Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.

Abstract: A request is received over a network to resolve a problem relating to a networked user device. The request is accepted in order to provide user service. Based on the request, one of multiple available diagnostic algorithms is selected to analyze user data related to a user's account to identify symptoms of the problem and diagnose a cause of the symptoms identified.

Abstract: A method, non-transitory computer readable medium and apparatus for securing user input and/or output on a mobile endpoint device. For example, the method receives an input on the mobile endpoint device, encrypts and authenticates the input in a trusted domain of the mobile endpoint device executing an application and sends the input that is encrypted and authenticated to an untrusted domain of the mobile endpoint device over a secure channel.

Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.

Abstract: A system for providing secure browsing via a transparent network proxy is disclosed. The system may receive, from a client, a request to access a resource. The request may include an identifier that may be utilized to locate the resource. Once the request is received, the system may determine if the resource is not trusted, such as if the identifier is determined to be unknown or suspicious. If the resource is determined to not be trusted by the system, the system may forward the request to a virtual machine manager that may select a browser virtual machine from a pool of browser virtual machines. After the browser virtual machine is selected, the browser virtual machine may stream a rendering of the resource to the client based on the request. The rendering of the resource may be provided in lieu of the actual resource.

Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.

Abstract: A system for providing secure browsing via a transparent network proxy is disclosed. The system may receive, from a client, a request to access a resource. The request may include an identifier that may be utilized to locate the resource. Once the request is received, the system may determine if the resource is not trusted, such as if the identifier is determined to be unknown or suspicious. If the resource is determined to not be trusted by the system, the system may forward the request to a virtual machine manager that may select a browser virtual machine from a pool of browser virtual machines. After the browser virtual machine is selected, the browser virtual machine may stream a rendering of the resource to the client based on the request. The rendering of the resource may be provided in lieu of the actual resource.

Abstract: A method, non-transitory computer readable medium and apparatus for securing user input and/or output on a mobile endpoint device. For example, the method receives an input on the mobile endpoint device, encrypts and authenticates the input in a trusted domain of the mobile endpoint device executing an application and sends the input that is encrypted and authenticated to an untrusted domain of the mobile endpoint device over a secure channel.

Abstract: Electronic screen shots protect against cyber attacks. When any webpage is received, a screen shot of the webpage may be generated. Should the webpage be from an untrusted source, the screen shot protects downstream resources and clients from potential malware contained within the webpage.

Abstract: A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application.

Abstract: A method, non-transitory computer readable medium and apparatus for securing user input and/or output on a mobile endpoint device. For example, the method receives an input on the mobile endpoint device, encrypts and authenticates the input in a trusted domain of the mobile endpoint device executing an application and sends the input that is encrypted and authenticated to an untrusted domain of the mobile endpoint device over a secure channel.

Abstract: A method includes receiving from a client device at a client interface application a request to access an application, determining whether the application is external to a communication network, redirecting the request to an external communication server when the application is external to the communication network, sending the request from the external communication server to the application that is external to the communication network, receiving information from the application that is external to the communication network at the external communication server responsive to sending the request, and replicating a screen of the external communication server containing the information received from the application for display at the client interface application.

Abstract: A request is received over a network to resolve a problem relating to a networked user device. The request is accepted in order to provide user service. Based on the request, one of multiple available diagnostic algorithms is selected to analyze user data related to a user's account to identify symptoms of the problem and diagnose a cause of the symptoms identified.

Abstract: A method, non-transitory computer readable medium and apparatus for securing user input and/or output on a mobile endpoint device. For example, the method receives an input on the mobile endpoint device, encrypts and authenticates the input in a trusted domain of the mobile endpoint device executing an application and sends the input that is encrypted and authenticated to an untrusted domain of the mobile endpoint device over a secure channel.

Abstract: A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application.

Abstract: A system for providing secure browsing via a transparent network proxy is disclosed. The system may receive, from a client, a request to access a resource. The request may include an identifier that may be utilized to locate the resource. Once the request is received, the system may determine if the resource is not trusted, such as if the identifier is determined to be unknown or suspicious. If the resource is determined to not be trusted by the system, the system may forward the request to a virtual machine manager that may select a browser virtual machine from a pool of browser virtual machines. After the browser virtual machine is selected, the browser virtual machine may stream a rendering of the resource to the client based on the request. The rendering of the resource may be provided in lieu of the actual resource.

Abstract: A method includes receiving from a client device at a client interface application a request to access an application, determining whether the application is external to a communication network, redirecting the request to an external communication server when the application is external to the communication network, sending the request from the external communication server to the application that is external to the communication network, receiving information from the application that is external to the communication network at the external communication server responsive to sending the request, and replicating a screen of the external communication server containing the information received from the application for display at the client interface application.

Abstract: A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application.

Abstract: A mobile device including a memory including computer-executable instructions for synchronizing a virtual machine and a processor executing the computer-executable instructions, the computer-executable instructions, when executed by the processor, cause the processor to perform operations including executing a virtual machine using a memory; executing a hypervisor providing a synchronization daemon, the synchronization daemon monitoring the memory, the synchronization daemon generating a checkpoint indicating a change in the memory; the hypervisor initiating transmission of the change in the memory over a wireless network for delivery to a standby mobile device to synchronize the virtual machine on the standby mobile device.

Abstract: A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application.