Abstract: Systems and methods for automatically soliciting the purchase of a first or second machine-related resource in a forward market, wherein the first resource and the second resource are distinct instances of the same type of resource, are described. A sample system may include a fleet of machines, each having a resource requirement comprising at least two of: a compute resource, a spectrum resource, or a network bandwidth resource. The system may include an circuits to aggregate data corresponding to the machine-related resources from at least a behavioral data source, to determine a substitution cost of a second resource; to determine a machine-related resource acquisition value; and to automatically solicit a purchase, in a forward market, of one of the first resource or the second resource in response to the determined substitution cost of the second resource.

Abstract: This disclosure relates to the field of project related document analysis. Conventionally, process of retrieving right information related to a stakeholder with relevant project initiation concerns involves manual intervention resulting in more time consumption. The method of the present disclosure describes a system and method for automated extraction and classification of project initiation related information from request for proposal response documents The RFP response document is parsed using document structure based parsing technique to identify questions and answers. The questions from the RFP response document are classified into different classes of interest and important information from the answers are extracted and mapped to an identified class. The method of the present disclosure demonstrates significant improvement in terms of time consumption by reducing volume of information and providing a quick access to class-specific relevant information from the RFP response document.

Abstract: Methods, systems, and computer program products are provided for improving a network by modeling control strength of network nodes. Design and implementation (DIS) scores are calculated for each of a plurality of nodes. An initial strength (InitCS) corresponding to any control performed by the node is determined. n-subgraphs are generated based on a network graph. For each node in the subgraph of the n-subgraphs, a modified control strength (ModCS) corresponding to a combination of the InitCS, a weakening factor derived from a combination of a ModCS of a plurality of upstream nodes, and a reliance coefficient (RC) of each node-to-node relationship of the plurality of upstream nodes, is determined. A risk mitigation process is performed based, in part, on any one or a combination of: DIS, InitCS and ModCS.

Abstract: Device, system, and method for automatically detecting and classifying personally identifiable information (PII) in documents and files. A method includes performing a deterministic rule-based search, in a plurality of stored documents, for PII data-items. If the deterministic rule-based search indicates that a particular document is more likely than not to contain a PII data-items then the method includes: extracting a textual snippet from the particular document, wherein the textual snippets surrounds the PII data-item; adding the textual snippet and the particular document to one or more training datasets utilized for training a Large Language Model (LLM) configured to find PII data-items in documents for Named Entity Recognition (NER) in those documents.

Abstract: A cybersecurity risk management method may include recommending, for each of a plurality of affiliates of an entity, a respective cybersecurity criticality tier selected from a set of cybersecurity criticality tiers; receiving user input adjusting and/or adopting the recommended cybersecurity criticality tier for each of the affiliates; assigning each of the affiliates to the respective adjusted or adopted cybersecurity criticality tier; obtaining respective security scores for the affiliates; and displaying a user interface component configured to show a visualization of a cybersecurity risk management plan of the entity with respect to the plurality of affiliates, wherein the risk management plan partitions the affiliates into a plurality of affiliate sets based on the security scores and the assigned cybersecurity criticality tiers of the affiliates and specifies, for each of the affiliate sets, an action to be taken by the entity with respect to the affiliates in the affiliate set.

Abstract: A scoring system to assign an exposure metric to a service accessed by multiple end-user devices in an application layer of a cloud-based system. The scoring system includes multiple tenants comprising multiple end-user devices and a scoring server. The scoring server configures dimensions that are functions of the service. The scoring server identifies a resource and determines a resource metric that is a weight of the resource in a dimension. The scoring server further receives a policy and calculates a policy metric that is distance of the policy from origin of a vector space. The scoring server also aggregates the policies and/or the dimensions based on the policy metric, retrieves a dimension metric, and computes the exposure metric for the service. Finally, the scoring server stores the exposure metric of the services and alerts the end-user device about the status of the service.

Abstract: A system, method, and computer-readable medium are disclosed for performing entity interaction risk analysis operation. The entity interaction risk analysis operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; identifying an interaction between the entity and another entity based upon the monitoring; analyzing the interaction between the entity and the another entity; determining whether the interaction between the entity and the another entity is non-sanctioned; and, performing a security operation in response to the analyzing the interaction and the determining whether the interaction is non-sanctioned.

Abstract: A non-transitory computer-readable recording medium stores a program for causing a computer to execute a process, the process includes identifying, among pieces of feature information of a plurality of pieces of time-series data, a plurality of pieces of feature information similar to feature information of processing target time-series data, obtaining a predicted value distribution of the processing target time-series data based on each of the plurality of pieces of feature information, obtaining a combined distribution from the predicted value distribution, and determining a range of predicted value for the processing target time-series data based on the combined distribution.

Abstract: In a method of making work plans for construction machinery, information of the construction machinery at a work site is obtained. The information of the construction machinery is received via a wireless communication. The information of the construction machinery is displayed on a display portion of a server. A work plan of the construction machinery is created on the display portion of the server by using the information of the construction machinery and information stored in the server. The work plan is transmitted to the construction machinery.

Abstract: A machine-learning ecosystem includes a correlation module for building at least one prediction model based on at least one data input including at least one input parameter and at least one output parameter, the prediction model relating the output parameter to the input parameter. The correlation module performs at least one threshold check on the prediction model to assess the robustness of the prediction model. The ecosystem further includes a decision module communicatively coupled to the correlation module and receiving the prediction model from the correlation module. Based on a verification check at the decision module, a confirmation, a deferral, or a rejection of the prediction model is sent from the decision module to the correlation module.

Abstract: Methods and systems provide for presenting sentiment scores within a communication session. In one embodiment, the system connects to a communication session with a number of participants; receives a transcript of a conversation between the participants produced during the communication session; extracts, from the transcript, utterances including one or more sentences spoken by the participants; identifies a subset of the utterances spoken by a subset of the participants associated with a prespecified organization; for each utterance, determines a word sentiment score for each word in the utterance, and determines an utterance sentiment score based on the word sentiment scores; determines an overall sentiment score for the conversation based on the utterance sentiment scores; and presenting, to one or more client devices, at least the overall sentiment score for the conversation.

Abstract: The techniques described herein relate to methods, apparatus, and computer readable media configured to provide data-driven vendor risk assessment. In some aspects, a distributed computer system is provided that includes an interface component adapted to obtain security status information from at least two software application components, the at least two software application components being used by an organizational entity. The distributed computer system also includes a monitoring component adapted to receive the security status information from the at least two software application components and to determine a security status of the organizational entity based on the received security status information.

Abstract: A system and a method for mitigating risk associated with a machine-generated forecast. The system may receive data comprising at least one of product attributes, historical demand for a set of Stock Keeping Units (SKUs), a machine-generated forecast for the set of SKUs, and historical forecast adjustment for the set of SKUs. Further, the system may determine one or more metrics based on the received data. The one or more metrics are fed to a risk analyzer model. A Demand Planning Risk Index (DPRI) score for an SKU from the set of SKUs may be generated using the risk analyzer model. The DPRI score indicates a risk quotient for the SKU. Further, a forecast adjustment for the SKU with a high risk quotient may be recommended to mitigate the risk associated with the machine-generated forecast of the SKU.

Abstract: Systems, devices, and methods are discussed for identifying possible improper file accesses by an endpoint device. In some cases an agent is placed on each system to be surveilled that records the absolute paths for each file accessed for each user. This information may be accumulated and sent to a central server or computer for analysis of all such file accesses on a user basis. In some cases, a file access tree is created, and in some implementations be pruned of branches and leaves if deemed to be duplicates or very similar to other branched and leaves via a Levenshtein distance threshold. The resulting tree's edges may be scaled in particular implementations based on the deviation of a user's file accesses from their sphere of permissions. A variance metric may be computed from the final tree's form to capture the user's access patterns.

Abstract: Automated trust center for real-time security and compliance monitoring including maintaining, for an organization, a plurality of control statuses for a trust center report, including: retrieving control status responses from a group of services providers of the organization, wherein each control status response is associated with a control in the trust center report; and determining, based on the control status responses, a control status for each control of the trust center report; receiving a request for the trust center report from an organization client; generating, in real-time, the trust center report using the control statuses for each control; and providing, to the organization client, the trust center report generated in real-time using the control statuses for each control.

Abstract: Embodiments disclosed are directed to a computing system that performs steps to forensically isolate a compromised storage resource (e.g., bucket) of a production cloud computing and storage environment. In response to detecting an unauthorized access to resources (e.g., objects) stored in storage resource of the production cloud computing and storage environment, the computing system deploys a forensic isolation application that freezes the compromised storage resource so that a forensic analysis can be performed, duplicates the compromised storage resource's resources, and stores the duplicate resources as forensically isolated resources in a storage device outside of the production cloud computing and storage environment. The forensic isolation application then stores the duplicate resources as operational resources. Subsequently, the forensic isolation application reroutes authorized requests for the frozen resource to the operational copy of the frozen resource.

Abstract: A computing device includes a processor and a storage device. A vehicle asset modeling module is stored in the storage device and is executed by the processor to configure the computing device to perform acts of identifying and clustering a plurality of assets based on static properties of a vehicle asset using a first module of the vehicle asset modeling module. The clustered plurality of assets is determined based on dynamic properties of the vehicle asset using a second module. Event prediction is performed by converting a numeric data of the clustered plurality of assets to a natural language processing (NLP) domain by a third module. One or more sequence-to-sequence methods are performed to predict a malfunction of a component of the vehicle asset and/or an event based on past patterns. Prediction information is stored in the storage device.

Abstract: According to some embodiments, an enterprise proprietary data store contains a set of electronic data records, each electronic data record having with proprietary data and an associated governance structure. A compliance computer platform may receive the proprietary data and associated governance structure from the enterprise proprietary data store and define enterprise-wide decision accountabilities for the proprietary data based on the governance structure. The compliance computer platform may also define privacy objectives for the proprietary data based on the governance structure along with specific machine-level controls to test and confirm compliance with the governance structure.

Abstract: The technology disclosed relates to analysis of data posture of a cloud environment. In particular, the disclosed technology relates to a system and method for analyzing cloud assets, such as storage resources, compute resources, etc. to detect peak signals based on occurrences of sensitive data types or other data classifications in the cloud assets. A system for prioritized presentation of high-value cloud resources susceptible to cloud security risks includes a processor, a display, and memory accessible by the processor and executable to, on a cloud resource-by-cloud resource basis, analyze data in a given cloud resource, and attribute a plurality of data sensitivity parameters to the data in the given cloud resource, and a peak value indicating an appraisal of the data in the given cloud resource. A graphical interface includes graphical objects configured to display the given cloud resource, the plurality of data sensitivity parameters, and the peak value.

Abstract: ML methods and systems for cataloging and making recommendations based on domain-specific knowledge are disclosed. An example method includes: cataloging, using knowledge engines, data to develop knowledge repositories for respective domains; obtain current domain state data; obtain future domain state data; analyze, using first ML models, one or more of (i) data from the knowledge repositories, (ii) the first domain state data, and (iii) the second domain state data to identify a recommended set of one or more regulations, standards, policies and/or rules for a desired second domain state; analyze, using second ML models, (i) the recommended set and (ii) a current data and architecture state for a current computing environment to generate a summary of one or more cloud deployment options for migrating a current computing environment to a future computing environment for a future domain state; and cause the summary to be displayed on a computing device.

Abstract: Systems and techniques that facilitate automated health-check risk assessment of computing assets are provided that can generate a baseline health-check risk score that corresponds to non-compliance of a computing asset with a stipulated control, and can adjust the baseline health-check risk score based on a weakness factor of the stipulated control, an environmental factor of the computing asset, a criticality factor of the computing asset, and a maturity factor of the computing asset.

Abstract: A computer-implemented method for monitoring productivity, health and safety risks posed by activities and objects, and other signals present at industrial sites comprises: receiving data inputs from input devices at an industrial site; selecting a data model that is programmed to detect activities or objects associated with workers or equipment present at the industrial sites; applying the data inputs to the data model to receive output data specifying whether the activities or objects associated with workers or equipment are present at the industrial site; and if they are present: based the output data, determining characteristics of the activities or objects; based on the characteristics, determining whether that the activities or objects cause any productivity, health or safety risks at the industrial site; and if so, generating notifications indicating the health or safety risks at the industrial site.

Abstract: A computer-implemented system and method are disclosed that monitor and determine vendor compliance with at least some aspects of information and security criteria. At least one computing device is configured by executing code to access information and security criteria respectively associated with a vendor that provides a good and/or service. At least some aspects of the information and security criteria are provided by an organization considering the vendor and, further, the information and security criteria include at least one of cybersecurity criteria, regulatory criteria, intellectual property criteria, data management criteria, and policy criteria.

Abstract: In some implementations, a system may receive a submission associated with an innovation associated with an entity. The system may analyze, using a first machine learning model, the submission to identify a classification associated with the innovation. The system may analyze, using a second machine learning model in association with the classification, content of the submission to identify a characteristic of the innovation. The system may determine, using a third machine learning model and based on the characteristic, a ranking of the innovation relative to individual innovations in the subset of innovations. The system may determine, using a fourth machine learning model, an impact score associated with the innovation. The system may perform, based on the impact score satisfying a threshold, an action associated with a project involving the innovation.

Abstract: One embodiment of the present invention sets forth a technique for processing unstructured data. The technique includes applying one or more machine learning models to a set of candidate topics extracted from the unstructured data to determine a set of activities of interest included in the set of candidate topics. The technique also includes generating a set of scores for the activities of interest, wherein each score included in the set of scores represents an estimated impact of a corresponding activity of interest on operations within a domain. The technique further includes determining one or more activities included in the set of activities of interest based on a ranking of the activities of interest by the scores, and causing one or more alerts to be outputted in a user interface, wherein each of the alerts is associated with a potential event related to the one or more activities.

Abstract: This disclosure relates generally to system and method for assessing insider influence on enterprise assets. Existing work focuses on the detection of insider threat and does not consider the influence of an insider on their peers and subordinates. The present disclosure aggregates and preprocesses the enterprise data specific to the individuals received from various sources, and further creates an enterprise graph between entities. Weights of every edge connected between any two entities in the enterprise graph is then calculated. Community of the individuals are detected wherein, relevant insider(s) are identified, and susceptibility of the individuals for probable influence by relevant insider(s) based on the analysis scenarios(s) is calculated. Paths taken by the relevant insider(s) is calculated for estimating probability of data loss.

Abstract: Methods and systems are presented herein for assessing risk associated with a vendor providing services and/or other products to a financial institution, for preparation of associated risk assessment reports or vendor oversight reports, and for maintenance of a plurality of risk assessment reports or oversight reports associated with a plurality of vendors.

Abstract: Disclosed are methods and systems for determining combinations of system parameters that indicate a root cause of a system level experience deterioration (SLED). Some of the disclosed embodiments generate a decision tree from a first class of operational parameter datasets. Rules are derived from the decision tree. Filtered rule sets for feature parameters included in the system parameters are then determined. Pairs of features within a particular dataset that each satisfy their respective filtered rule sets are indicative of a root cause of the degradation, at least in some embodiments.

Abstract: A dynamical hierarchical tagging system connected to a user site through a remote communications network. The system may comprise a master controller, a job management server connected to the master controller, one or more scanners in communication with the job management server, wherein the one or more scanners are configured to scan for one or more user assets located at the user site, resulting in scan results, a scan logic processor connected to the master controller, wherein the scan logic processor is configured to store the scan results in a user database, a tagging logic engine connected to the master controller, wherein the tagging logic engine is configured to tag the scan results stored in the user database, and an indexing logic processor connected to the master controller, wherein the indexing logic processor is configured to search and index the tagged scan results stored in the user database.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; the security related activity comprising a concerning behavior, the security related activity being enacted during an activity session; associating the security related activity enacted during an activity session with a security risk persona; analyzing the security related activity, the analyzing the security related activity using the security risk persona; and, performing a security operation in response to the analyzing the security related activity.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; identifying a security related activity of the entity, the security related activity being of analytic utility; accessing an entity behavior catalog based upon the security related activity, the entity behavior catalog providing an inventory of entity behaviors; and performing a security operation via a human-centric risk modeling framework, the security operation using entity behavior catalog data stored within the entity behavior catalog based upon the security related activity.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; identifying an event of analytic utility; analyzing the event of analytic utility, the analyzing the event of analytic utility identifying an entity behavior associated with the event of analytic utility; and, performing the security operation in response to the analyzing the event of analytic utility, where the monitoring, identifying, analyzing and performing are performed via a distributed security analytics framework.

Abstract: Techniques and apparatus for providing peer-based management of user accounts are described. In one embodiment, for example, an apparatus may include at least one memory and logic coupled to the at least one memory. The logic may be configured to determine a total entity risk value representing a risk position of an entity comprising at least one segment, generate a plurality of risk tokens, each of the plurality of risk tokens having a token value that is a portion of the total risk value, determine a total segment risk value for the at least one segment, the total segment risk value representing a portion of the total entity risk value allocated to the at least one segment, and distribute the plurality of risk tokens to the at least one segment of the entity to correspond with the total segment risk value. Other embodiments are described.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source, the security related activity comprising a concerning behavior; generating a contextual modifier relating to the security related activity; analyzing the security related activity, the analyzing the security related activity being based upon the contextual modifier; and, performing a security operation in response to the analyzing the security related activity.

Abstract: A risk assessment system is provided and includes a transceiver, an output device, and activity, localization, tracking, and risk assessment modules. The activity module: receives signals from sensors or electrical devices of a supporting structure; and tracks activities in or within a set distance of the supporting structure to generate an activity history log. The localization module relates the activities to aspects of the supporting structure and generates corresponding localization data. The transceiver receives a notification key identifying a network device used by a user exposed to a contaminant. The tracking module, in response to the notification key, tracks contamination states of the aspects of the supporting structure contacted directly or indirectly by the user. The risk assessment module determines and reports an exposure risk level of an occupant of the supporting structure based on the contamination states, the localization data and the activity history log.

Abstract: There is provided a computer-implemented method of applying a first function to each data element in a first data set, the method comprising (i) determining whether each data element in the first data set satisfies a criterion, wherein the criterion is satisfied only if the result of applying the first function to the data element is equal to the result of applying a second first data set satisfies a criterion function to the data element; (ii) forming a compressed data set comprising the data elements in the first data set that do not satisfy the criterion; (iii) applying the first function to 10 each data element in the compressed data set; and (iv) forming an output based on the results of step (iii); wherein steps (i)-(iv) are performed using multiparty computation, MPC, techniques. A corresponding system and worker node are also provided.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; analyzing the security related activity, the analyzing the security related activity using a security risk persona; and, performing a security operation in response to the analyzing the security related activity.

Abstract: Aspects of the disclosure relate to using synthetic DNA stranding and mutant nucleotide processes to conduct enterprise market volatility predictions. In some embodiments, a computing platform may receive raw market data from a plurality of lines of business of an enterprise organization. Thereafter, the computing platform may preprocess the raw market data to obtain enterprise level market data, execute synthetic DNA stranding of the enterprise level market data to obtain synthetic DNA stranded market data, run the synthetic DNA stranded market data through one or more market volatility models, and compile results from the market volatility models on the synthetic DNA stranded market data. The computing platform may transmit results from the market volatility models on the synthetic DNA stranded market data. The transmitted results may be configured to display a market application interface that includes market volatility forecasting parameters based on results of the market volatility models.

Abstract: Aspects of the disclosure relate to using synthetic DNA stranding and mutant nucleotide processes to conduct enterprise market volatility predictions. In some embodiments, a computing platform may initiate a set of instructions associated with performing an action on a synthetic DNA market data set associated with a plurality of lines of business across an enterprise organization. Thereafter, the computing platform may convert the set of instructions to a mutant nucleotide sequence, and insert the mutant nucleotide sequence into the synthetic DNA market data set. The computing platform may extract, using the mutant nucleotide sequence, target information from the synthetic DNA market data set, and validate the target information to detect one or more anomalies. The computing platform may remove the one or more data anomalies, and subsequently output a validated synthetic DNA market data set to a synthetic DNA client server.

Abstract: A protection system, method, and a security device can protect an operational technology (OT) system having connected hardware equipment, including at least an interface that can receive a control communication and an industrial control device (ICD) for controlling at least one industrial device. They feature tasks/steps that receive control communication from the communication interface, determine whether the received control communication contains an undesirable control command, and either pass or block the received control communication to the ICD depending on whether the received control communication contains an undesirable control command. The security device can be disposed between a source of communication in an OT network and the ICD for protection.

Abstract: In an example embodiment, machine learning is utilized to automatically identify pain points of an entity. More particularly, a random forest search algorithm receives inputs from a number of different outside-in data engines. These inputs are segregated in terms of key performance indexes (KPIs), which is then fed to a random forest decision tree. The random forest search algorithm calculates a p-value for each KPI. This p-value may then be used to identify the most relevant KPIs (such as by ranking the KPIs by their respective p-values). Rules are utilized not to identify the pain points themselves, but instead to define sorting preferences (refine the ranking). Based on a combination of the p-values and the evaluation of the rules, the top-N pain points may be identified.

Abstract: Provided are a cloud platform-based comprehensive line network monitoring method and system. Device state data of each line is acquired, and stored in a monitoring platform and a data platform that are built on a cloud platform. The monitoring platform can only store only the latest device state data, perform data monitoring processing on the device state data to obtain real-time monitoring data, and transmit corresponding real-time monitoring data to a client at an application layer based on a data subscription demand of the client, to allow the client to perform real-time device monitoring processing based on the real-time monitoring data. Also, the data platform can provide, in response to a historical data application request sent by the client, the device state data to the client as historical statistical analysis data, to allow the client to perform historical state monitoring processing based on the historical statistical analysis data.

Abstract: A method in a network node is provided for mitigating disruption during maintenance of an edge gateway node of a communication network. The edge gateway node connects devices to services(s) of the communication network. First device(s) are capable of connecting to a cloud environment in the absence of the edge gateway node, and second device(s) are incapable of connecting to the cloud environment in the absence of the edge gateway node. The method comprises: establishing respective virtual devices for the second device(s), the virtual devices comprising predictive models trained to replicate data output by the respective second device(s); and, during a time interval in which the maintenance of the edge gateway node is performed: configuring the virtual device(s) to connect to a virtual edge gateway node established in the cloud environment; and configuring at least one of the first device(s) to connect to the virtual edge gateway node.

Abstract: Methods, apparatuses, systems, and computer program products are disclosed for outputting a contextually relevant development unit performance insight interface component in a project management and collaboration system. In an example embodiment, an apparatus detects an insight interface component request, accesses past development unit performance metrics data, determines a suggested development unit performance target, determines a selected development unit commitment, determines a visual emphasis element for the selected development unit commitment, wherein the visual emphasis element is configured to visually compare the selected development unit commitment to the suggested development unit performance target, generates a development unit performance summary insight interface component comprising the visual emphasis element, and outputs the development unit performance summary insight interface component for rendering to a project management user interface.

Abstract: A cybersecurity risk management method may include recommending, for each of a plurality of affiliates of an entity, a respective cybersecurity criticality tier selected from a set of cybersecurity criticality tiers; receiving user input adjusting and/or adopting the recommended cybersecurity criticality tier for each of the affiliates; assigning each of the affiliates to the respective adjusted or adopted cybersecurity criticality tier; obtaining respective security scores for the affiliates; and displaying a user interface component configured to show a visualization of a cybersecurity risk management plan of the entity with respect to the plurality of affiliates, wherein the risk management plan partitions the affiliates into a plurality of affiliate sets based on the security scores and the assigned cybersecurity criticality tiers of the affiliates and specifies, for each of the affiliate sets, an action to be taken by the entity with respect to the affiliates in the affiliate set.

Abstract: A method, apparatus, and computer program product are disclosed for improved machine learning using a statistical model. In the context of an apparatus, some example embodiments include a processor configured to cause retrieval of information regarding a plurality of consumers, and modeling circuitry configured to train a statistical model of the plurality of consumers based on the retrieved information, and predict, using the statistical model, an incremental booking value associated with the promotion for each consumer of the plurality of consumers. The processor is further configured to select a subset of the plurality of consumers for receiving impressions of the promotion. Some example embodiments may further include communications circuitry configured to transmit an impression of the promotion to each consumer in the subset of the plurality of consumers.

Abstract: A cognitive information processing system environment which includes a plurality of data sources; a cognitive inference and learning system coupled to receive a data from the plurality of data sources, the cognitive inference and learning system processing the data from the plurality of data sources to provide cognitively processed insights, the cognitive inference and learning system further comprising performing a learning operation to iteratively improve the cognitively processed insights over time; and, a destination, the destination receiving the cognitively processed insights.

Abstract: User behavior data of multiple users is acquired, and multiple user eigenvalues of user behavior data of each user under preset multiple user behavior dimensions are extracted. A user eigenvector of each user is determined based on the multiple eigenvalues of this user. Multiple user classes are obtained by clustering the user eigenvectors of multiple users are clustered through a preset clustering algorithm. A central vector of each user class is determined based on the user eigenvectors included in this user class. A difference eigenvector of each user class is determined, wherein a distance between the difference eigenvector and a central vector of an aggregation class to which the difference eigenvector belongs is not within a preset distance range. A user characterized by the difference eigenvector is determined as an abnormal user.

Abstract: Mobile device security techniques are described. For a specific computing device, for each of a plurality of distinct security categories, a risk score is determined. The determined risk scores are aggregated to obtain an overall risk score.

Abstract: Systems are provided for logging transactions in heterogeneous networks that include a combination of one or more instrumented components and one or more non-instrumented components. The instrumented components are configured to generate impersonated log records for the non-instrumented components involved in the transaction processing hand-offs with the instrumented components. The impersonated log records are persisted with other log records that are generated by the instrumented components in a transaction log that is maintained by a central logging system to reflect a complete flow of the transaction processing performed on the object, including the flow through the non-instrumented component(s).