Various implementations disclosed herein include devices, systems, and methods for per-pixel filtering. In some implementations, a method includes obtaining an image data frame. In some implementations, the image data frame includes a plurality of pixels. In some implementations, the method includes generating a respective pixel characterization vector for each of the plurality of pixels. In some implementations, each pixel characterization vector includes an object label indicating an object type that the corresponding pixel of the plurality of pixels represents. In some implementations, the method includes modifying corresponding pixel data of the plurality of pixels having a first object label. In some implementations, the method includes synthesizing a first modified image data frame that includes modified pixel data for the plurality of pixels having the first object label and unmodified pixel data for the plurality of pixels not having the first object label.

User authentication is performed using a camera to capture the user's identifying information (such as facial features) but the camera remains concealed until needed, thereby eliminating (or at least reducing) anxiety and privacy concerns. For example, the camera, when unneeded for authentication, may be hidden behind a retractable shutter or “smart” barrier that can change its state from translucent to transparent and vice versa.

Various embodiments are provided for automated evaluation of machine learning models in a computing environment by one or more processors in a computing system. A level of robustness of a machine learning model against adversarial whitebox operations may be evaluated and determined by applying a data set used for testing the machine learning model, one or more adversarial operation objectives, an adversarial threat model, and a selected number of hyperparameters. Results from the adversarial operation may be analyzed and a modified machine learning model may be generated while performing the evaluating and determining.

There is provided an apparatus including input circuitry that receives input data. Output circuitry outputs a sequence of instructions to be executed by data processing circuitry, at least some of the instructions being grouped into functions and generation circuitry performs a generation process to generate the sequence of instructions using the input data. The generation process causes at least one of the instructions in the sequence of instructions to store a state of control flow speculation performed during execution of the sequence of instructions and the stored state of control flow speculation is maintained between the functions.

Methods and apparatus consistent with the present disclosure may use instrumentation code that remains transparent to an application program that the instrumentation code has been injected into. In certain instances, data sets that include executable code may be received via packetized communications or be received via other means, such as, receiving a file from a data store. The present technique allows a processor executing instrumentation code to monitor actions performed by the program code included in a received data set. Malware may be detected by scanning suspect program code with a malware scanner, malware may be detected by identifying suspicious actions performed by a set of program code, or malware may be detected by a combination of such techniques.

A network communication stack running on relational processing circuitry performs control and maintenance actions on records from a database server managed by repository control circuitry. The database interaction layer of the communication stack accesses the records on the database server. The database interaction layer passes the accessed records to the data processing layer for parsing and storage as tabular entries. An operator may perform manipulations on the tabular entries using a command interface generated by the command layer of the communication stack using locally-defined interface parameters that are independent of characteristics of the database server. The data processing layer recompiles manipulated entries into an altered record. The database interaction layer sends the altered record back to the database server.

Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree. The first device then sends the validator to the second device.

A computer-implemented method for generating a secured software application, involves receiving a source software application which has instructions for processing by a process virtual machine. The method involves generating a secured software application comprising a first set of bytecode instructions derived from the source software application, a second set of the bytecode instructions derived from the source software application, and a security component. The first set of bytecode instructions are for processing on a first process virtual machine, in a first process, on a target processing system. The security component comprises instructions which, when executed on the target processing system, will cause the target processing system to provide a second process virtual machine in a second process where it will process instructions from the second set of bytecode instructions.

A non-transitory storage medium stores instructions readable and executable by a first computer (14) to perform an image processing method (100, 200, 400). The method includes: encrypting image data portions to generate encrypted image data portions; transmitting the encrypted image data portions from the first computer to a second server (16) different from the first computer; decrypting encrypted processed image data portions received at the first computer from the second server to produce processed image data portions and generating a processed image from the processed image data portions; and controlling a display device (24) to display the processed image or storing the processed image in a database (30).