. In this manner, the system can quickly identify the availability of different inmates in order to provide on-demand scheduling capabilities to potential visitors. The system is connected to multiple facilities as well as public networks, and therefore can be remotely accessed. Additionally, the system also functions to monitor visits while they are in progress, as well as to store visit recordings for future review. Because the system is networked, remote monitors can access the review system in order to monitor visits or review recordings.

Abstract: An illegal call detection apparatus comprises a data collecting unit, a preprocessing unit, and a learning unit. The data collecting unit collects, from at least one of a subscriber terminal or a call exchanger, a raw packet generated by the subscriber terminal using a VoIP service, and collects, from the billing server, CDR data related to the raw packet. The preprocessing unit generates learning data by using service usage information extracted from the CDR data and service detailed information extracted from the raw packet, and generates a training image by converting the training data into an image according to a predetermined imaging rule. The learning unit extracts at least one or more features from the training image, and learns whether the training image is related to an illegal call by using the features, through an illegal call detection model.

Abstract: Systems and methods for initiating communication with a controlled-environment facility resident by a non-resident may employ a controlled-environment facility secure communication platform that receives an incoming communication request from a non-resident, directed to a telephone number assigned to a controlled-environment facility resident and/or a controlled-environment facility media and/or communications device associated with the resident, for a communication with the resident. The facility secure communication platform sends an event notice to the device associated with the resident or a controlled-environment facility media and/or communications terminal associated with the resident, in response to receipt of the incoming communication request.

Abstract: A method implemented by a firewall device in a network, comprising storing, by a memory, a firewall policy comprising information indicating whether to forward a data packet from a sending host entity to a receiving host entity, receiving, by a receiver, a data packet from a sending host entity, wherein the data packet includes an identifier of the receiving host entity, and determining, by a processor coupled to the memory and the receiver, whether to forward the data packet to the receiving host entity based on the firewall policy and the identifier of the receiving host entity.

Abstract: Presented herein are methodologies for implementing a system and apparatus to estimate a network disruption index and undertake a mitigation action accordingly. A method includes calculating a network disruption index based on at least a disruption score associated with a service request measure, an end-of-life measure, a security incident response measure and a return material authorization measure for respective hardware devices in a network, comparing the network disruption index to a predetermined threshold, and when the network disruption index is above the predetermined threshold, identifying one or more of the hardware devices in the network for a mitigation action and implementing the mitigation action.

Abstract: A computer-implemented method for managing access to data stored within a data source is provided. The method includes receiving updated account data including an updated account identifier, and at least one subscription rule for verifying that a merchant is authorized to receive updated account data. The method also includes storing the updated account data and the at least one subscription rule. The method further includes receiving a registration request from a requesting merchant including at least one candidate account identifier and one merchant identifier identifying the requesting merchant, and retrieving the at least one subscription rule after matching the candidate account identifier to the updated account identifier.

Abstract: Novel tools and techniques are provided for implementing prevention of foreign initiated fraudulent or unauthorized use of calling service. In various embodiments, a computing system might receive, from a first user device associated with an originating party, a request to access a first account of a calling system and an access code. Based on a determination that the received access code is valid, the computing system might determine whether the first user device associated with the originating party is located in a foreign country. If so, the computing system might determine whether a database contains a configurable flag indicating that international access is not allowed for the first account. If so, the computing system might initiate one or more first actions. If not, the computing system might provide the first user device with access to the first account of the calling system.

Abstract: A computing system, method and non-transitory computer readable memory are provided, to assist an agent during a client interaction between the agent and a client over a communications channel. An agent station may generate a graphic user interface (GUI) of the client interaction during the client interaction, the GUI displaying a current identified keyword and one or more interaction phases, each interaction phase having a respective current phase score for the client interaction. A keyword and associated keyword information from the client interaction may be received, including phase and corresponding phase score information, and the GUI updated with the currently identified keyword and newly received phase information accounting for the received corresponding phase score information.

Abstract: A voiceprint certification method is provided. The method is applicable to an electronic device which records a plurality pieces of user information and a plurality of voiceprints of a plurality of verification words corresponding to each piece of user information. The method includes: receiving first user information among the plurality pieces of user information; selecting at least one first verification word from the verification words corresponding to the first user information and generating a random verification sentence including the at least one first verification word, to prompt a user to read the random verification sentence; and certifying the user by comparing a user input sentence with the random verification sentence and by determining whether a voiceprint corresponding to the first verification word in the user input sentence matches the voiceprint of the first verification word corresponding to the first user information recorded in the electronic device.

Abstract: A system is described herein that facilitates the easy scheduling and conducting of prison visitations. The system provides a remotely-accessible means for visitors to authenticate themselves, check the availability of those they wish to visit, and schedule a visit with that individual. As part of this process, the system tracks the availability of prison inmates as well as the devices and visit sites that are available to those inmates. In this manner, the system can quickly identify the availability of different inmates in order to provide on-demand scheduling capabilities to potential visitors. The system is connected to multiple facilities as well as public networks, and therefore can be remotely accessed. Additionally, the system also functions to monitor visits while they are in progress, as well as to store visit recordings for future review. Because the system is networked, remote monitors can access the review system in order to monitor visits or review recordings.

Abstract: Embodiments of the present invention are directed to data integration and threat assessment for triggering analysis of connection oscillations in order to improve data and connection security. The invention leverages a security threat assessment engine and an analytics engine to gather and process data from a combination of internal and external data sources for a third party connection. The system continuously monitors and updates a generated threat level for a third party connection to determine changes or triggers indicating a potential security threat. In response to these determined changes or triggers, the system then responds to a detected security threat and minimizes damages resulting from data compromised by third party systems. Further, the system may extract and recover data from the third party systems and alter connection channels in order to further limit losses.

Abstract: One example method of operation may include identifying call data associated with a received call, identifying call parameters from the call data, and the call parameters include one or more call routing parameters associated with call routing of the call and one or more call session parameters associated with a call session of the call, assigning weights to one or more of the call routing parameters and the call session parameters, determining a scam score for the call based on a sum of the weights applied to the call routing parameters and the call session parameters, and blocking the call when the scam score is greater than or equal to a predetermined threshold scam score.

Abstract: A computer-implemented method includes receiving a first message intended for a target user device and determining that the target user device cannot receive the first message. The method also includes selecting a second user device from a dynamic list of second user devices believed to be in physical proximity to the target user device and sending a second message to the selected second user device, the second message at least referencing the first message. A system includes a processor and logic integrated with the processor, executable by the processor, or integrated with and executable by the processor. The logic is configured to perform the foregoing method. A computer program product for emergency message forwarding includes a computer readable storage medium having program instructions embodied therewith. The program instructions are executable by a computer to cause the computer to perform the foregoing method.

Abstract: Fraud detection is facilitated by developing account cluster membership rules and converting them to database queries via an examination of clusters of linked accounts abstracted from the customer database. The cluster membership rules are based upon certain observed data patterns associated with potentially fraudulent activity. In one embodiment, account clusters are grouped around behavior patterns exhibited by imposters. The system then identifies those clusters exhibiting a high probability of fraud and builds cluster membership rules for identifying subsequent accounts that match those rules. The rules are designed to define the parameters of the identified clusters. When the rules are deployed in a transaction blocking system, when a rule pertaining to an identified fraudulent cluster is triggered, the transaction blocking system blocks the transaction with respect to new users who enter the website.

Abstract: A method for filtering a telephone call is provided. The method may comprise receiving from a caller the telephone call directed to a communication device associated with an intended call recipient. The received telephone call may be scored based on predetermined scoring criteria to create a score indicative of a desirability of the telephone call. Furthermore, the method may comprise comparing the score to a predetermined threshold score. Based on the comparison, the method may further comprise selectively classifying the telephone call as an unwanted telephone call. Furthermore, the method may comprise selectively rejecting the unwanted telephone call.

Abstract: A user speech interface for interactive media guidance applications, such as television program guides, guides for audio services, guides for video-on-demand (VOD) services, guides for personal video recorders (PVRs), or other suitable guidance applications is provided. Voice commands may be received from a user and guidance activities may be performed in response to the voice commands.

Abstract: A computer implemented method and system for routing a call based on characteristics of call data are provided. The method may include: receiving or retrieving a first data set representing a first set of plurality of call features relating to an on-going call from a database; generating, using a machine learning model, a suspiciousness score of the on-going call based on the first data set, the suspiciousness score indicating a probability of the on-going call being a fraudulent call; routing the on-going call based on the suspiciousness score; displaying the first suspiciousness score on a graphical user interface; continuously receiving or retrieving a second data set representing a second set of plurality of call features relating to the on-going call from the database; updating the suspiciousness score of the on-going call based on the second data set; and displaying the updated suspiciousness score on the graphical user interface.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving data that represents actions taken by a particular user with respect to entities of a plurality of entity types, disambiguating the data by identifying entities specified in the data using a machine learning based annotator that is trained to recognize entities and annotating the data, receiving a query specific from the particular user, querying the data that represents actions taken by the particular user, generating an answer to the query from the data representing the actions taken by the particular user, and providing the answer to the query.

Abstract: Audio waveform data can be received from a plurality of client devices. The audio waveform data for each client device can be generated by sampling at least one portion of an audio stream received by the respective client device. The audio waveform data received from the plurality of client devices can be compared. Based on the comparison, which of the plurality of client devices are located in a same location can be determined. Further, based on the comparison, which of the plurality of client devices located in the same location are to mute their respective input audio transducers can be determined, and an indicator indicating to the client devices to mute their respective input audio transducers can be communicated to the client devices that are determined to mute their respective input audio transducers.

Abstract: A computer-implemented method includes receiving a new data record associated with a transaction, and generating, using an adaptive model executed by the computer, a score to represent a likelihood that the transaction is associated with fraud. The adaptive model employs feedback from one or more external data sources, the feedback containing information about one or more previous data records associated with fraud and non-fraud by at least one of the one or more external data sources. Further, the adaptive model uses the information about the one or more previous data records as input variables to update scoring parameters used to generate the score for the new data record.

Abstract: A system and method are disclosed for training a machine-learning model to detect characteristics of fraudulent calls. The machine-learning model is trained using audio clips, voice recognition, call handler feedback and general public knowledge of commercial risks to detect and divert fraudulent calls, thereby alleviating the burdens otherwise placed on call center service representatives.

Abstract: A system and method for preventing illicit use of a telephony platform that includes enrolling a plurality of accounts on a telecommunications platform, wherein an account includes account configuration; at a fraud detection system of the telecommunications platform, receiving account usage data, wherein the usage data includes at least communication configuration data and billing configuration data of account configuration and further includes communication history of the plurality of accounts; calculating fraud scores of a set of fraud rules from the usage data, wherein at least a sub-set of the fraud rules include conditions of usage data patterns between at least two accounts; detecting when the fraud scores of an account satisfy a fraud threshold; and initiating an action response when a fraud score satisfies the fraud threshold.

Abstract: In a general aspect, audio recordings are managed to protect personal identifiable information (PII) and or sensitive personal information (SPI). In an aspect, a first audio file associated with a voice call and a second audio file associated with the voice call are obtained. The first audio file is partitioned into one or more segments. Which of the one or more segments of the first audio file the number of spoken digits exceeds a certain number are identified. The second audio file is partitioned into segments corresponding in time to the identified segments of the first audio file. The voice call is tagged as containing PII or SPI in response to determining that trigger words are spoken in at least one of the segments of the second audio file.

Abstract: Systems, methods performed by data processing apparatus and computer storage media encoded with computer programs for receiving an utterance from a user in a multi-user environment, each user having an associated set of available resources, determining that the received utterance includes at least one predetermined word, comparing speaker identification features of the uttered predetermined word with speaker identification features of each of a plurality of previous utterances of the predetermined word, the plurality of previous predetermined word utterances corresponding to different known users in the multi-user environment, attempting to identify the user associated with the uttered predetermined word as matching one of the known users in the multi-user environment, and based on a result of the attempt to identify, selectively providing the user with access to one or more resources associated with a corresponding known user.

Abstract: Systems and techniques for permitting, establishing, monitoring and controlling VOIP calls based on messages from outside parties, outside party availability information, institution's call restriction information, and/or account holder preferences. In one example, a message from an outside party app on an outside party computing device is receive by an inmate app on an inmate device. The inmate device displays the message at the inmate calling app including a request for the inmate to call the outside party device during a time period. When the inmate initiates a call to the outside party the call is permitted or not permitted based on determining whether the call is within the specified time period.

Abstract: Novel tools and techniques might provide for implementing call monitoring, and, in particular embodiments, to methods, systems, apparatuses, and computer software for implementing self-learning corrections facility call monitoring. In some embodiments, a method might comprise an automated call monitor monitoring a voice or video call between a call participant and a prison inmate, and analyzing at least one of conversation content of the call, voice characteristics of the call participant and/or the prison inmate, and/or (for video calls) body language of the parties to the call, to determine whether the conversation content, voice characteristics, and/or body language are indicative of impermissible content and/or impermissible conduct (i.e., indicative of past, present, and/or future criminal behavior or acts, and the like).

Abstract: An event-driven system, method and computer program product are provided to selectively generate events in response to receipt of data elements. The event-driven system includes processing circuitry configured to identify, in response to receipt of one or more data elements, an event that is impacted by the one or more data elements. The processing circuitry is also configured to determine whether at least a threshold number of consumers are currently listening for the event. In an instance in which at least a threshold number of consumers are currently listening for the event, the processing circuitry is configured to perform one or more computations based upon the one or more data elements to generate the event. Otherwise, however, the processing circuitry is configured to at least defer the one or more computations that would be performed upon the one or more data elements to generate the event.

Abstract: Systems and methods for detecting volume level changes in communications are described herein. In some embodiments, a system comprises a computer system. The computer system comprises at least one processor and a memory coupled to the at least one processor. The memory stores program instructions that are executable by the at least one processor to cause the computer system to perform tasks. The tasks include recording a communication that comprises audio, and analyzing the audio of the communication. The analysis of the audio is operable to detect a change in a volume level of the audio that indicates an occurrence of a potential event of interest. The tasks also include creating and storing an information record corresponding to the communication in a second database. The information record includes an indication of the detected change in the volume level.

Abstract: Systems and methods for voice authentication are provided. An example method starts with dynamically generating authentication information and a prompt associated therefor. The authentication information is generated to emphasize differences between an authorized user and others. The authentication information may be generated based on at least one of a user profile, an acoustic environment in which a mobile device is located, and a history of interactions with the mobile device. The authentication information may be an answer to a question which the authorized user would uniquely be able to provide, or it may be a distinctive password. The prompt, for the authentication information, is provided to a user attempting to use the mobile device. The method proceeds with capturing an acoustic sound of a speech of the user and detecting the authentication information in the speech. Based on the detection, a confidence score is determined.

Abstract: A method for communicating in real-time to users of a provider of Internet access service, without requiring any installation or set-up by the user, that utilizes the unique identification information automatically provided by the user during communications for identifying the user to provide a fixed identifier which is then communicated to a redirecting device. Messages may then be selectively transmitted to the user. The system is normally transparent to the user, with no modification of its content along the path. Content then may be modified or replaced along the path to the user. For the purposes of establishing a reliable delivery of bulletin messages from providers to their users, the system forces the delivery of specially-composed World Wide Web browser pages to the user, although it is not limited to that type of data.

Abstract: A component mounting system includes a component mounting line in which a plurality of processing devices are connected to constitute the component mounting line and a management device (management computer) connected to the component mounting line by a network, and each of the plurality of processing devices can be remotely operated via the network by an input unit of the management device. In this component mounting system, it is determined whether or not an error occurring in the processing device is a remote response error (ST1) and a remote operation right enabling the remote operation is set (ST21) with respect to the management device based on a result of the error type determination in a case where the type of the error is the remote response error (Yes in ST1).

Abstract: A phone frauds or scams detecting system comprises a first detecting unit for obtaining callers' characteristics and a second detecting unit for interacting with callers and obtaining callers' additional characteristics. The system determines frauds or scams based on the callers' characteristics and the callers' additional characteristics and plays commercial advertisements to the callers if one or many frauds or scams determined.

Abstract: A method of identifying recording of a conversation during a communication session, including establishing a communication session between a first participant and one or more remote participants, transmitting audio packets from a communication device of the first participant to the one or more remote participants, receiving audio packets from the one or more remote participants, including echo packets responsive to the transmitted audio packets, analyzing the received audio packets by an analysis application to identify delays in the echo packets relative to the transmitted packets providing an indication of the presence of a recording application at a communication device of a remote participant, notifying the communication device of the first participant.

Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.