Abstract: A system, method, and apparatus for detecting remote control of a client device are disclosed. An example network security apparatus includes a network switch configured to route first data packets between a client device and a content provider device, determine IP addresses of other devices that transmit second data packets to or receive second data packets from the client device, and throttle the second data packets destined for the client device. The apparatus also includes a controller configured to receive signal packets indicative of activity in relation to a webpage provided by the content provider device to the client device and instruct the network switch to throttle the second data packets after receiving one of the signal packets. The controller is also configured to provide an indication of a malicious device remotely controlling the client device responsive to not receiving another signal packet within a specified time period.

Abstract: A system, method, and apparatus for identifying and removing malicious applications are disclosed. An example apparatus includes an executable application configured to collect data regarding processes operating on a client device during a time period. The executable application is also configured to purposefully access, during the time period, an application server using a web browser on the client device in an attempt to trigger a malicious application potentially located on the client device. The executable application is configured to transmit, after the time period, the collected data to an analysis server to determine whether the malicious application is located on the client device.

Abstract: A system, method, and apparatus for identifying and removing malicious applications are disclosed. An example apparatus includes an analysis server configured to receive from an executable application operating on a client device a data structure including information identifying processes operating on the client device during a time period and analyze the data structure to identify a malicious application by determining which of the processes on the client device were triggered after an application server was accessed by the executable application and identifying processes associated with the malicious application by comparing the determined processes to records of processes of a device similarly configured as the client device.

Abstract: A system, method, and apparatus for detecting remote control of a client device are disclosed. An example network security apparatus includes a network switch configured to route first data packets between a client device and a content provider device, determine IP addresses of other devices that transmit second data packets to or receive second data packets from the client device, and throttle the second data packets destined for the client device. The apparatus also includes a controller configured to receive signal packets indicative of activity in relation to a webpage provided by the content provider device to the client device and instruct the network switch to throttle the second data packets after receiving one of the signal packets. The controller is also configured to provide an indication of a malicious device remotely controlling the client device responsive to not receiving another signal packet within a specified time period.

Abstract: Methods, systems, and apparatuses for varying soft information are disclosed. In an example embodiment, a security processor receives, from a transaction server, hard information to transmit to a client device related to a transaction with the client device, and soft information related to the display of the hard information on the client device. The security processor determines a variation of the soft information configured to prevent a malicious application from interacting with the hard information and determines the variation of the soft information does not change how the hard information is displayed at the client device compared to how the hard information was to be displayed using the soft information. Responsive to determining the variation of the soft information does not change how the hard information is displayed, the security processor transmits the hard information and the variation of the soft information to the client device.

Abstract: A system, methods, and apparatus for validating communications in an open architecture system are disclosed. In an example embodiment, a method includes selecting transactional information to transmit from a server to a communicatively coupled client device based on a request from the client device, selecting presentation information corresponding to the transactional information to transmit from the server to the client device, transmitting at least one message including the presentation and transactional information from the server to the client device, determining a prediction as to how the client device will render the transactional information based on the presentation information, receiving a response message from the client, and responsive to information in the response message not matching the prediction, providing an indication there is a malicious application affecting communications between the server and the client device.

Abstract: A system, method, and apparatus for providing observable authentication are disclosed. An example method includes receiving a request from a user to access an account, the request including an identifier associated with the user, determining a secret login rule previously provided to the user, and transmitting observable information to be displayed in a login map by a client device associated with the user. The example method also includes determining a correct answer by analyzing the positioning of the displayed observable information within the login map in conjunction with the secret login rule associated with the user. The example method further includes receiving an answer from the client device and providing the user access to the account responsive to the answer matching the correct answer.

Abstract: A system, method, and apparatus for identifying and removing malicious applications are disclosed. An example apparatus includes an analysis server configured to receive from an executable application operating on a client device a data structure including information identifying processes operating on the client device during a time period and analyze the data structure to identify a malicious application by determining which of the processes on the client device were triggered after an application server was accessed by the executable application and identifying processes associated with the malicious application by comparing the determined processes to records of processes of a device similarly configured as the client device.

Abstract: A system, methods, and apparatus for validating communications in an open architecture system are disclosed. In an example embodiment, a method includes selecting transactional information to transmit from a server to a communicatively coupled client device based on a request from the client device, selecting presentation information corresponding to the transactional information to transmit from the server to the client device, transmitting at least one message including the presentation and transactional information from the server to the client device, determining a prediction as to how the client device will render the transactional information based on the presentation information, receiving a response message from the client, and responsive to information in the response message not matching the prediction, providing an indication there is a malicious application affecting communications between the server and the client device.

Abstract: The present invention is a method of accentuating a deviation in a set of information and locating a cause thereof that includes the steps of receiving a set of information; selecting a subset of information; setting initial states; setting transition states; initializing a vector; selecting the first information segment; modifying the vector if the information segment contains an initial and transition state, otherwise stopping; selecting the next available information segment and returning to the previous step, otherwise recording a number of occurrences of each unique vector; determining the number of the least occurring vector; dividing each occurrence number by the least occurring number; determining an occupation time for each vector; calculating an inverse characteristic time for each unique vector; calculating at least one subset value for the subset of information using a temperature-based function, an entropy-based function, an energy-based function, or any combination thereof; setting a value vi fo

Abstract: A serial data signal is synchronized to a clock signal in a synchronization circuit (10). Synchronization is accomplished by generating a plurality of delayed versions of the serial data signal using serially connected delay elements (21-27). The delayed versions of the serial data signal are sampled using a set of flip-flops (11-18). The sampled delayed data signals appearing at the outputs of each flip-flop of the set of flip-flops (11-18) are used to determine which delayed data signal is most closely aligned to the clock signal. The output of the multiplexer (40) is an aligned serial data signal. In addition, a drift correction circuit (50) continuously monitors and corrects the alignment between the clock signal and the aligned serial data signal.

Abstract: A data conversion circuit receives input data from external sourcing logic and performs a parallel-serial conversion. Likewise, a data conversion circuit performs a serial-parallel conversion and presents output data to external sinking logic. In the parallel-serial conversion (10), the input data is translated (12) and stored in a register (14). A multiplexer (16) rotates through the data to provide the serial output. In the serial-parallel conversion (70), the input data is sequenced into a multiplexer (74) to achieve the parallel data word. The parallel data word is stored in a register (76) before presenting it to external logic. Phase delay logic (22) sets the delay of a transfer data control signal that requests data be read or written.

Abstract: A parallel to serial converter (10) uses a data hold-time indicator (22) to indirectly observe the timing relationship of the data and clock applied to a data register (14) embedded within an integrated circuit. The incoming data word is converted from CMOS to ECL logic levels (12) and applied to the data register. The register holds data for a multiplexer (16) that rotates through the output data from the register for providing a serial data output signal. A flipflop circuit (18) clocks the serial data output signal. The data hold-time indicator circuit monitors one register input and generates a recurring pulse having a width that reflects the data hold-time at the embedded register. By indirectly observing the timing relationship, the externally sourced data timing can be calibrated to meet the setup and hold-time requirements of the data register.

Abstract: A unique cellular telephone (100) digitally frequency locks to the received base station transmitter signal. The cellular telephone (100) includes a radio transceiver (106), a reference oscillator (104), and microcomputer (102) with memory therein for controlling the operation thereof. The radio transceiver (106) includes a phase-locked loop (PLL) synthesizer 120, a receiver mixer (122) followed by one or more gain stages (124), a phase detector (126), and a divider (128). The PLL synthesizer (120) generates a signal locked to the reference oscillator (104) that is mixed with the incoming base station transmitter signal in the receive mixer (122) to generate an intermediate frequency signal. The output of the reference oscillator (104) also feeds the divider (128), which divides the reference oscillator signal by an amount so as to generate the divided signal having a frequency substantially the same as the frequency of the intermediate frequency signal from the mixer (122).

Abstract: A controller for a radiotelephone having the capability of operation in both a secure mode for call authorization and a nonsecure mode for user interface is disclosed. The nonsecure mode and secure mode of operation are both resident in a single microcontroller which runs the nonsecure operations until a requirement for the secure operation is requested during call placement. The nonsecure mode is disabled during the period of time the secure mode is operational and is reenabled upon completion of the secure mode operation. The secure mode cannot be accessed externally to the microcontroller.

Abstract: A process to reduce the howl condition in a radiotelephone when the microphone picks up audio from the speaker. The condition is detected by first lowering the speaker volume (103) and measuring the microphone volume for a corresponding decrease (104). The speaker volume is then increased (105) and the microphone volume is again measured for a corresponding increase (106). If the microphone volume follows the speaker volume, a howl condition has been detected. To eliminate the condition without the volume fluctuations being noticed by the parties conversing, the microphone and speaker volume is reduced in small increments (114) until the condition is eliminated.