Abstract: Computer-implemented detection of anomalous telephone calls, for example detection of interconnect bypass fraud, is disclosed. A telephone call associated with user devices is analyzed remote from the user devices. A first set of multiple features, for example Mel Frequency Cepstral Coefficients, is derived from a call audio stream. The first set is converted to an embedding vector, for example via a model based on a Universal Background Model comprising a Gaussian Mixture Model, which model is preferably configured based on a training plurality of first sets of multiple features derived form a corresponding training plurality of audio streams. Occurrence, or probability of occurrence, of an anomalous telephone call is determined based on the embedding vector, for example via a back-end classifier, such as a Gaussian Backend Model, which classifier is preferably configured based on labels associated with the training plurality of audio streams.

Abstract: An internal network can include a plurality of linked internal nodes, each internal node being configured to communicate with other internal nodes or with one or more external servers over an external network. The internal network can analyze the configuration of the internal nodes and the network traffic between internal nodes of the internal network and external servers. Based on the analysis, a network vulnerability score measuring the vulnerability of the internal network to attack can be determined. If the vulnerability score is below a threshold, the internal network can be isolated from the external network, for example by preventing internal nodes from communicating with or over the external network.

Abstract: A computer-implemented method comprising: instructing a computing device to obtain a permission from the user to monitor a plurality of activities executed within the computing device; receiving a call session request from a computing device associated with a second user; utilizing a trained machine learning algorithm to confirm an identity of the user based on the call session interaction parameter to confirm the call interaction session as a verified call interaction session; generating a fictitious call session interaction parameter that differs from the at least one call session interaction parameter; modifying the call session request into a verified call session request by replacing the call session interaction parameter with the fictitious call session interaction parameter; utilizing a telecommunication network to transmit the verified call session request with the at least one fictitious session interaction parameter to the first calling-enabled computing device; automatically instructing the first c

Abstract: A method for checking a message in a communication system, in which multiple users are connected to a communication medium and exchange messages via same. A time difference between points in time of reception of a message that is sent on the communication medium is ascertained at two different, predefined positions on the communication medium, and based on a comparison of the time to at least one reference time difference, it is determined whether the message originates from a verified user.

Abstract: Secure system and method of detecting and preventing inmate to inmate message relays. A system and method which monitors inmate communications for similar phrases that occur as part of two or more separate inmate messages. These similar phrases may be overlapping in real time as in a conference call or can occur at separate times in separate messages. The communications that appear similar are assigned a score and the score is compared to a threshold. If the score is above a certain threshold, the communication is flagged and remedial actions are taken. If the flagged communication contains illegal matter then the communication can be disconnected or restricted in the future.

Abstract: A set of alert records stored in a shared alert data store that is shared amongst a cluster of processing nodes are presented in an interface. From the interface, a request is received to delete an identified alert record from the set of alert records. A delete alert record matching the identified alert record is added to the shared alert data store. The identified alert record is deleted from the shared alert data store responsive to the request. The delete alert record is transmitted to a processing node of the cluster of processing nodes, wherein the processing node deletes a local copy of the identified alert record according to the delete alert record.

Abstract: A communication device and method can include one or more processors operatively coupled to memory, a sensor and an output device, where the one or more processors to perform operations of identifying target person locations using internet searching and short range communication enabled devices such as Bluetooth LE devices.

Abstract: Systems, computer program products, and methods are described herein autonomous conversion of a resource format using machine learning. The present invention is configured to receive a data transmission; extract, from the data transmission, a destination identifier and a primary data format; determine that the destination identifier is an approved destination identifier; compare the destination identifier to a plurality of reference patterns, wherein each reference pattern is associated with a set of conversion criteria; determine that the destination identifier does not match at least one set of conversion criteria; and convert, based on an output of a machine learning algorithm, the primary data format to a secondary data format.

Abstract: Various implementations described herein are able to leverage the interaction from one or more potential buyers relative to a digital image to automatically create a sales listing for items that appear to be of interest to the buyers. This reduces or eliminates all together the manual effort previously required of sellers in researching and collecting data on each item they wish to sell. Because of their technical nature, the innovative solutions described herein are also readily scalable which, in turn, greatly improves the seller's experience. Based on buyer interaction experiences, sales listings for each item for sale can be automatically created and listed.

Abstract: A method includes receiving historical interaction data, which includes a plurality of historical interactions. Each historical interaction is associated with a plurality of data fields. The method includes assigning a plurality of weights to the plurality of data fields, generating a neural network using the plurality of weights and the plurality of data fields, identifying a first plurality of feature indicators indicative of a first class, the first class being different from a second class; receiving a second plurality of feature indicators derived from data relating to compromised accounts, updating, a probability distribution component using the first plurality of feature indicators and the second plurality of feature indicators, and receiving current data for an interaction. The method also includes applying the probability distribution component to the current data, and scoring the interaction using the probability distribution component.

Abstract: The present disclosure provides an electronic device and a control method thereof. The electronic device of the present disclosure includes: a memory in which a speaker model including acoustic characteristics and context information of a first user voice is stored; and a processor for comparing a degree of similarity between the acoustic characteristics of the first user included in the speaker model and the acoustic characteristics of a second user voice, with a threshold value changing according to a degree of similarity between the context information included in the speaker model and the context information of the second user voice, and then performing authentication on the second user voice.

Abstract: Systems and methods are provided for accessing records using derivative locators. An open financial transaction may be initiated by a consumer at a merchant. The merchant may provide information relating to the transaction, which may include information about the consumer's device, to a repository. The merchant may provide transaction information to the acquiring bank, which may provide transaction to the global financial network, which may provide transaction information to an issuing bank. One or more requesting party (e.g., one or more of the acquiring bank, global financial network, or issuing bank) may formulate a derivative locator based on the transaction information received. The derivative locator may function as an index through which records in the repository may be accessed by the requesting party. A time comparison may be made in assisting with accessing the correct record in the repository.

Abstract: A fraud detection system receives incoming calls and determines a fraud score indicating the likelihood that the incoming call is from a fraudulent or malicious caller. The system is able to determine the age of a telephone number of an incoming call and from it determine a fraud score for the call.

Abstract: A system is described herein that facilitates the easy scheduling and conducting of prison visitations. The system provides a remotely-accessible means for visitors to authenticate themselves, check the availability of those they wish to visit, and schedule a visit with that individual. As part of this process, the system tracks the availability of prison inmates as well as the devices and visit sites that are available to those inmates. In this manner, the system can quickly identify the availability of different inmates in order to provide on-demand scheduling capabilities to potential visitors. The system is connected to multiple facilities as well as public networks, and therefore can be remotely accessed. Additionally, the system also functions to monitor visits while they are in progress, as well as to store visit recordings for future review. Because the system is networked, remote monitors can access the review system in order to monitor visits or review recordings.

Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.

Abstract: Disclosed are systems and methods for robocall steering over voice-hosted traffic networks. The disclosed framework provides novel systems and methods for increasing the accuracy and efficiency in tracking, identifying, blocking and preventing robocalls and robocallers. The disclosed systems and methods provide mechanisms for identifying and removing unwanted voice traffic from networks. The disclosed systems and methods analyze voice traffic over a predetermined period of time (e.g., 1 day or 30 days, for example), and leverage this information into a “know your customer” (KYC) score. This score enables incoming calls to be routed, controlled and/or blocked as they are communicated over voice networks.

Abstract: An internal network can include a plurality of linked internal nodes, each internal node being configured to communicate with other internal nodes or with one or more external servers over an external network. The internal network can analyze the configuration of the internal nodes and the network traffic between internal nodes of the internal network and external servers. Based on the analysis, a network vulnerability score measuring the vulnerability of the internal network to attack can be determined. If the vulnerability score is below a threshold, the internal network can be isolated from the external network, for example by preventing internal nodes from communicating with or over the external network.

Abstract: One example method of operation may include identifying one or more call parameters associated with each of a number of calls received over a fixed period of time, assigning scores to each of the calls based on the one or more identified call parameters for each of the plurality of calls, assigning one or more of the calls to a scam call category based on the assigned scores, and responsive to the assigning of the one or more of the calls to a scam call category, determining whether a number of remaining calls of the calls, which are not assigned to the scam call category, have increased or decreased beyond a deviation margin of a target percentage of calls.

Abstract: Presented herein are methodologies for implementing a system and apparatus to estimate a network disruption index and undertake a mitigation action accordingly. A method includes calculating a network disruption index based on at least a disruption score associated with a service request measure, an end-of-life measure, a security incident response measure and a return material authorization measure for respective hardware devices in a network, comparing the network disruption index to a predetermined threshold, and when the network disruption index is above the predetermined threshold, identifying one or more of the hardware devices in the network for a mitigation action and implementing the mitigation action.

Abstract: A system or method for dynamic redundant call recording may include a plurality of recording devices, each recording device having a plurality of recording resources, and a resource allocator. The resource allocator may receive a request from a call receiving node for commencement of a recording session. It may then attempt to connect to a first one of the plurality of recording devices and if successful, establish a recording session between the call receiving node and the recording device, or if not successful, attempting to connect the recording session controller to a second one of the multiple recording devices. Two resource allocators may operate in parallel to establish dual recording using resources at two different recording devices. Call content may be recorded separately from call metadata and may be integrated with the metadata using a unique call ID.

Abstract: Systems and methods for configuration vulnerability checking and remediation are provided. The systems provided herein identify risk based upon service indications of a particular configuration, such that automated risk analysis may be facilitated.

Abstract: A system and method are disclosed for training a machine-learning model to detect characteristics of fraudulent calls. The machine-learning model is trained using audio clips, voice recognition, call handler feedback and general public knowledge of commercial risks to detect and divert fraudulent calls, thereby alleviating the burdens otherwise placed on call center service representatives.

Abstract: A user interface for a fraud detection application includes a visual display; a plurality of panes displayed on the visual display, each pane including an identifier corresponding to a communication received; a graphical representation of a threat risk associated with the identifier; a numeric score associated with the threat risk, wherein the numeric score is a weighted score based on a plurality of predetermined factors updated substantially continuously. The graphical representation may include a status bar indicative of a threat risk associated with the identifier, the threat risk provided by the fraud detection algorithm and based on a weighted score. Each pane may include additional information about the identifier, such as a number of accounts accessed or attempted to be accessed associated with the identifier; a number of days the identifier has been active; a type of channel associated with the identifier; and a number of communications initiated by the identifier over a predetermined period of time.

Abstract: A method provides a security action based on identity profile scores. One or more processors represent an identity profile as a knowledge graph. The processor(s) associate a set of changes of the identity profile across a plurality of identity networks with a fraud score. The processor(s) then implement a security action based on the fraud score.

Abstract: Disclosed in some examples are methods, systems and machine-readable mediums which allow for more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions determined by the user. These systems secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols.

Abstract: The invention introduces a method for producing solid state disk (SSD) devices, performed by a processing unit of a production host, to include steps of: loading a port-mapping configuration table including location information regarding each port connected to the production host; comparing location information in a hardware description file with the location information in the port-mapping configuration table to determine which ports that SSD devices are connected to; displaying a graphical user interface (GUI) on a displayer to indicate which ports are connected by SSD devices; and when an SSD device connected to one port that fails to activate, updating the GUI to display information indicating that an SSD device connected to the corresponding port that fails to activate.

Abstract: Methods and systems are described herein for manipulating a communication acceptance screen, manipulating an interactive communication acceptance icon, and restricting access to accounts based on voice communication parameters. In particular, when a communication is detected from one device to another device, that communication may be risky. Thus, the risk is mitigated by giving a user information about the source of the communication to give a user a chance to reject the communication. In addition, in instances where the user accepts the communication, the system enables monitoring the communication and restricting any accounts that are disclosed within the communication.

Abstract: One example method includes configuring an input device based in part on a type of network with which the input device is expected to be used, configuring an output device based in part on a type of network with which the output device is expected to be used, registering the input device and the output device with an orchestrator, downloading a service needed to process a data stream generated by the input device, configuring an execution pipeline, and the execution pipeline includes the service, receiving the data stream from the input device and processing the data stream with the execution pipeline, and transmitting information relating to the processed data stream to the output device.

Abstract: An apparatus includes a memory and a processor. The memory stores a machine learning algorithm configured to generate, based on a given role of a plurality of roles within an enterprise, a policy for a new user assigned to the given role. The policy includes recommendations of virtual desktop resources of an enterprise system to provide to the new user. The machine learning algorithm was trained using information identifying virtual desktop resources used by a set of existing users of the system, each of whom is assigned to a role of the plurality of roles within the enterprise. The processor receives a request to provide a new user with access to the enterprise system. In response, the processor implements the machine learning algorithm to generate the policy for the new user, and subsequently provisions the new user with the one or more virtual desktop resources recommended by the policy.

Abstract: Disclosed is an incoming call processing method, applied to a mobile terminal and including: after receiving an incoming call carrying an INVITE signaling, determining, according to the INVITE signaling, a type of a calling number corresponding to the incoming call; determining whether the incoming call is a malicious call based on the type of the calling number; and intercepting the incoming call when it is determined that the incoming call is a malicious call. Also disclosed are a mobile terminal and a computer storage medium.

Abstract: A system is described herein that facilitates the easy scheduling and conducting of prison visitations. The system provides a remotely-accessible means for visitors to authenticate themselves, check the availability of those they wish to visit, and schedule a visit with that individual. As part of this process, the system tracks the availability of prison inmates as well as the devices and visit sites that are available to those inmates. In this manner, the system can quickly identify the availability of different inmates in order to provide on-demand scheduling capabilities to potential visitors. The system is connected to multiple facilities as well as public networks, and therefore can be remotely accessed. Additionally, the system also functions to monitor visits while they are in progress, as well as to store visit recordings for future review. Because the system is networked, remote monitors can access the review system in order to monitor visits or review recordings.

Abstract: An illegal call detection apparatus comprises a data collecting unit, a preprocessing unit, and a learning unit. The data collecting unit collects, from at least one of a subscriber terminal or a call exchanger, a raw packet generated by the subscriber terminal using a VoIP service, and collects, from the billing server, CDR data related to the raw packet. The preprocessing unit generates learning data by using service usage information extracted from the CDR data and service detailed information extracted from the raw packet, and generates a training image by converting the training data into an image according to a predetermined imaging rule. The learning unit extracts at least one or more features from the training image, and learns whether the training image is related to an illegal call by using the features, through an illegal call detection model.

Abstract: Systems and methods for initiating communication with a controlled-environment facility resident by a non-resident may employ a controlled-environment facility secure communication platform that receives an incoming communication request from a non-resident, directed to a telephone number assigned to a controlled-environment facility resident and/or a controlled-environment facility media and/or communications device associated with the resident, for a communication with the resident. The facility secure communication platform sends an event notice to the device associated with the resident or a controlled-environment facility media and/or communications terminal associated with the resident, in response to receipt of the incoming communication request.

Abstract: A method implemented by a firewall device in a network, comprising storing, by a memory, a firewall policy comprising information indicating whether to forward a data packet from a sending host entity to a receiving host entity, receiving, by a receiver, a data packet from a sending host entity, wherein the data packet includes an identifier of the receiving host entity, and determining, by a processor coupled to the memory and the receiver, whether to forward the data packet to the receiving host entity based on the firewall policy and the identifier of the receiving host entity.

Abstract: Presented herein are methodologies for implementing a system and apparatus to estimate a network disruption index and undertake a mitigation action accordingly. A method includes calculating a network disruption index based on at least a disruption score associated with a service request measure, an end-of-life measure, a security incident response measure and a return material authorization measure for respective hardware devices in a network, comparing the network disruption index to a predetermined threshold, and when the network disruption index is above the predetermined threshold, identifying one or more of the hardware devices in the network for a mitigation action and implementing the mitigation action.

Abstract: A computer-implemented method for managing access to data stored within a data source is provided. The method includes receiving updated account data including an updated account identifier, and at least one subscription rule for verifying that a merchant is authorized to receive updated account data. The method also includes storing the updated account data and the at least one subscription rule. The method further includes receiving a registration request from a requesting merchant including at least one candidate account identifier and one merchant identifier identifying the requesting merchant, and retrieving the at least one subscription rule after matching the candidate account identifier to the updated account identifier.

Abstract: Novel tools and techniques are provided for implementing prevention of foreign initiated fraudulent or unauthorized use of calling service. In various embodiments, a computing system might receive, from a first user device associated with an originating party, a request to access a first account of a calling system and an access code. Based on a determination that the received access code is valid, the computing system might determine whether the first user device associated with the originating party is located in a foreign country. If so, the computing system might determine whether a database contains a configurable flag indicating that international access is not allowed for the first account. If so, the computing system might initiate one or more first actions. If not, the computing system might provide the first user device with access to the first account of the calling system.

Abstract: A computing system, method and non-transitory computer readable memory are provided, to assist an agent during a client interaction between the agent and a client over a communications channel. An agent station may generate a graphic user interface (GUI) of the client interaction during the client interaction, the GUI displaying a current identified keyword and one or more interaction phases, each interaction phase having a respective current phase score for the client interaction. A keyword and associated keyword information from the client interaction may be received, including phase and corresponding phase score information, and the GUI updated with the currently identified keyword and newly received phase information accounting for the received corresponding phase score information.

Abstract: A voiceprint certification method is provided. The method is applicable to an electronic device which records a plurality pieces of user information and a plurality of voiceprints of a plurality of verification words corresponding to each piece of user information. The method includes: receiving first user information among the plurality pieces of user information; selecting at least one first verification word from the verification words corresponding to the first user information and generating a random verification sentence including the at least one first verification word, to prompt a user to read the random verification sentence; and certifying the user by comparing a user input sentence with the random verification sentence and by determining whether a voiceprint corresponding to the first verification word in the user input sentence matches the voiceprint of the first verification word corresponding to the first user information recorded in the electronic device.

Abstract: A system is described herein that facilitates the easy scheduling and conducting of prison visitations. The system provides a remotely-accessible means for visitors to authenticate themselves, check the availability of those they wish to visit, and schedule a visit with that individual. As part of this process, the system tracks the availability of prison inmates as well as the devices and visit sites that are available to those inmates. In this manner, the system can quickly identify the availability of different inmates in order to provide on-demand scheduling capabilities to potential visitors. The system is connected to multiple facilities as well as public networks, and therefore can be remotely accessed. Additionally, the system also functions to monitor visits while they are in progress, as well as to store visit recordings for future review. Because the system is networked, remote monitors can access the review system in order to monitor visits or review recordings.

Abstract: Embodiments of the present invention are directed to data integration and threat assessment for triggering analysis of connection oscillations in order to improve data and connection security. The invention leverages a security threat assessment engine and an analytics engine to gather and process data from a combination of internal and external data sources for a third party connection. The system continuously monitors and updates a generated threat level for a third party connection to determine changes or triggers indicating a potential security threat. In response to these determined changes or triggers, the system then responds to a detected security threat and minimizes damages resulting from data compromised by third party systems. Further, the system may extract and recover data from the third party systems and alter connection channels in order to further limit losses.

Abstract: One example method of operation may include identifying call data associated with a received call, identifying call parameters from the call data, and the call parameters include one or more call routing parameters associated with call routing of the call and one or more call session parameters associated with a call session of the call, assigning weights to one or more of the call routing parameters and the call session parameters, determining a scam score for the call based on a sum of the weights applied to the call routing parameters and the call session parameters, and blocking the call when the scam score is greater than or equal to a predetermined threshold scam score.

Abstract: A computer-implemented method includes receiving a first message intended for a target user device and determining that the target user device cannot receive the first message. The method also includes selecting a second user device from a dynamic list of second user devices believed to be in physical proximity to the target user device and sending a second message to the selected second user device, the second message at least referencing the first message. A system includes a processor and logic integrated with the processor, executable by the processor, or integrated with and executable by the processor. The logic is configured to perform the foregoing method. A computer program product for emergency message forwarding includes a computer readable storage medium having program instructions embodied therewith. The program instructions are executable by a computer to cause the computer to perform the foregoing method.

Abstract: Fraud detection is facilitated by developing account cluster membership rules and converting them to database queries via an examination of clusters of linked accounts abstracted from the customer database. The cluster membership rules are based upon certain observed data patterns associated with potentially fraudulent activity. In one embodiment, account clusters are grouped around behavior patterns exhibited by imposters. The system then identifies those clusters exhibiting a high probability of fraud and builds cluster membership rules for identifying subsequent accounts that match those rules. The rules are designed to define the parameters of the identified clusters. When the rules are deployed in a transaction blocking system, when a rule pertaining to an identified fraudulent cluster is triggered, the transaction blocking system blocks the transaction with respect to new users who enter the website.

Abstract: A method for filtering a telephone call is provided. The method may comprise receiving from a caller the telephone call directed to a communication device associated with an intended call recipient. The received telephone call may be scored based on predetermined scoring criteria to create a score indicative of a desirability of the telephone call. Furthermore, the method may comprise comparing the score to a predetermined threshold score. Based on the comparison, the method may further comprise selectively classifying the telephone call as an unwanted telephone call. Furthermore, the method may comprise selectively rejecting the unwanted telephone call.

Abstract: A user speech interface for interactive media guidance applications, such as television program guides, guides for audio services, guides for video-on-demand (VOD) services, guides for personal video recorders (PVRs), or other suitable guidance applications is provided. Voice commands may be received from a user and guidance activities may be performed in response to the voice commands.

Abstract: A computer implemented method and system for routing a call based on characteristics of call data are provided. The method may include: receiving or retrieving a first data set representing a first set of plurality of call features relating to an on-going call from a database; generating, using a machine learning model, a suspiciousness score of the on-going call based on the first data set, the suspiciousness score indicating a probability of the on-going call being a fraudulent call; routing the on-going call based on the suspiciousness score; displaying the first suspiciousness score on a graphical user interface; continuously receiving or retrieving a second data set representing a second set of plurality of call features relating to the on-going call from the database; updating the suspiciousness score of the on-going call based on the second data set; and displaying the updated suspiciousness score on the graphical user interface.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for receiving data that represents actions taken by a particular user with respect to entities of a plurality of entity types, disambiguating the data by identifying entities specified in the data using a machine learning based annotator that is trained to recognize entities and annotating the data, receiving a query specific from the particular user, querying the data that represents actions taken by the particular user, generating an answer to the query from the data representing the actions taken by the particular user, and providing the answer to the query.

Abstract: Audio waveform data can be received from a plurality of client devices. The audio waveform data for each client device can be generated by sampling at least one portion of an audio stream received by the respective client device. The audio waveform data received from the plurality of client devices can be compared. Based on the comparison, which of the plurality of client devices are located in a same location can be determined. Further, based on the comparison, which of the plurality of client devices located in the same location are to mute their respective input audio transducers can be determined, and an indicator indicating to the client devices to mute their respective input audio transducers can be communicated to the client devices that are determined to mute their respective input audio transducers.

Abstract: A computer-implemented method includes receiving a new data record associated with a transaction, and generating, using an adaptive model executed by the computer, a score to represent a likelihood that the transaction is associated with fraud. The adaptive model employs feedback from one or more external data sources, the feedback containing information about one or more previous data records associated with fraud and non-fraud by at least one of the one or more external data sources. Further, the adaptive model uses the information about the one or more previous data records as input variables to update scoring parameters used to generate the score for the new data record.