Systems and methods for managing content provenance are provided. A network system accesses a plurality of documents. The plurality of documents is then hashed to identify one or more content features within each of the documents. In one embodiment, the hash is a MinHash. The network system compares the content features of each of the plurality of documents to determine a similarity score between each of the plurality of documents. In one embodiment, the similarly score is a Jaccard score. The network system then clusters the plurality of documents into one or more clusters based on the similarity score of each of the plurality of documents. In one embodiment, the clustering is performed using DBSCAN. DBSCAN can be iteratively performed with decreasing epsilon values to derive clusters of related but relatively dissimilar documents. The clustering information associated with the clusters are stored for use during runtime.

Systems and methods for graph embedding already-collected but not yet connected data are disclosed. A method includes extracting a first set of actor-related data, a second set of object-related data, and a third set of temporal data from a set of the already-collected but not yet connected data representative of a unit-level contribution to the target activity. The method further includes generating graph data for at least one graph having a plurality of nodes and a plurality of edges using the set of the already-collected but not yet connected data, where each of the plurality of nodes corresponds to the actor or the object, and where an attribute associated with each of the plurality of edges corresponds to a measurement associated with the target activity during a temporal dimension of interest. The method further includes converting the graph data into metric space data using a graph embedding process.

Described are methods, systems and computer readable media for data source refreshing.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for identifying network security risks. One of the methods includes receiving organizational hierarchy data and receiving access privilege data for a network, generating an adjacency matrix that represents connections between individuals within the organizational hierarchy and various groups, and that represents connections between the individuals and various access privileges, selecting an analytic technique for analyzing the adjacency matrix, determining, for each individual, an individual score that represents a security risk associated with the individual's network account, and in response to determining that the individual score meets a threshold, applying security controls.

A third-party service may be used to assist entities in responding to requests of users. A third-party service may receive, directly or indirectly, a request of a first user for assistance from a first entity. The third-party service may request information about the first user by sending a request to a computer of the first entity. The third-party service may use the request of the first user and the information about the first user to automatically generate a response to the request of the first user. The third-party service may then transmit, directly or indirectly, the response to the first user.

A replanned plan output device that outputs a replanned plan for an operation plan of performing planned schedules in order by an operation of a vehicle in charge, includes: a replanned candidate determination unit configured to, when a difficult-to-perform schedule that becomes difficult to be performed by the vehicle in charge among the planned schedules occurs, determine another vehicle as a candidate for a substitute vehicle for performing the difficult-to-perform schedule; and a substitute vehicle selection unit configured to, when a plurality of candidates for the substitute vehicle are set, select the substitute vehicle for performing the difficult-to-perform schedule from the plurality of candidates for the substitute vehicle in consideration of the number of changes of the vehicle in charge and an additional cost of each of the schedules specified in the operation plan.

Example embodiments relates to method and systems to infer graph topologies. A computing device for inferring a graph topology, comprises a physical processor that executes machine readable instructions that cause the computing device to process a set of unclassified tables. For each table the computing device determines a primary key comprising a set of columns of a table being analyzed, determines a set of foreign keys, each foreign key comprising a column of the analyzed table, and identifies a parameter based on the analyzed table, the primary key and the set of foreign keys. The parameter may comprise a node identification, a set of node attributes, a set of edges without attributes, a set of edges with attributes or a set of edge attributes. The computing device can cause the display of the graph topology based on the processed set of unclassified tables.

A method and a system are provided for processing electronic medical records for predicting a health condition of a patient. The method may determine a first set of datasets of a first patient based on one or more first electronic medical records. The method may extract one or more second sets of datasets of one or more second patients from a database server based on the first set of datasets. The method may generate one or more bipartite graphs based on the first set of datasets and the one or more second sets of datasets. The method may determine a set of edges from the one or more edges based on a matching score in each bipartite graph. The method may further predict the health condition of the first patient based on at least the matching score associated with each of the one or more bipartite graphs.

Systems and methods are disclosed for question generation to obtain more related medical information based on observed symptoms from a patient. In embodiments, possible diseases associated with the observed symptoms are generated by querying a knowledge graph. In embodiments, candidate symptoms associated with the possible diseases are also identified and are combined with the observed symptoms to obtain combined symptom sets. In embodiments, discriminative scores for the candidate symptom sets are determined and candidate symptoms with top discriminative scores are selected. In embodiments, these selected candidate symptoms may be checked for conflicts with observed symptoms and removed from further consideration if a conflict exists. In embodiments, one or more questions may be generated based on the remaining selected candidate systems to aid in collecting information about the patient. In embodiments, the process may be repeated with the updated observed symptoms.

Methods and systems for understanding identity and organizational access to applications within an enterprise environment are provided. Exemplary methods include collecting data about relationships between applications and metadata associated with the applications in a computing environment of an enterprise, the metadata including information concerning a plurality of users accessing the applications; updating a graph database including nodes representing the applications of the computing environment of the enterprise and edges representing relationships between the applications; enriching the graph database by associating the nodes with metadata associated with the applications and associating user accounts with metadata associated with roles, organizations membership, privileges, and permissions; analyzing the graph database to identify a subset of nodes being accessed by a user of the plurality of users; and displaying, via a graphical user interface, a graphical representation of the subset of nodes and relationships between the nodes in the subset of the nodes.