Abstract: Disclosed herein are methods and systems for evaluating web browser behavior to report on human versus non-human activity, based on varying analyses of detectable properties. By passively detecting the code of a webpage engaged by a browsing user, the present invention evaluates the browsing user's activity in order to predict the type of user with a degree of confidence. The predictions are formed by acquiring information on how a user loads, navigates, and interacts with a webpage and comparing that information with known and unknown properties in various control groups. If the prediction yields a high likelihood of automated activity, additional active detection may be performed. Reports are compiled by analysis servers and made available to the operators of webpages. By compiling performance metrics and informing operators of fraudulent versus normal activity, the invention combats malicious automated traffic directed at any aspect of a given webpage.

Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.

Abstract: A computer-implemented method and system for the validation of a true browsing user on a website is disclosed. The invention allows for the collection of data regarding the evolving threat landscape created by online attackers. The system and method fingerprint user behavior to detect differences between a local user, a remote/foreign user, and an automated script. The system then covertly transmits that information back to a financial institution client without giving online attackers the opportunity to notice such transmittal. Certain embodiments of the invention also correspond with the browsing user to validate their identity. The claimed system and method proactively reveal attackers and attack ploys, additionally enabling institutions and security consultants to adapt to attacks in an automated fashion.

Abstract: A method for enabling access to a data resource, which is held on a file server (25) on a first local area network (LAN) (21a), by a client (28) on a second LAN (21b). A proxy receiver (48) on the second LAN (21b) intercepts a request for the data resource submitted by the client (28) and transmits a message via a wide area network (WAN) (29) to a proxy transmitter (52) on the first LAN (21a), requesting the data resource. The proxy transmitter (52) retrieves a replica of the data resource from the file server (25) and conveys the replica of the data resource over the WAN (29) to the proxy receiver (48), which serves the replica of the data resource from the proxy receiver (48) to the client (28) over the second LAN (21b).

Abstract: Disclosed herein are methods and systems for evaluating web browser behavior to report on human versus non-human activity, based on varying analyses of detectable properties. By passively detecting the code of a webpage engaged by a browsing user, the present invention evaluates the browsing user's activity in order to predict the type of user with a degree of confidence. The predictions are formed by acquiring information on how a user loads, navigates, and interacts with a webpage and comparing that information with known and unknown properties in various control groups. If the prediction yields a high likelihood of automated activity, additional active detection may be performed. Reports are compiled by analysis servers and made available to the operators of webpages. By compiling performance metrics and informing operators of fraudulent versus normal activity, the invention combats malicious automated traffic directed at any aspect of a given webpage.

Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.

Abstract: A method for determining if a web browser is being operated by a human or a non-human agent, based on analysis of certain aspects of how a user interacts with a webpage. By placing a code snippet into the code of a webpage prior to a given user accessing that webpage, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar code elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.

Abstract: One embodiment comprises an apparatus for automatic proxy registration and discovery in a multi-proxy communication system. The apparatus executes a proxy server that is configured to provide optimized connections to remote proxy servers that are communicatively connected to the proxy server over a Wide Area Network (WAN). A file server, which is communicatively connected to the proxy server over a Local Area Network (LAN), is automatically discovered. An association record corresponding to the file server is created, where the association record identifies the file server and the proxy server and indicates that the proxy server is configured to provide the remote proxy servers with optimized connections to the file server. The association record is registered with a centralized database server, where the remote proxy servers are communicatively connected to the centralized database server over the WAN.

Abstract: A computer-implemented method and system for the validation of a true browsing user on a website is disclosed. The invention allows for the collection of data regarding the evolving threat landscape created by online attackers. The system and method fingerprint user behavior to detect differences between a local user, a remote/foreign user, and an automated script. The system then covertly transmits that information back to a financial institution client without giving online attackers the opportunity to notice such transmittal. Certain embodiments of the invention also correspond with the browsing user to validate their identity. The claimed system and method proactively reveal attackers and attack ploys, additionally enabling institutions and security consultants to adapt to attacks in an automated fashion.

Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.

Abstract: A method for determining if a web browser is being operated by a local human or a remote agent, based on analysis of certain aspects of how the different users interact with a webpage. By employing various detection mechanisms, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.

Abstract: A method for determining if a web browser is being operated by a human or a non-human agent, based on analysis of certain aspects of how a user interacts with a webpage. By using different ways of detection, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.

Abstract: A method for determining if a web browser is being operated by a human or a non-human agent, based on analysis of certain aspects of how a user interacts with a webpage. By placing a code snippet into the code of a webpage prior to a given user accessing that webpage, one is able to evaluate the user's actions in order to predict the type of user. The predictions are made by acquiring information on how the user loads, navigates, and interacts with the webpage and comparing that information with statistics taken from a control group. Performance metrics from all webpages containing similar code elements are compiled by analysis servers and made available to the operator of a webpage through a variety of reporting mediums. By compiling such performance metrics, the method helps combat and prevent malicious automated traffic directed at advertisements and other aspects of a given webpage.

Abstract: In various embodiments, data processing apparatus, software, or machine-implemented methods can optimize NFSv3 asynchronous write requests or MSRPC calls that traverse a wide area network, for example, by receiving, from a client, a first request directed to a server across a wide area network; determining whether a related second request has been received previously; when a related second request has been received previously, sending, to the client, a first reply to the second request and forwarding the first request to the server, and otherwise forwarding the first request to the server without sending any reply to the client for the first request. Sending local replies from a WAN optimizer induces the client to send continuous requests, improving throughput, but at least one client request remains unreplied to, and one server error reply is always reported to the client, facilitating correct error processing at the client.

Abstract: Embodiments for performing service binding between a client and a target server are disclosed. In accordance with one embodiment, a clear text client service binding value is received from a client at the target server, the client service binding value is compared to a server service binding value, and a communication channel is formed between the client and the target server when the client service binding value matches the server service binding value.

Abstract: This invention leverages DNSSEC to makes post-password technologies work against endpoints across the globe, rather than solely within company walls. It describes a system by which DS records are encoded in NS names, which traverse well from the customer to the registry. This invention also proposes a series of steps through which DNSSEC can be explored as a useful solution to real world problems. By creating and further developing a mirror of the real DNS, which grows by combination of true DNS record information with specially synthesized authentication keys, DNSSEC scales, providing greater security and less risk of corrupting or erroneous online material. This same technology also evaluates user activity to create a database of statistics regarding automated activity, as compared to human activity. This database assists in identification and prevention, or at least mitigation, of potential future attacks on any given client by automated bot-driven activity.

Abstract: In one embodiment, a method for tracing a connection path from a source node to a destination node through a network having one or more transparent proxies includes generating a trace packet at the source node, transmitting the trace packet over the network towards the destination node, and receiving trace response packets in response to transmission of the trace packet. The trace response packets include a packet from the destination node and a packet from each of the transparent proxies in a data path from the source node to the destination node. Each of the packets from the transparent proxies includes an identifier of the transparent proxy transmitting the packet. The method further includes identifying the transparent proxies in the connection path based on information in the trace response packets. An apparatus for tracing a connection path is also disclosed.

Abstract: A method and system for securely opening an e-mail attachment in a computer processing environment having a trusted node daughterboard connected to at least one operational node motherboard with an e-mail processing system operatively coupled to the trusted node daughterboard. The method includes the steps of when an e-mail attachment is to be opened, sending a power on signal from the trusted node daughterboard to the operational node motherboard when it is desired to utilize the operational node motherboard for opening an e-mail attachment. Pre-boot data is then requested from the operational node motherboard and is sent from the trusted node daughterboard to the operational node motherboard to enable operation of the operational node motherboard for securely opening an e-mail attachment.

Abstract: Embodiments are described for a system operating a plurality of gaming devices. A central gaming computer having a trusted node daughterboard having operational software is configured to be loaded on a gaming computer, a network coupled to the central gaming computer, and a plurality of gaming computers coupled to the network with each of the plurality of gaming computers including an operational node motherboard operable to load operational software sent from the central gaming computer to affect a change in gameplay in the gaming computer. Upon completion of desired computer processing on the operational node, the trusted node causes the operational node to reboot to remove the pre-boot data and the operating system software from the operational node such that no rewrite functions are performed on the operational node.

Abstract: A system and method for securing firmware from malware in a computer processing system having a trusted node daughterboard connected to at least one operational node motherboard. The method includes the steps of sending a power on signal from the trusted node daughterboard to the operational node motherboard when it is desired to utilize the operational node motherboard for computer processing purposes. Pre-boot data is then requested from the operational node motherboard and is sent from the trusted node daughterboard to the operational node motherboard to enable operation of the operational node motherboard.