Abstract: Disclosed are systems, methods, and non-transitory computer-readable media for a device arrangement to derive unknown portions of a communication data scheme. A proxy node is established in a communication path between two nodes configured to transmit communications according to a communication bus standard. The communication data included in the communications transmitted between the nodes conforms to a communication data scheme. The proxy node logs communications transmitted between the nodes via the communication path, resulting in a communication log. The communication log can then be used to derive unknown portion of the communication data scheme, such as commands for requesting specified data types and the data format for transmitting data of specified data types.

Abstract: A method for time sensitive network (TSN) operation includes: in the case of data traffic stoppage in a communication channel of TSN due to at least one of down time of a user plane (UP) connection and a reset of the UP connection, performing the following: generating, by a user plane function (UPF), an audit report about the at least one of the down time and the reset; sending, by the UPF, the audit report to a first element in control plane (CP), without waiting for communication from the CP; and determining, by one of the first element or a second element in the CP, survival time of the communication channel. The audit report is sent along with a report type indicating the down time of the UP connection due to connection fluctuation or a switch-over of the UP connection from a primary UPF to a back-up UPF.

Abstract: A method of migrating an application to a container platform includes the steps of: installing a first agent that collects information about the application; detecting information about a first process of the application, wherein the detected information about the first process is received from the first agent; and based on the detected information about the first process, generating a container file including instructions for building a first container that executes the first process and a deployment file for deploying the first container for execution on the container platform.

Abstract: The present disclosure relates to systems and methods that enhance multivariate testing of interface variants by intelligently allocating network traffic to increase the speed at which samples sizes reach statistical significance. More particularly, the present disclosure relates to systems and methods that intelligently select interface variants to test against a control interface in a manner that efficiently reduces the uncertainty of sample sizes (e.g., the variance of the sample mean), thereby reaching statistical significance quicker.

Abstract: A computer-implemented method is disclosed. The method includes: obtaining, by a server, a value for at least one performance metric associated with a first online service; detecting a service modification event for the first online service; identifying, by the server, a second online service; obtaining historical service modification events data for the second online service; comparing changes in the value for the at least one performance metric resulting from the service modification event for the first online service to changes in performance metric values resulting from historical service modification events for the second online service; determining that the service modification event is associated with an unanticipated performance change for the first online service based on the comparing; and providing an indication identifying the service modification event as being associated with the unanticipated performance change for the first online service.

Abstract: A system and a method for testing broadband internet connectivity are disclosed. The system contains a monitoring device electrically connected with a router, at least one remote server configured to communicate with the monitoring device through the router, wherein the monitoring device is configured to run one or more tests to determine one or more parameters of the internet connection between the monitoring device and the at least one remote server.

Abstract: A method and system for policy driven vulnerability management of a network equipment of an enterprise. A plurality of routes delivers services to a plurality of end user devices through the system. A plurality of vulnerabilities associated with the end user device, and a plurality of policies associated with the plurality of vulnerabilities is identified. Remediation for the plurality of vulnerabilities is determined based on the plurality of policies. The plurality of policies is based on a cloud service selected from the end user device, a tenant, and a role associated with the end user device. A route corresponding to the plurality of policies and the cloud service is identified. The remediation of the vulnerabilities is performed by upgrading the plurality of vulnerabilities based on the plurality of policies and the cloud service is provided to the end user device via the route based on the plurality of policies.

Abstract: There are provided systems and methods for dynamic node insertion of secondary services for high-availability during main decision failure at runtime. A service provider, such as an electronic transaction processor for digital transactions, may utilize different decision services that implement rules and/or artificial intelligence models for decision-making of data including data in production computing environment. A main decision service may normally be used for data processing and decision-making. However, at certain times, the main decision service may fail, such as if a data processing node fails to process data or times out while processing a data processing request, such as during electronic transaction processing. During this runtime, a dynamic injection processor may dynamically inject a node that performs a call to a secondary service to process the data on behalf of the node and/or main decision service so that a response is provided to the data processing request.

Abstract: In a computer network monitored for security threats, security incidents corresponding to groups of mutually related security alerts may be ranked based on values of a diversity metric computed for each incident from attribute values of an attribute, or multiple attributes, associated with the security alerts. In some embodiments, values of attribute-specific sub-metrics are determined for each incident and combined, e.g., upon conversion to p-values, into respective values of the overall diversity metric. Based on the ranking, an output may be generated. For example, a ranked list of the security incidents (or a subset thereof) may be communicated to a security administrator, and/or may trigger an automated mitigating action.

Abstract: A system, method, and computer-readable medium for performing a data center monitoring and management operation. The data center monitoring and management operation includes: entering a data center management mode, the data center management mode enabling a data center administrator user to selectively provide access to a subset of information available for use by the administrator user; determining whether to provide a designated user access to the subset of information; creating a monitoring console instance, the monitoring console instance providing the designated user access to the subset of information; and, enabling the designated user to access the monitoring console instance.

Abstract: Systems and methods for secure resource management are provided. A secure resource management system receives from a client computing system associated with a resource provider a query for classifying a resource user associated with the resource provider. The secure resource management system determining a set of resource abuser criteria for classifying the resource user as a resource abuser. The secure resource management system determines that the resource user is a resource abuser or a potential resource abuser based on the set of resource abuser criteria and a resource transaction history associated with the resource user. Based on determining that the resource user is a resource abuser or a potential resource abuser, the secure resource management system generates and transmits a response to the query to the client computing system. The response can be used to restrict or deny access to the resource by the resource user.

Abstract: A system can, in response to receiving first monitoring data for a first computing system from a first collector, associate the first computing system with a first cluster of a group of clusters that corresponds to the first collector. The system can, in response to receiving second monitoring data for the first computing system from a second collector, and in response to determining that a first similarity value between the first computing system and the first collector is less than a second similarity value between the first computing system and the second collector, change an association of the first computing system from the first cluster to a second cluster of the group of clusters that corresponds to the second collector. The system can, in response to changing the association, store third monitoring data for the first computing system that is received from the second collector.

Abstract: A redirection of a URL page request may be performed by monitoring an upstream path from a subscriber to the internet through an ISP. When a URL page request is detected from a subscriber for whom a redirection is required, a redirection device generates a single TCP packet response that mimics a response from the intended destination server. The single TCP packet includes a set FIN bit that closes any active session with the destination server to prevent the subscriber from accepting packets from the destination server.

Abstract: In an example embodiment, information about an interaction by a user, via the graphical user interface, with an item rendered in the graphical user interface, is obtained from a graphical user interface. The information includes a session identification corresponding to a networking session in which the interaction occurred and an item identification corresponding to the item interacted with. Then k hash functions are applied to a combination of the session identification and the item identification, producing k indexes. Values of bits corresponding to the k indexes in a bloom filter stored in a non-volatile memory are determined. In response to a determination that the values of bits corresponding to the k indexes are all set to one, a session counter corresponding to the item identification is incremented.

Abstract: Methods for one click monitors in impact time detection for noise reduction in at-scale monitoring are performed by systems and devices. The methods automatically configure time window sizes and numbers of consecutive time windows for optimally detecting system alerts in at-scale systems and per dimension combinations, including updating settings over time to adapt to changing system behaviors. The past behavior of system performance metrics are analyzed to match configuration options and determine a best fitting or optimal combination of a highest detection accuracy in lowest time to detect for alerting. Optimal monitoring configurations are determined for each of up to hundreds of thousands of the metric dimensions across the system, and an end user is enabled to apply the determined, optimal configurations for system monitoring with a single selection.

Abstract: A computing system including a processor configured to receive packet preamble binary data and packet header binary data associated with a satellite. The processor may generate a simulated signal that encodes the packet preamble binary data and the packet header binary data. The processor may receive a satellite downlink signal. Within each of a plurality of sample intervals of the satellite downlink signal, the processor may compute a respective correlation between the satellite downlink signal and at least a portion of the simulated signal. The processor may select an identified sample interval of the plurality of sample intervals based at least in part on the plurality of correlations. The processor may decode binary satellite signal data based at least in part on the identified sample of the satellite downlink signal. The processor may output the binary satellite signal data.

Abstract: In a storage system, a failover time is shortened while avoiding erroneous detection of a node failure according to network quality. The storage system includes a plurality of storage nodes having processors; a data storage device; the plurality of storage nodes having the processors for processing data to be input to and output from the storage device; and a network for connecting the plurality of storage nodes, wherein the plurality of storage nodes monitors the operation status of each other to perform node failure detection for determining the occurrence of a failure of the storage node on the basis of a time-out value, performs a failover process in which one of the other storage nodes takes over the process of the storage node when the failure occurs in the storage node, and adjusts the time-out value on the basis of the status of the network between the storage nodes.

Abstract: Aggregating user access privileges across various third-party data sources and intelligently managing query request quotas delegated by the data sources to users having access privileges. Query requests are received from users and in response determining that the user (i) has been granted access privileges to an identified data source responsive to the query and (ii) has available query requests from their specific allocated amount of query request quota, the query request is authorized for submission to the data source that is responsive to the query. Intelligent management of query request quotas includes determining query request quota allotments for each user including adjusting query request quotas when users have been identified as requiring an increase or decreasing in quota allotment.

Abstract: The disclosure relates to an analysis device configured to communicate with at least one node of an infrastructure of a distributed database via the communication interface in order to obtain authorization to detect intrusion of a computer system. The analysis device is also configured to detect, depending on whether the authorization is obtained, intrusion of the computer system based on an analysis of log messages of the computer system.

Abstract: Herein, a computer generates and evaluates many preprocessor configurations for a window preprocessor that transforms a training timeseries dataset for an ML model. With each preprocessor configuration, the window preprocessor is configured. The window preprocessor then converts the training timeseries dataset into a configuration-specific point-based dataset that is based on the preprocessor configuration. The ML model is trained based on the configuration-specific point-based dataset to calculate a score for the preprocessor configuration. Based on the scores of the many preprocessor configurations, an optimal preprocessor configuration is selected for finally configuring the window preprocessor, after which, the window preprocessor can optimally transform a new timeseries dataset such as in an offline or online production environment such as for real-time processing of a live streaming timeseries.

Abstract: A registration request is transmitted to register a media device with a server, the registration request comprising a device identifier associated with the media device. A discovery request is caused to be issued to allow client devices previously registered with the server and connected to the first network to discover the media device, wherein the discovery request is to cause at least a subset of the client devices previously registered with the server and connected to the first network to initiate discovery of the media device without requesting permission from a user of a respective client device to initiate the discovery of the media device, wherein the at least the subset of the client devices includes two or more client devices each associated with an auto-connect status.

Abstract: A control device for controlling a vehicle provided with a power supply function for a user includes a control unit that causes a light of the vehicle to blink under a certain condition when a power outage is detected.

Abstract: A first example network security platform disclosed herein is to store a cryptographic session key from a server, the cryptographic session key associated with an encrypted network traffic flow between the server and a client different from the first network security platform. This disclosed first example network security platform is also to access a query from a second network security platform requesting the cryptographic session key, and generate a response including the cryptographic session key to send to the second network security platform.

Abstract: The present application disclose a method and a device for detecting and correcting abnormal scoring of peer reviews, which includes: converting collected scoring data into a two-dimensional matrix and preprocessing the data; determining the anomaly of the processed structured data with a one-way anomaly detection method, a consistency check method and a two-way anomaly detection method, and classifying the detected abnormal data into an abnormal data set; repairing the abnormal data for the abnormal data set with an information entropy correction method; generating an ability evaluation report according to the abnormal data set, performing weighed averaging on the corrected scoring data according to the scoring weights of reviewers in the ability evaluation report to obtain a final scoring result, and generating an abnormal scoring correction report. The present application can effectively detect the abnormal phenomenon of peer reviews in the performance appraisal of enterprise personnel.

Abstract: Techniques for an ontology-based approach for modeling service dependencies in a provider network. The approach is flexible and extensible to different provider network SOA systems and not limited to a particular provider network or a particular SOA system. The approach can be used to model an entire SOA system or selected portion thereof and from different perspectives. In some examples, the approach uses an ontology represented using a Web Ontology Language (OWL). In some examples, the ontology is used to identify service dependencies and relationships in a knowledge base that is populated based on operational data collected in the provider network environment.

Abstract: Disclosed herein are methods, systems, and processes to perform passive and realtime software identification and data collection for vulnerability management. Vulnerability management based on agent-collected event data involves monitoring a process start event associated with an application executing on a computing device that is part of a network, identifying a binary location of the process start event, and based on the binary location, identifying a software type of the application and a version of the software type. Vulnerability management based on event data in logs involves monitoring the process start event for configuration or file changes, generating fingerprint rules by mapping the configuration or files changes and the process start event associated with a software installation or an upgrade of the software, and processing log data to fingerprint the software type and the version of the software type.

Abstract: Methods, systems, and media for managing notifications directed to multiple applications installed on a user device are provided. In some embodiments, a method for managing notifications is provided, the method comprising: receiving, using a hardware processor, a first notification for a first application; determining a first user device associated with the first application; receiving a second notification for a second application; determining a second user device associated with the second application; determining that the first user device and the second user device are the same device; determining that the first notification and the second notification are corresponding notifications; determining that the first notification has priority over the second notification; sending the first notification to the first user device upon determining that the first notification has priority over the second notification; and inhibiting the second notification from being sent to the first user device.

Abstract: Recommending changes to a storage system, including: identifying, using predicted characteristics of one or more workloads executing on the storage system, one or more configuration changes to the storage system that would improve the operation of the storage system; selecting, from the one or more configuration changes to the storage system that would improve the operation of the storage system, a preferred configuration change; and recommending the preferred configuration change.

Abstract: A user equipment (UE) or other device performs service discovery of edge computing resources in a cellular network system and dynamic offloading of UE application tasks to discovered edge computing resources. As part of the discovery process, the device (e.g., the UE) may request edge server site capability information. When performing dynamic offloading, the UE may obtain (collect and/or receive) information regarding channel conditions, cellular network parameters or application requirements and dynamically determine whether a task of the application executing on the UE should be offloaded to an edge server or executed locally on the UE. In making decisions between offloaded or local execution, the UE may use a utility function that takes into account factors such as relative differences in application latency, energy consumption and offloading cost.

Abstract: A system for managing responders acquiring medical equipment and responding to an emergency medical event includes mobile devices associated with responders; a computer aided dispatch (CAD), and an equipment/responder management system communicatively coupled to the mobile devices and CAD and configured to receive an event location from the CAD, retrieve medical equipment locations from a database, receive responder locations from the mobile devices, send the event and equipment locations to a first mobile device, generate an activity log for the event including first responder status information based on the responder location, the event and medical equipment locations, send the activity log to the first mobile device, send the event location and the medical equipment locations to a second mobile device, update the activity log with second responder status information based on the responder, event and medical equipment locations, and send the activity log to the mobile devices.

Abstract: A technique for anticipating impacts on service levels of one or more services provided to a User Equipment, UE, while the UE moves along a planned route is disclosed, wherein each of the one or more services is provided to the UE using a network slice in a network slicing based mobile communication system. A method implementation of the technique is performed by an anticipation component and comprises receiving (S202) a service level anticipation request for the planned route of the UE, triggering (S204) determining an expected impact on the service levels of the one or more services at one or more locations of the planned route, and triggering (S206) sending a response to the service level anticipation request including information on the expected impact on the service levels.

Abstract: A system management device manages a monitored system. When a performance failure occurs in the monitored system, the system management device creates a plurality of countermeasures for the performance failure. The system management device evaluates, for each of the plurality of countermeasures, the influence of the countermeasure on the execution of a job having an execution deadline associated with the countermeasure. The system management device selects the countermeasure to be executed on the monitored system from out of the plurality of countermeasures based on the evaluation results.

Abstract: A method for locating performance problems in a network comprising associating one or more metadata to a plurality of monitored objects, collecting performance data from the plurality monitored objects to create a correlation of the performance data across two or more monitored objects matching predetermined set of metadata. Displaying said correlation on a map representing a plurality of devices, wherein said correlation can be used to isolate one or more devices impacting said performance data.

Abstract: An interface display method and an electronic device are provided. The method includes receiving a first input by a user in a case that a first interface of a first application is displayed, displaying a second interface including a target list in response to the first input, receiving a second input by the user for N members in the target list, and displaying a third interface in response to the second input. The target list of the second interface includes at least one of the following: a member list of at least one group in the first application or a contact list in at least one address book in the first application. In a case that the target list is a member list of the first group, the third interface is a group chat interface.

Abstract: An edge platform of a building communicatively coupled to a cloud system, the edge platform including one or more memory devices having instructions stored thereon and one or more processors executing the instructions causing the one or more processors to receive an event from a piece of building equipment of the building, the event indicating a data value associated with the piece of building equipment occurring at a particular time, identify contextual data of a data structure that provides a contextual description of the event, generate an enriched event by enriching the event with the contextual data, the enriched event including the data value, the particular time, and the contextual data, and communicate the enriched event to the cloud system configured to operate based on the enriched event.

Abstract: The subject disclosure relates to methods for making user activity recommendations. In some aspects, a process of the technology can include operations for receiving a free-to-play indication, the free-to-play indication specifying availability of a user associated with a media system, retrieving, via the network interface, peer information indicating an availability of one or more online peers of the user, and retrieving, via the network interface, activity information indicating one or more activities available to the user, and at least one of the online peers. In some aspects method can further include operations for providing an activity recommendation to the user based on the peer information and the activity information, wherein the activity recommendation includes a suggestion of at least one activity that can be conducted by the user with the media system. Systems and computer-readable media are also provided.

Abstract: Example methods, apparatus, systems and articles of manufacture to determine synthetic total audience ratings are disclosed. Disclosed example apparatus are to access census data including census viewing statements associated with media content presented by census devices, access panel data including panelist viewing statements associated with media content presented by panel devices, the panel data including weights to represent numbers of individuals to be represented by corresponding panelists, determine scores representing similarities between ones of a first group of census devices determined to having matching panel devices in the panel data and ones of a second group of census devices determined to be unmatched in the panel data, and assign the census devices to the panel devices based on the scores and the weights.

Abstract: A method and system for protecting cloud-hosted applications against application-layer slow DDoS attacks are provided. The system include a processing circuitry; and a memory connected to the processor, the memory contains instructions that when executed by the processing circuitry, configure the system to: collect telemetries from a plurality of sources deployed in a plurality of public cloud computing platforms, wherein each of the plurality of public cloud computing platforms hosts an instance of a protected cloud-hosted application; provide a set of rate-based and rate-invariant features based on the collected telemetries; evaluate each feature in the set of rate-based and rate-invariant features to determine whether a behavior of each feature and a behavior of the set of rate-based and rate-invariant features indicate a potential application-layer slow DDoS attack; and cause execution of a mitigation action, when an indication of a potential application-layer slow DDoS attack is determined.

Abstract: System and methods are provided for encoding and encrypting DNS labels with content metadata and client metadata. A client computing device transmits a DNS query for the encoded domain name. A DNS server receives the encoded domain name and decrypts and decodes the domain name label. The DNS server uses the decrypted and decoded client and content metadata to make a routing decision to select a particular point of presence (PoP). The DNS server sends, to the client computing device, a DNS reply with the Internet Protocol (IP) address of the selected PoP. The client computing device requests content from the PoP identified by the provided IP address.

Abstract: A system and method for configuring a web application firewall (WAF) is provided. The method includes continuously receiving requests related to a first WAF, each request indicative of network traffic directed to a web application protected by the WAF; enriching each received request by associating each event with information from an enrichment source; periodically analyzing the enriched requests; generating at least one network traffic rule based on periodically generated analysis; and configuring at least a second WAF to perform the network traffic rule.

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums are described for machine learning-based techniques for identifying a deployment environment in which computing resources (e.g., servers, virtual machines, databases, etc.) reside and for enhancing security for the identified deployment environment. For instance, usage data is collected from the computing resources. The usage data is featurized and provided to a machine learning-based classification model that determines a deployment environment in which the computing resources reside based on the featurized usage data. Once the deployment environment is identified, a security policy that is applicable for the identified deployment environment is determined. The security policy specifies a plurality of recommended security settings that should be applied to the computing resources included in the identified deployment environment. The recommended security settings may be provided to the user (e.g.

Abstract: Systems and computer-implemented methods and systems for modifying information in a document file are disclosed. An example computer-implemented method for modifying information in a document file includes: receiving a first text string; opening a file corresponding to the first text string, the file including binary data and text data; reading the text data; detecting a file location identifier in the text data; replacing a portion of the file location identifier with a second text string based on the first text string; and closing the file.

Abstract: System and methods discussed for automatically optimizing application and notification delivery based on user preferences and historical application usage. Applications that a user is likely to want to use at the present time or in the near future are displayed in an organizationally distinct way in an application catalog so they are easy to find and are pre-loaded on an application delivery server so they are available with minimal system lag caused by application loading processes. Application notifications are also optimized such that notifications that are likely to be relevant to users at the current time are identified and presented to them in an organizationally distinct way.

Abstract: Techniques described herein are directed to application(s), or parts thereof, that are embedded into a buyer application. In an example, engagement with a buyer application on a computing device of a buyer can be detected. A particular, discrete functionality of a merchant application of the merchant can be triggered to be initialized in response to the engagement and the particular, discrete functionality associated with the merchant application can be accessed. In an example, an indication of a transaction between the merchant and the buyer can be received and the indication of the transaction can be associated with stored activity data of one or more transactions of the buyer, wherein the one or more transactions are associated with the buyer application.

Abstract: Some embodiments provide a method for clustering a set of data compute nodes (DCNs), which communicate with each other more frequently, on one or more host machines. The method groups together guest DCNs (GDCNs) that (1) execute on different host machines and (2) exchange network data among themselves more frequently, in order to reduce interhost network traffic. The more frequently-communicating GDCNs can be a set of GDCNs that implement a distributed application, GDCNs of a particular tier in a multi-tier network architecture (e.g., a web tier in a three-tier architecture), GDCNs that are dedicated to a particular tenant in a hosting system, or any other set of GDCNs that exchange data among each other regularly for a particular purpose.

Abstract: Systems and methods are described herein for controlling mobile devices with user equipment devices. A user equipment device may detect a mobile device is within a predetermined proximity to the user equipment device by establishing a bi-directional communication. The user equipment device may determine an input/output option of the mobile device. The input/output option may be a microphone, a cellular Internet connection, a camera, or any other sensor and/or actuator of the mobile device. The user equipment device may generate for display an icon corresponding to the input/output option of the mobile device.

Abstract: Systems and methods are provided for providing a clustering solution and a Virtual Router Redundancy Protocol (VRRP) platform for a branch deployment of at least a first gateway and a second gateway. The VRRP platform can be associated with a VRRP Internet Protocol (IP) address and the first gateway configured as a VRRP master. A change in an operational status of the first gateway can be determined with the clustering solution. The second gateway can be caused to be configured, with the clustering solution, as a new VRRP master. Network traffic associated with the VRRP Internet Protocol (IP) address can be received. The second gateway can be caused to forward the network traffic.

Abstract: A scenario execution system includes a scenario execution terminal, a log management device, and a storage device. The scenario execution terminal includes a scenario execution unit and an event notification unit. The scenario execution unit executes a scenario file having a scenario indicating a procedure of operations in the scenario execution terminal described therein. The event notification unit notifies the log management device of information on an event generated by the scenario execution unit executing the scenario file. The log management device includes a log recording unit that receives the information on the event from the scenario execution terminal and records log data having the received information on the event set therein on the storage device. The storage device adds, to the log data, information uniquely generated on the basis of log data recorded before such log data and stores resultant log data.

Abstract: The technology described herein reduces control-plane overloading by transferring UEs from the overloaded control plane to another available control plane. At a high level, the technology identifies when a control plane is overloaded, identifies other available control planes in a geographic area served by the overloaded control plane, and then identifies UEs for transfer using one or more criteria. Initially, a measure of control-plane performance for a control plane is received. Next, a determination is made that the control plane is overloaded by comparing the measure of control-plane performance to an overload threshold. When an overload condition exists for a control plane, then UEs with existing communication sessions using the control plane are identified for transfer.

Abstract: Advancing beyond Interpretability and explainability approaches that may uncover what a Deep Neural Network (DNN) models, i.e., what each node (cell) in the network represents and what images are most likely to activate the model provide a mimicked type of learning of generalization applicable to previously unseen samples. The approach provides an ability to detect and circumvent adversarial attacks, with self-verification and trust-building structural modeling. Computing systems may now define what it means to learn in deep networks, and how to use this knowledge for a multitude of practical applications.