Abstract: Techniques for securing checked-out virtual machines in a virtual desktop infrastructure (VDI) are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for securing a checked-out guest virtual machine including receiving a request for checking-out a guest virtual machine hosted by a server network element, wherein checking-out the guest virtual machine comprises transferring hosting of the guest virtual machine from the server network element to a client network element. The method for securing a checked-out guest virtual machines may also include configuring a security module for the guest virtual machine in order to secure the guest virtual machine and providing the security module to the guest virtual machine when the guest virtual machine is checked-out.

Abstract: A computer-implemented method for looking up anti-malware metadata may include identifying a plurality of executable objects to be scanned for malware before execution. The computer-implemented method may also include, for each executable object within the plurality of executable objects, assessing an imminence of execution of the executable object. The computer-implemented method may further include prioritizing, based on the assessments, a retrieval order for anti-malware metadata corresponding to the plurality of executable objects. The computer-implemented method may additionally include retrieving anti-malware metadata corresponding to an executable object within the plurality of executable objects based on the retrieval order. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A system and method for backing up data from a client computer system are described. The system may include the client computer system, a primary backup server computer system, and an alternate backup server computer system. The primary backup server computer system may be privately accessible to the client computer system via a virtual private network (VPN). The alternate backup server computer system may be accessible to the client computer system via a public or open network such as the Internet. The client computer system may be configured to backup a first set of data to the alternate backup server computer system at a particular time via the Internet in response to determining that the client computer system is not connected to the VPN at the particular time.

Abstract: Various embodiments of a system and method for creating a unification directory to unify a group of directories are described herein. The system may enable a first directory to be unified with one or more other directories such that when directory operations are performed on the first directory, it appears to them that the first directory includes not only its own files, but also the files of the one or more other directories. This may be accomplished by creating a persistent, re-useable unification directory which includes directory entries corresponding to the names of the files in the first directory and the one or more other directories. The unification directory does not contain complete copies of the files. Instead, the unification directory is used to obtain a listing of the files when needed, and the system then re-directs file operations to the real files in the individual directories as necessary.

Abstract: Systems and methods for filtering fraudulent email messages are described. In one embodiment, a method includes receiving an email message, determining whether the email message is indicative of fraud, and creating a fraud filter based on the email message if the email message is fraudulent.

Abstract: A computer-implemented method for restoring an image to an encrypted disk is described. An image to restore to the disk is identified. Information is read from one or more filesystems currently residing on the disk to identify one or more sectors on the disk that are reserved for a disk encryption driver. The image is restored to one or more non-reserved sectors on the disk. One or more filesystems are created on the disk that are associated with the restored image.

Abstract: An incoming network traffic manager circumstantially blocks incoming network traffic (103) containing code (107). The incoming network traffic manager (101) monitors (201) incoming network traffic (103) addressed to a target computer (105). The network traffic manager (101) detects (203) incoming network traffic (103) containing code (107). The network manager (101) blocks (205) incoming traffic (103) containing code (107) from reaching the target computer (105), responsive to circumstances being such that it is undesirable to allow incoming traffic (103) containing code (107) to reach the target computer (105).

Abstract: A method and apparatus for using a dynamic policy to manage a file purging process is described. In one embodiment, a method for using the dynamic policy to purge files comprising processing a dynamic policy for purging files from a computer wherein the dynamic policy comprises one or more metrics and applying the dynamic policy to a plurality of files to identify at least one file to be purged.

Abstract: A method and apparatus for providing a host-independent name to identify a meta-device that represents a Logical Unit Number (LUN) is described. In one embodiment, the method comprises processing information regarding at least one storage enclosure that comprises at least one Logical Unit Number (LUN) represented by at least one meta-device and generating at least one host-independent name based on the information regarding the at least one storage enclosure, wherein the at least one host-independent name is used to identify the at least one meta-device.

Abstract: Embodiments of the present invention provide methods and apparatus for transcoding received text fragments and documents. A featurization configuration is produced to create token components for evaluating the content of the text fragment. Other embodiments may be described and claimed.

Abstract: A method, a device, and a system for alerting against unknown malicious codes are disclosed. The method includes: detecting characteristics of a packet; judging whether any suspicious code exists in the packet according to a result of the detection; recording a source address of the suspicious code if the suspicious code exists in the packet; and sending alert information that carries the source address to a monitoring device. The embodiments of the present invention can report source addresses of numerous suspicious codes proactively at the earliest possible time, lay a foundation for shortening the time required for overcoming virus threats, and avoid the trouble of installing software on the client.

Abstract: A method and system for fast failure detection in a distributed computer system. The method includes executing a distributed computer system having a plurality of clusters comprising at least a first cluster, a second cluster and the third cluster, and initializing failure detection by creating a connected cluster list in each of the plurality of clusters, wherein for each one of the plurality of clusters, a respective connected cluster list describes others of the plurality of clusters said each one is communicatively connected with. A status update message is sent upon changes in connectivity between the plurality of clusters, and generating an updated connected cluster list in each of the plurality of clusters in accordance with the status update message. The method then determines whether the change in connectivity results from a cluster failure by examining the updated connected cluster list in each of the plurality of clusters.

Abstract: One or more behavior-based features describing an execution of an application on a client are generated. One or more client-specific features are generated, wherein the client-specific features describe aspects of the client. A malware score is generated based on the behavior-based features and the client-specific features. Whether the application is a malware threat is determined based on the malware score and a result of the determination is stored.

Abstract: Various systems and methods for performing archive operations are disclosed. One method involves receiving a request to perform an archive operation on a number of data storage containers. The request is received by an archive computer system. A determination is made whether to exclude a given storage container from the archive operation based on information stored in a profile.

Abstract: Techniques for recovery of application level objects are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for restoration of one or more application level objects. The method may comprise obtaining application metadata of an application containing objects to be restored, storing one or more data files containing application data, utilizing the application metadata to provide a user interface for the restoration of one or more application objects, accepting input from a user via the user interface specifying one or more application objects to restore, and restoring the one or more specified application objects.

Abstract: A computer-implemented method for emulating the behavior of a user in a computer-human interaction environment is described. An image of a window and data relating to positions of clicks executed within the image are received. A probabilistic model is created to estimate a probability of a click being executed in a region of a window. Clicks, in accordance with the probabilistic model, are executed within windows associated with a plurality of applications. A clicks distribution model is created based on the position of the clicks executed within the windows of the plurality of applications. Clicks, in accordance with the clicks distribution model, are executed within a window associated with an application being tested.

Abstract: As will be described in greater detail below, the instant disclosure generally relates to systems and methods for reducing the amount of time required to reconnect to a computing network. In one example, an exemplary method for accomplishing this task may include: 1) initiating a DHCP request for an IP address and then, while waiting for the DHCP request to resolve, 2) identifying a prior IP address previously used by the computing device to access the computing network, 3) probing the computing network to ensure that the prior IP address is not currently in use by other devices within the computing network, and 4) accessing the computing network using the prior IP address. Corresponding systems and computer-readable media are also disclosed.

Abstract: Computer implemented methods, apparati, and computer-readable media for empirically adjusting access to a database (1). An apparatus embodiment comprises: coupled to the database (1), a database discovery module (11) for determining authorized accesses to the database (1); coupled to the database (1), a command monitoring module (12) for monitoring actual accesses to the database (1); and coupled to the database discovery module (11) and to the command monitoring module (12), an analysis module (13) for comparing actual accesses with authorized accesses.

Abstract: Computer-implemented methods for delegating access to online accounts and for facilitating delegates' access to these online accounts are disclosed. In one embodiment, a method for delegating access to an online account comprises receiving a request to delegate access to a first online account to a first delegate, identifying the first online account, identifying a contact record for the first delegate, and delegating access to the first online account to the first delegate by associating the contact record for the first delegate with the first online account. Corresponding systems and computer-readable media are also disclosed.

Abstract: A method and apparatus for securing sensitive data from misappropriation by malicious software is provided. In one embodiment, the method for securing sensitive data from misappropriation by malicious software includes examining a history to identify potentially compromised sensitive data upon an occurrence of the malicious software and notifying a user regarding the potentially compromised sensitive data.