Abstract: Eye tracking for the purpose of detecting attendee disengagement with respect to a presentation including a visual display communicated over a network. The eye tracking method includes: during a play of the presentation, tracking eye positions of a set of control party(ies); during a play of the presentation, tracking eye positions of a set of non-control party(ies); determining a set of divergence value(s) corresponding to divergence between the eye position(s) of the control party(ies) and the non-control party(ies); and determining a disengagement value corresponding to relative disengagement of the non-control party(ies) based, at least in part on the set of divergence value(s).

Abstract: A computer detects malicious intrusions (or bots) into a computer. The computer receives firewall log data that includes communication records containing the source and destination of the communication, as well as, the time of the communication. The source or destination of the communication may be on a list of suspicious servers known to contain malicious software. The computer identifies a sequence of communications between a common source address and a common destination address. The computer further identifies substantially fixed intervals between the communications, and generates an alert indicating a suspected bot intrusion. The computer also identifies from the sequence of communication, patterns in the communication intervals, similarly generating an alert indicating a suspected bot intrusion.

Abstract: A computer detects malicious intrusions (or bots) into a computer. The computer receives firewall log data that includes communication records containing the source and destination of the communication, as well as, the time of the communication. The source or destination of the communication may be on a list of suspicious servers known to contain malicious software. The computer identifies a sequence of communications between a common source address and a common destination address. The computer further identifies substantially fixed intervals between the communications, and generates an alert indicating a suspected bot intrusion. The computer also identifies from the sequence of communication, patterns in the communication intervals, similarly generating an alert indicating a suspected bot intrusion.

Abstract: A computer receives entry of a proposed security rule during a security rule entry or editing session and determines that the proposed security rule requires review of a type of security data. The number of matches of the proposed security rule to the logged security data is determined and a user is notified as to the number of matches. The computer searches the security data and applies the proposed security rule to the security data to determine the predicted performance of the proposed security rule. The computer generates a report that may include warnings, recommendations, and information correlated to the security data. The report is presented to a user during the rule editing session, and based on the report a modification to the proposed security rule can be made.