Abstract: A system, computer-readable storage medium storing at least one program, and a computer-implemented method for detecting fraud in a social gaming environment is disclosed herein. For example, game events generated responsive to a player playing a game executing on a client device are received. The game events may then be used to build a player profile for the player. The player profile may characterize the game actions performed by the player. The player profile is then compared with a golden profile. The golden profile may specify an expected gaming behavior. Based on the comparison between the player profile and the expected gaming behavior specified by the golden profile, a player account associated with the player may be marked as suspicious.

Abstract: A system, computer-readable storage medium storing at least one program, and a computer-implemented method for detecting fraud in a social gaming environment is disclosed herein. For example, game events generated responsive to a player playing a game executing on a client device are received. The game events may then be used to build a player profile for the player. The player profile may characterize the game actions performed by the player. The player profile is then compared with a golden profile. The golden profile may specify an expected gaming behavior. Based on the comparison between the player profile and the expected gaming behavior specified by the golden profile, a player account associated with the player may be marked as suspicious.

Abstract: A system, computer-readable storage medium storing at least one program, and a computer-implemented method for detecting fraud in a social gaming environment is disclosed herein. For example, game events generated responsive to a player playing a game executing on a client device are received. The game events may then be used to build a player profile for the player. The player profile may characterize the game actions performed by the player. The player profile is then compared with a golden profile. The golden profile may specify an expected gaming behavior. Based on the comparison between the player profile and the expected gaming behavior specified by the golden profile, a player account associated with the player may be marked as suspicious.

Abstract: Systems and methods for modifying a compiler to generate a profile of a source code are described. One of the methods includes receiving the source code. The source code excludes instrumentation and includes functions. The method also includes compiling the source code with the compiler to generate metrics that are associated with execution of the functions within the source code. The compiling operation includes applying function tracking commands that were inserted into a compiler. The commands are used for tracking beginnings and ends of the functions to be tested.

Abstract: A client device downloads a file of a computer-implemented game using multiple network connections. The client device may first receive configuration information for downloading the file, such that the configuration information indicates a partition quantity for a plurality of file portions into which the file is partitioned at one or more server computers, and indicates at least one hostname from which to request the file portions. The client device may download the plurality of file portions by using the configuration information to determine uniform resource locators (URLs) for the individual file portions, and using multiple network connections to download the file portions from the determined URLs. The client device may then combine the plurality of file portions to form the file.

Abstract: Example systems and methods for downloading an application file are presented herein. In an example, configuration information for downloading the application file is received. The configuration information indicates a partition quantity indicating a number of file portions into which the application file is partitioned at one or more server computers. Network addresses for the file portions are determined based on the configuration information. A request is issued for each of the multiple file portions based on the network addresses, with the requests being issued over multiple network connections. The multiple file portions are received over the multiple network connections, with at least two of the multiple file portions being received simultaneously over separate ones of the multiple network connections. The received multiple file portions are combined to form the application file.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. A malware trapping system (MTS) creates and registers a set of virtual IM users with an IM server. The virtual IM users include account names by which other users of the IM server can communicate with the virtual IM users. The MTS publicizes the account names of the virtual IM users, which causes sources of malware to illicitly acquire the account names of the virtual IM users. The MTS identifies any IM user sending a message to one of the virtual users as a source of malware. The MTS also identifies such a message as a malware message and collects information about the sources of malware and malware messages and stores the information in a database. An IM filter module, accessing the information stored in the database, identifies and blocks malware messages based on the information.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to examine incoming messages from an IM server to an IM client and outgoing messages from the IM client to the IM server. The IM filter module is further configured to analyze relationship among the incoming and outgoing messages and determine whether one or more messages contain malware based on the analysis of relationship among the incoming and outgoing messages.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to intercept a buddy list sent from an IM server to an IM client, add one or more fictitious buddies to the intercepted buddy list, and forward the buddy list with the one or more fictitious buddies to the IM client. The IM FM is further configured to identify a computer that hosts the IM client as a source of malware based on messages sent by the IM client to at least one of the fictitious buddies and to determine that the host computer of the IM client is a source of malware if a content of the messages sent to the at least one of the fictitious buddies contains malware.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to analyze messages exchanged between an IM server and an IM client. The IM FM also identifies one or more messages as possibly containing malware among the exchanged messages and assigns a confidence level to each identified message. A confidence level represents a probability of a message containing malware. A Bayesian filter is configured to train itself using the identified messages and the confidence levels and adjust the confidence levels. A feedback training mechanism for the Bayesian filter is also included. In particular, the IM FM examines additional messages exchanged between the IM server and IM client, identifies one or more messages as possibly containing malware among the additional messages using the adjusted confidence values. The IM FM also assigns a confidence level to each additionally identified message.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to examine incoming messages from an IM server to an IM client and outgoing messages from the IM client to the IM server. The IM filter module is further configured to analyze relationship among the incoming and outgoing messages and determine whether one or more messages contain malware based on the analysis of relationship among the incoming and outgoing messages.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. A malware trapping system (MTS) creates and registers a set of virtual IM users with an IM server. The virtual IM users include account names by which other users of the IM server can communicate with the virtual IM users. The MTS publicizes the account names of the virtual IM users, which causes sources of malware to illicitly acquire the account names of the virtual IM users. The MTS identifies any IM user sending a message to one of the virtual users as a source of malware. The MTS also identifies such a message as a malware message and collects information about the sources of malware and malware messages and stores the information in a database. An IM filter module, accessing the information stored in the database, identifies and blocks malware messages based on the information.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to analyze messages exchanged between an IM server and an IM client. The IM FM also identifies one or more messages as possibly containing malware among the exchanged messages and assigns a confidence level to each identified message. A confidence level represents a probability of a message containing malware. A Bayesian filter is configured to train itself using the identified messages and the confidence levels and adjust the confidence levels. A feedback training mechanism for the Bayesian filter is also included. In particular, the IM FM examines additional messages exchanged between the IM server and IM client, identifies one or more messages as possibly containing malware among the additional messages using the adjusted confidence values. The IM FM also assigns a confidence level to each additionally identified message.

Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to intercept a buddy list sent from an IM server to an IM client, add one or more fictitious buddies to the intercepted buddy list, and forward the buddy list with the one or more fictitious buddies to the IM client. The IM FM is further configured to identify a computer that hosts the IM client as a source of malware based on messages sent by the IM client to at least one of the fictitious buddies and to determine that the host computer of the IM client is a source of malware if a content of the messages sent to the at least one of the fictitious buddies contains malware.