Abstract: A failure prediction subsystem may obtain metrics information from a set of servers, the metrics information including measurements of the operation of the set of servers. The failure prediction subsystem may then determine a mean time between failures for at least one server of the set of servers by at least providing a portion of the metrics information as an input to a machine learning algorithm. The machine learning algorithm may output a mean time between failure for at least one server of the set of servers and the failure prediction subsystem may determine if mitigating action should be taken based at least in part on the mean time between failure.

Abstract: A system and method for securing access to sensitive content on the web is disclosed. The approach automates compartmentalization practices for accessing different kinds of content with different browser instances. The automation is transparent to the user and does not require any modification of how non-sensitive content is accessed. For sensitive content, a Fresh Browser Instance (FBI) is automatically created to access the content. In addition, the automatic FBI system may provide support for novice users with predefined sensitive content sites as well as for more experienced users who can define conflict of interest (COI) classes which allows content from sites in the same user-defined class to coexist in a browser instance.

Abstract: An electrically erasable programmable read only memory (EEPROM) emulation (EEE) system includes a non-volatile memory arranged to have a plurality of sectors in which each sector is arranged to have a plurality of record locations. A new record of new data is programmed into a record location of an active sector of the plurality of sectors. After successfully completing the programming of the new record, a number of failure-to-program (FTP) occurrences during the programming is compared to a first threshold. When the number of FTP occurrences is greater than the first threshold, a determination is made as to whether compression is needed, and in response to determining that compression is needed, the method includes selectively performing compression based on a second threshold.

Abstract: Methods and apparatus for a secure framework for storing and analyzing genomic data. Embodiments of the present invention apply persistent governance to sensitive information and to the analytics that operate upon it, managing the interaction between the two.

Abstract: Example embodiments disclosed herein relate to determining a secure activity of an application under test (AUT). Execution of an application under test is monitored. During an attack vector, an application programming interface associated with a secure activity is determined. A message is sent to a security test that secure activity occurred.

Abstract: A method for analyzing data of a networked computing environment, the method includes a computer processor analyzing a plurality of data of a networked computing environment aggregated during a first time interval, where the data includes messages that include message IDs. The method further includes identifying a frequency value of occurrences of a message ID within the plurality of data during the first time interval. The method further includes determining whether the frequency value of the occurrences of the message ID during the first time interval correlates to an anomaly that occurs within the networked computing environment. The method further includes responding to determining that the frequency value of the occurrences of message ID within the first time interval correlates to the anomaly by determining a first response to the anomaly. The method further includes initiating the first response to one or more elements of the networked computing environment.

Abstract: A method of facilitating access to a promotional offer, the method comprising: receiving at a server system a page request from a client device; and sending program code executable in a browser application to the client device in response to the page request, the program code being executable to display at least one promotional offer and a promotional code, to provide a flash object at a display position of the promotional code and, in response to selection of the flash object, to cause the promotional code to be copied to a user-accessible memory of the client device and to open a new browser display of the browser application.

Abstract: An information processing device including a memory, and a processor coupled to the memory and the processor configured to execute a process, the process including generating data indicating a relationship between a processing load and a communication load of a first computer which executes a specified process in a second information processing system which is the same as or similar to a first information processing system in which a failure occurs, and calculating a processing load of a second computer which executes the specified process in the first information processing system based on the generated data and a communication load of the second computer, the estimated processing load being a processing load before the failure occurs in the first information processing system.

Abstract: A memory device includes a memory array including a plurality of memory cells; and a controller coupled to the memory array, the controller configured to iteratively: determine a first error rate corresponding to a current processing level for processing data corresponding to a subset of the plurality of memory cells, determine a second error rate using an offset processing level for processing the data corresponding to the subset of the plurality of memory cells, wherein the offset processing level is offset from the current processing level by a first offset amount, and generate an updated processing level for the subset of the plurality of memory cells based on a comparison of the first error rate and the second error rate.

Abstract: A controller device sends predictions from a machine learning module to source endpoints. The controller receives flow information and network information from a network elements in a network. The flow information is associated with source routed data flows that traverse the network in source routed network paths. The network information is associated with network characteristics of each of the network elements included in at least one of the source routed network paths. The controller analyzes the flow information and the network information with machine learning to generate a prediction of at least one metric of source routing behavior within the network. The controller sends the prediction of the at least one metric to one or more source endpoints to optimize the source routed network paths used by future source routed data flows originating from the one or more source endpoints.

Abstract: Access to personal information is restricted when analyzing errors in computer programs. Variables are named with prefixes to identify data that must be transformed before disclosure. If a variable has a name that requires transformation, the associated data must be transformed before resolving an error.

Abstract: A system and method can support resettable acknowledgements for synchronizing data between clusters in a distributed data grid. The system can use one or more unique identifiers (IDs) to support message passing between different clusters in the distributed data grid. A first cluster can receive a first replication message from a second cluster, wherein the replication message indicates that the replication message is from a new cluster. Then, the system can reset the first cluster to preserve idempotence in possessing one or more replication messages that are received from the second cluster, following the first replication message.

Abstract: Aspects of the present disclosure describe methods and systems for recommending prioritized performance test workloads. An example method generally includes searching one or more external resources using a keyword from a number of keywords associated with a baseline test workload for a software release. The method further includes creating a risk profile for the software release based, at least in part, on a number of matches found in search results resulting from the searching. In addition, the method includes generating a prioritized test workload for execution over one or more prioritized variability dimensions based on the risk profile and the baseline test workload. The method also includes executing a test of the software release based on the prioritized test workload.

Abstract: A system and method for evaluating performance of a software application. The present invention includes analyzing by one or more computing devices a plurality of program code lines of the software application stored in one or more computer databases. Further, one or more equivalent program regions within the plurality of program code lines may be identified. One or more markers in the identified one or more equivalent program regions may be inserted and stored in the one or more computer databases. Further, the plurality of program code lines may be compiled and assembled respectively to generate an executable code. The executable code may include a plurality of instructions. Further, performance metrics of the software application may be measured by manipulating the plurality of instructions based on the one or more equivalent program regions identified by the inserted one or more markers and executing the executable code.

Abstract: A method of facilitating access to a promotional offer, the method comprising: receiving at a server system a page request from a client device; and sending program code executable in a browser application to the client device in response to the page request, the program code being executable to display at least one promotional offer and a promotional code, to provide a flash object at a display position of the promotional code and, in response to selection of the flash object, to cause the promotional code to be copied to a user-accessible memory of the client device and to open a new browser display of the browser application.

Abstract: A method of facilitating access to a promotional offer, the method comprising: receiving at a server system a page request from a client device; and sending program code executable in a browser application to the client device in response to the page request, the program code being executable to display at least one promotional offer and a promotional code, to provide a flash object at a display position of the promotional code and, in response to selection of the flash object, to cause the promotional code to be copied to a user-accessible memory of the client device and to open a new browser display of the browser application.

Abstract: Described is a technology in which one application running in a browser can host another application (e.g., an advertisement) in an isolated manner that prevents the hosted application from accessing browser data, or data of any other hosted application (including the host). The host and/or hosted application may be a browser plug-in (e.g., Microsoft® Silverlight™) application. The host application privately instantiates a hidden plug-in, with that hidden plug-in's access to browser data disabled, and loads the hosted application in the hidden plug-in. A XAML tag element may be used to identify the hosted application, along with a rendering area for the hosted application. Content from the hosted application is composited with content from the host application when rendering. The host application may provide keywords to the hosted application, such as for selecting relevant advertisements, and/or may allow the hosted application to open a browser window to display associated website content.

Abstract: A system for managing application performance performs a learning phase and a monitoring phase. One embodiment of the learning phase comprises monitoring performance of multiple components of a software system to create first monitored component data for the multiple components and automatically identifying correlation between the components and a performance metric based on the first monitored data. The monitoring phase comprises monitoring performance of the multiple components of the software system to create second monitored component data for the multiple components, using the identified correlation to predict the performance metric, calculating the actual performance metric based on the second monitored component data, and reporting a performance problem if the actual performance metric differs from the predicted performance metric by more than a threshold.

Abstract: A code deployment system deploys code to a set of application systems that execute the application, which may be across several tiers of systems that service requests related to the application. At each system, the application executes and is analyzed during execution to determine active code that is loaded by the application during execution, which may include dynamically-generated code. The active code is then analyzed using static analysis to determine security vulnerabilities and errors in the code that was loaded and operated at each application tier. The active code may also be associated with a specific use case or set of inputs that were applied to the application during the monitoring.

Abstract: Disclosed herein are systems, devices, and methods related to analyzing faults across a population of assets. In particular, examples involve receiving a selection of variables each corresponding to an asset attribute type, accessing data associated with the selected variables, determining the number of fault occurrences across the population of assets for each combination of values of the selected variables, and facilitating the identification of outlier combination(s) that correspond to an abnormally large number of fault occurrences relative to other combination(s).

Abstract: A method for controlling the running of an application includes loading an application to be monitored; running the application loaded herein in a constructed running environment; and, according to a preset running configuration, executing a corresponding operation in the running environment, and processing a system call triggered by the application according to the operation herein. Furthermore, a device for controlling the running of an application includes a loading module configured to load an application to be monitored; a running module configured to run the application loaded herein in a constructed running environment; and a controlling module configured to execute a corresponding operation in the running environment according to a preset running configuration, and process a system call triggered by the application according to the operation herein. The present disclosure can thus ensure that data and applications are controlled and improve security.

Abstract: A method for data protection in a cloud-based service system is disclosed. The method includes the steps of: A. collecting historical operating data of storage devices in the cloud-based service system; B. building up a life expectancy model and a next-7-days failure probability model by the collected operating data; C. inputting operating data in the past 24-hours into the life expectancy model and the next-7-days failure probability model for every storage device to obtain ranges of expected lifespans in respective groups and corresponding failure probabilities; and D. backing up data in the storage devices according to the results of step C.

Abstract: Non-automated read-and-reply console messages may be automated. These messages may be classified into impact groups in which the messages may be removed from the database or sent to an automation analyzer for analysis. As more messages become automated, a debugging mode may be enabled to allow an operator to respond to a message with a proposed action. If the proposed action is aligned with an action predetermined in response to the automation analysis, the operator may be allowed to respond to future actions.

Abstract: A method for storage systems improvement includes collecting information that indicates one or more failure correlations for disks in a storage system. The disks are then separated into a plurality of virtual failure domains based on the indicated one or more failure correlations. The method then determines that all data objects of a set of redundant data objects are included in a first virtual failure domain. Responsive to determining that all data objects of the set of redundant data objects are included in the first virtual failure domain, the method then migrates at least one data object of the set of redundant data objects from a first disk in the first virtual failure domain to a second disk in a second virtual failure domain.

Abstract: In furtherance of providing uninterrupted network service, a data analyzer engine in a network environment aggregates real-time feedback from multiple resources that collectively provide delivery of content to multiple subscribers in a network environment. According to one arrangement, the multiple resources are disposed along a network communication path between a content delivery source and the subscriber. Based on analyzing the aggregated real-time feedback from the multiple resources disposed along the network communication path, assume that the data analyzer engine detects occurrence of multiple anomaly conditions at a location in the network communication path. Each of the anomaly condition may or may not be representative of an actual network resource failure. In response to detecting first occurrence of the anomaly conditions, the data analyzer engine initiates generation of a notification to appropriate network management personnel indicating the occurrence of the detected anomaly condition.

Abstract: A computer device includes hardware with a connected peripheral device such as a camera or a microphone. An operating system is configured to operate the peripheral device using a device driver and a representative device object. An agent is configured to apply security attributes to the device object which permit access from a primary user account while preventing direct access to the device object by a secondary user account in a sandbox. The agent may intercept requests made toward the device object, examine each request, and then satisfy the request, when the request is allowed, by selectively arranging access to the device object from the sandboxed secondary user account.

Abstract: Technologies are generally described for systems, devices and methods effective to monitor performance of a computing device. A computing device may receive a specified counting rate. The computing device may count at the specified counting rate to generate a sequence of counting numbers. The computing device may identify a first output of a process, such as results from computations performed on data, and may identify a first counting number when the first output is identified. The computing device may identify a second output of the process, such as additional results from the computations, and may identify a second counting number when the second output is identified. The computing device may then determine whether an alert should be generated based on the first and second counting numbers such as when a difference between the first and second counting numbers exceeds a threshold value.

Abstract: The monetization of downloadable files associated with a custodial host site based on resolving custodianship to a referrer publisher with subsequent presentation of monetized content within a modal overlay is disclosed. A request from a client device has a resource identifier and a referrer publisher identifier. The request for the downloadable file is evaluated against one or more publisher and custodianship policy rules, which relate to a file extension of the downloadable file, a format of the resource identifier, a custodial domain on which the downloadable file is stored, and a referral domain as specified in the referrer publisher identifier. When custodianship is resolved, a modal overlay on which monetized content is incorporated is presented on the client device. The modal overlay is concurrently displayed with the transfer of the downloadable file to the client device.

Abstract: An API call filtering system filters responses to API call requests received, via a network, from UEs. The API call filtering system is configured to require personalized API call requests wherein each API call (except for some minor exceptions) includes a unique UE identifier (“UEIN”) of the UE making the request. Using the UEIN, the web service or other service protected by the API call filtering system can be secured against excessive request iterations from a set of rogue UEs while allowing for ordinary volumes of requests of requests the UEs, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria.

Abstract: Methods for dynamically optimizing platform resource allocation of a logically-partitioned data processing system. Processor and memory resources are allocated to logical partitions of the data processing system. After allocating the processor and memory resources to the plurality of logical partitions, local and non-local memory accesses are monitored for the logical partitions. Based at least in part on the local and non-local memory accesses, a determination is made whether to reallocate the processor and memory resources of the logical partitions. Responsive to determining to reallocate the processor and memory resources, the processor and memory resources are dynamically reallocated to the logical partitions of the data processing system.

Abstract: Techniques are described for optimizing the placement of automatically generated rules within security policies. An administrator may, for example, interact with the graphical representation of rules rendered by the threat control module and, responsive to the interaction, the system may determine an optimal placement for the created rule in the list of rules for the identified security device based on either the existence of anomalies or threat IP data and/or advanced security parameters. In this way, the system allows administrators to configure rules with the most optimal sequence to detect threats.

Abstract: A method for employing a controlled-modification current time value is presented. In the method, the current time value is maintained. Also, requests for modification of the current time value are received. The requests are processed so that the requested modification associated with one of the requests is immediately incorporated into the current time value, and so that the requested modification associated with another one of the requests is not immediately incorporated into the current time value.

Abstract: According to one or more aspects, demand response (DR) management for an electric vehicle (EV) may be provided as follows. A current location and a destination location for the EV may be received. A determination as to whether the EV is eligible to participate in a DR event may be made. A travel route from the current location to the destination location may be analyzed to determine whether it is associated with a non-coverage area where a telematics control unit (TCU) of the EV has limited connectivity with an original equipment manufacturer (OEM) server. The DR signal may be transmitted as a DR request based on the EV having current coverage along the travel route and the EV travelling towards the non-coverage area such that an anticipated loss of signal or coverage may occur.

Abstract: Provided is a security device and method that protect a data processing system from various types of malicious code and prevent the divulgence of data and erroneous operation. The security device for a data processing system includes: an execution module configured to be called by a security loader when a stub file, including a security loader formed in a routine form and a stub composed of an original executable file, is executed, and to perform processing so that the original executable file restored from the stub by the security loader is executed; and a monitoring module configured to monitor the operation of the data processing system attributable to the execution of the restored original executable file.

Abstract: Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions.

Abstract: A method and system are provided for spare capacity usage for critical redundancy in storage arrays. The method may include monitoring a Redundant Array of Independent Disks (RAID) array to determine whether one or more redundancy units are at a critical level. A redundancy unit may be in a critical level when an additional drive failure will result in loss of data from the redundancy unit. The method may further include identifying available regions in the RAID array which are not allocated to user data in response to determining that a particular redundancy unit is critical. The method may further include determining an available region for the particular redundancy unit, where the available region is in a drive of the RAID array that does not contain data of the particular redundancy unit. The method may further include storing a critical stripe in the available region.

Abstract: According to one embodiment of the present invention, a system compares database transactions to corresponding performance information to identify conforming database transactions with an acceptable deviation from the performance information and outlier database transactions beyond the acceptable deviation from the performance information. The system aggregates information from a threshold quantity of conforming database transactions into an aggregated record, wherein the threshold quantity is dynamically adjusted, and generates a record for each outlier database transaction, wherein conditions for identifying the outlier database transactions are dynamically adjusted. Embodiments of the present invention further include a method and computer program product for managing database transactions in substantially the same manners described above.

Abstract: An on-demand disposable virtual work system that includes: a virtual machine monitor to host virtual machines, a virtual machine pool manager, a host operating system, a host program permissions list, and a request handler module. The virtual machine pool manager manages virtual machine resources. The host operating system interfaces with a user and virtual machines created with an image of a reference operating system. The host program permissions list may be a black list and/or a white list used to indicate allowable programs. The request handler module allows execution of the program if the program is allowable. If the program is not allowable, the host request handler module: denies program execution and urges a virtual machine specified by the virtual machine pool manager to execute the program. The virtual machine is terminated when the program closes.

Abstract: Disclosed herein are systems, devices, and methods related to assets and predictive models and corresponding workflows that are related to updating a routing table. In particular, examples involve based on a predictive model, determining that a given asset of a plurality of assets in a mesh network is likely to be unavailable within a given period of time in the future and in response to the determining, causing a routing configuration for at least one other asset in the mesh network to be updated.

Abstract: A system and method for optimizing the estimation and management of wear and replacement for an array of storage devices in a storage system is disclosed. An input/output workload is monitored over part of a service period for the array. An expected wear rate is determined, based on the workload and an endurance of the storage devices. A target wear rate is calculated for the service period and each of one or more contingency periods, based on the expected wear rate and a specified risk tolerance for each period. In response to determining that the expected wear rate exceeds the target wear rate calculated for at least one of the service period and the contingency period(s), an adjusted wear rate is calculated for the array of storage devices to match the target wear rate. A replacement schedule is generated for the array based on the adjusted wear rate.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for receiving an encrypted version of an obfuscated stack trace representing an error generated by error handling code of obfuscated code executed by a user device, the obfuscated stack trace having obfuscated code element names corresponding to deobfuscated code element names in a deobfuscated version of the code; decrypting the encrypted stack trace to generate an obfuscated stack trace; receiving an encrypted obfuscation log that maps obfuscated code element names of the obfuscated code executed by the user device to deobfuscated code element names in the deobfuscated version of the code; decrypting the encrypted obfuscation log to generate a decrypted obfuscation log; and generating a deobfuscated stack trace using the decrypted obfuscation log, the deobfuscated stack trace having deobfuscated code element names.

Abstract: According to one embodiment of the present invention, a system compares database transactions to corresponding performance information to identify conforming database transactions with an acceptable deviation from the performance information and outlier database transactions beyond the acceptable deviation from the performance information. The system aggregates information from a threshold quantity of conforming database transactions into an aggregated record, wherein the threshold quantity is dynamically adjusted, and generates a record for each outlier database transaction, wherein conditions for identifying the outlier database transactions are dynamically adjusted. Embodiments of the present invention further include a method and computer program product for managing database transactions in substantially the same manners described above.

Abstract: A flap detector can detect significant flapping with magnitudes of state deltas (i.e., differences between values representing events or states). The flap detector aggregates monotonic state deltas. Aggregating monotonic state deltas yields a magnitude of monotonic state deltas. A magnitude of a series of same direction state deltas can be considered the magnitude of flap because the end of the series corresponds to a beginning of a state delta series in a different direction. When directional transition occurs (i.e., flapping occurs), the flap detector generates multiple monotonic state delta magnitudes. The determined magnitudes can be used to filter out insignificant flapping that could be considered noise.

Abstract: A system virtualizes applications on a managed endpoint using containers. A managed endpoint receives a virtualized container from an IT automation appliance. The virtualized container includes an application and a virtualization module. The virtualization module includes computer program instructions for virtualizing the application. An operating system API call made by the application during execution is intercepted, and a portion of the computer program instructions are executed based on the operating system API call. The computer program instructions modify the behavior of the application to effect the file and data virtualization of the application. A virtualized container can be deployed and updated from an IT automation appliance along with an agent to support the deployment and updating of the virtualized container.

Abstract: Application programming interface (API) hooks are injected into an application program executing at a client during run-time. Responsive to these hooks, data intended for encryption prior to transmission from the client is diverted, for example for content filtering, compression, etc., prior to being encrypted. In the case of encrypted data received at the client, the data is decrypted but before being passed to the application it is diverted, under control of the API hooks, for content filtering, decompression, etc.

Abstract: Non-automated read-and-reply console messages may be automated. These messages may be classified into impact groups in which the messages may be removed from the database or sent to an automation analyzer for analysis. As more messages become automated, a debugging mode may be enabled to allow an operator to respond to a message with a proposed action. If the proposed action is aligned with an action predetermined in response to the automation analysis, the operator may be allowed to respond to future actions.

Abstract: A system and a method are disclosed for stack trace clustering. In one example, the method includes receiving a first stack trace and a second stack trace, normalizing, by a processing device, the first and second stack traces, determining a distance between the normalized first and second stack traces, and determining whether the normalized first and second stack traces are equivalent based on the determined distance.

Abstract: A method of facilitating access to a promotional offer, the method comprising: receiving at a server system a page request from a client device; and sending program code executable in a browser application to the client device in response to the page request, the program code being executable to display at least one promotional offer and a promotional code, to provide a flash object at a display position of the promotional code and, in response to selection of the flash object, to cause the promotional code to be copied to a user-accessible memory of the client device and to open a new browser display of the browser application.

Abstract: A computer-implemented method for applying data-loss-prevention policies. The method may include (1) maintaining a list of applications whose access to sensitive data is controlled by data-loss-prevention (DLP) policies, (2) detecting an attempt by a process to access sensitive data, (3) determining that the process has a parent-child relationship with an application within the list of applications, and (4) applying, based at least in part on the determination that the process has the parent-child relationship with the application, a DLP policy associated with the application to the process in order to prevent loss of sensitive data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method for managing a configuration of an electronic system having a plurality of locations configured to receive hardware units is disclosed. The method may include receiving hardware unit parameters corresponding to hardware units currently installed and pending installation in the electronic system and retrieving configuration data for the electronic system. The method may also include generating a plurality of hardware unit times to failure (TTFs) for the plurality of locations by applying, to a failure prediction model, the hardware parameters for hardware units currently installed and pending installation and the configuration data for the electronic system. The method may also include using a selection criteria to select the plurality of hardware unit predicted TTFs corresponding to the plurality of locations and reporting at least one recommended hardware unit installation location from the plurality of locations within the electronic system.