In some embodiments, a processor can receive an input string associated with a potentially malicious artifact and convert each character in the input string into a vector of values to define a character matrix. The processor can apply a convolution matrix to a first window of the character matrix to define a first subscore, apply the convolution matrix to a second window of the character matrix to define a second subscore and combine the first subscore and the second subscore to define a score for the convolution matrix. The processor can provide the score for the convolution matrix as an input to a machine learning threat model, identify the potentially malicious artifact as malicious based on an output of the machine learning threat model, and perform a remedial action on the potentially malicious artifact based on identifying the potentially malicious artifact as malicious.

An information processing system acquires biological information of a target and generates output information determined in correspondence with identification information using the identification information associated with the biological information. Then, the output information is output.

Embodiments described herein provide a causality-based anomaly detection mechanism that formulates multivariate time series as instances that do not follow the regular causal mechanism. Specifically, the causality-based anomaly detection mechanism leverages the causal structure discovered from data so that the joint distribution of multivariate time series is factorized into simpler modules where each module corresponds to a local causal mechanism, reflected by the corresponding conditional distribution. Those local mechanisms are modular or autonomous and can then be handled separately. In light of this modularity property, the anomaly detection problem then naturally decomposed into a series of low-dimensional anomaly detection problems. Each sub-problem is concerned with a local mechanism.

In an embodiment, the disclosed technologies include identifying a content item of a first digital data source as a candidate for linking with a target entity of a second digital data source by matching a candidate entity mentioned in the content item to the target entity in accordance with semantic similarity data computed between the candidate entity and the target entity; inputting at least one feature of the content item and at least one feature of the target entity to a set of digital models that analyze the at least one feature of the content item and the at least one feature of the target entity and determine and output qualitative data; based on the qualitative data, determining link risk data; based on the link risk data and the semantic similarity data, and determining whether to generate a link between the content item and the target entity.

Technology for a device operable for secured user access is described. The technology can comprise one or more processors. The device can be configured to identify an intruder indicator, wherein the intruder indicator can indicate that an intruder has been detected in a proximity of either the local device or a remote device in communication with the local device. The device can be configured to activate one or more privacy filters at the local device. The device can be configured to encode data based on the one or more privacy filters.

Embodiments disclosed herein provide systems, methods and computer readable media for generating remote views in a virtual mobile device platform. A virtual mobile device platform may be coupled to a physical mobile device over a network and generate frames of data for generating views on the physical device. These frames can be generated using an efficient display encoding pipeline on the virtual mobile device platform. Such efficiencies may include, for example, the synchronization of various processes or operations, the governing of various processing rates, the elimination of duplicative or redundant processing, the application of different encoding schemes, the efficient detection of duplicative or redundant data or the combination of certain operations.

Embodiments of systems and methods for methods for the intelligent orchestration of video or image mirroring using a platform framework are described. In some embodiments, an Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to: receive a notification, via a platform framework, of a communication session; and in response to the notification, apply a video or image mirroring operation, via the platform framework, to at least a portion of content shared during the communication session.

Techniques for securing displayed data on computing devices are disclosed. One example technique includes upon determining that the computing device is unlocked, capturing and analyzing an image in a field of view of the camera of the computing device to determine whether the image includes a human face. In response to determining that the image includes a human face, the technique includes determining facial attributes of the human face in the image via facial recognition and whether the human face is that of an authorized user of the computing device. In response to determining that the human face is not one of an authorized user of the computing device, the technique includes converting user data on the computing device from an original language to a new language to output on a display of the computing device, thereby securing the displayed user data even when the computing device is unlocked.

User interface (UI) manipulation techniques are disclosed that can allow a user device to hide and obscure sensitive information displayed on a flexible, foldable, or otherwise reconfigurable display from onlookers whilst maintaining or improving its accessibility exclusively to the primary user. Examples of the disclosed techniques can manipulate the UI in a way such that it is largely only viewable as intended when the user device is physically configured to a certain folding angle (and/or viewing angle). In some examples, the UI can be customized such that it promotes a certain device configuration (e.g., folding angle) that can provide an optimum security configuration for the user's current surroundings. The UI displayed on the display screen can change in form factor (e.g., an intended size as viewed by the user) to adapt to the current surroundings and/or based on the sensitivity in the displayed content.

A computer device for routing communications from a low-trust domain to a high-trust domain is provided. The computer device includes a first processor and a second processor. The first processor is programmed to receive a packet from the low-trust domain to be transmitted to the high-trust domain and compare the source address to a white list of source addresses. If the source address matches the white list, the first processor is programmed to compare the message to one or more messaging requirements. If the message meets the one or more messaging requirements, the first processor is programmed to write the message to a memory. The second processor is programmed to read the message from the memory and compare the message to a plurality of stored values. If the message matches the plurality of stored values, the second processor is programmed to act upon the message.