Abstract: One embodiment of the present invention sets forth a technique for predicting fraud by correlating user behavior biometric data with one or more other types of data. The technique includes receiving cursor movement data generated via a client device and analyzing the cursor movement data based on a model to generate a result. The model may be generated based on cursor movement data associated with a first group of one or more users. The technique further includes receiving log data generated via the client device and determining, based on the result and the log data, that a user of the client device is not a member of the first group.

Abstract: One embodiment of the present invention sets forth a technique for predicting fraud by analyzing user behavior biometric data via a neural network (NN). The technique includes receiving cursor movement data generated via at least one client device, where the cursor movement data is associated with a group of one or more users. The technique further includes generating a plurality of images based on the cursor movement data and training a first neural network (NN) model based on the plurality of images and based on a discard rate that is greater than 50%.

Abstract: One embodiment of the present invention sets forth a technique for predicting fraud by correlating user behavior biometric data with one or more other types of data. The technique includes receiving cursor movement data generated via a client device and analyzing the cursor movement data based on a model to generate a result. The model may be generated based on cursor movement data associated with a first group of one or more users. The technique further includes receiving log data generated via the client device and determining, based on the result and the log data, that a user of the client device is not a member of the first group.

Abstract: One embodiment of the present invention sets forth a technique for predicting fraud by correlating user behavior biometric data with one or more other types of data. The technique includes receiving cursor movement data generated via a client device and analyzing the cursor movement data based on a model to generate a result. The model may be generated based on cursor movement data associated with a first group of one or more users. The technique further includes receiving log data generated via the client device and determining, based on the result and the log data, that a user of the client device is not a member of the first group.

Abstract: One embodiment of the present invention sets forth a technique for predicting fraud based on user behavior biometric data. The technique includes receiving cursor movement data generated via a client device and generating a first image based on the cursor movement data. The technique further includes analyzing the first image based on a first model to generate a result, where the first model is generated based on cursor movement data associated with a first group of one or more users. The technique further includes determining, based on the result, that a user of the client device is not a member of the first group.

Abstract: One embodiment of the present invention sets forth a technique for predicting fraud by analyzing user behavior biometric data via a neural network (NN). The technique includes receiving cursor movement data generated via at least one client device, where the cursor movement data is associated with a group of one or more users. The technique further includes generating a plurality of images based on the cursor movement data and training a first neural network (NN) model based on the plurality of images and based on a discard rate that is greater than 50%.

Abstract: Assistance is given to aid in optimizing a program's performance during initial development while the program's features are still being implemented and/or debugged, without interfering with that development, by providing easy-to-ignore yet accurate tips about a program's performance inside a debugger. Raw performance information for a software program which is being debugged in a debugger is adjusted by removing from it a measured debug overhead or other diagnostic overhead. Some factors considered when measuring overhead include pauses, context switches, debug versus release build presence, bounds checking, funceval, and call stack analyses. The debugger is enhanced to display the adjusted program performance measure in a graphical user interface, next to the corresponding source code. The enhanced debugger updates the adjusted program performance measure value and keeps its screen location current as the developer moves through the source code, providing more detailed performance information upon request.

Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: Assistance is given to aid in optimizing a program's performance during initial development while the program's features are still being implemented and/or debugged, without interfering with that development, by providing easy-to-ignore yet accurate tips about a program's performance inside a debugger. Raw performance information for a software program which is being debugged in a debugger is adjusted by removing from it a measured debug overhead or other diagnostic overhead. Some factors considered when measuring overhead include pauses, context switches, debug versus release build presence, bounds checking, funceval, and call stack analyses. The debugger is enhanced to display the adjusted program performance measure in a graphical user interface, next to the corresponding source code. The enhanced debugger updates the adjusted program performance measure value and keeps its screen location current as the developer moves through the source code, providing more detailed performance information upon request.

Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: A browser plug-in firewall manages data exchanged between a browser and a plug-in according to a pre-defined list of rights.

Abstract: A method for preventing malicious attacks on software, using the patching method, includes providing a database of malicious known patches (malware). The database contains characteristic signatures of the malware. The method also includes detecting whether a patch is malicious by comparing it with a signature in the database and performing one or more activities needed to prevent the malicious patch from performing undesired activities.

Abstract: A method for preventing malicious attacks on software, using the patching method, includes providing a database of legitimate and known patches, the database contains characteristic code paths of said legitimate patches. The method also includes detecting whether a patch is malicious by inspecting one or more characteristic paths of the patch and matching one or more code paths against the database of legitimate and known patches. An activity needed to prevent the malicious patch from performing undesired activities is then performed.

Abstract: A method for preventing malicious attacks on software, using the patching method, includes providing a database of malicious known patches (malware). The database contains characteristic signatures of the malware. The method also includes detecting whether a patch is malicious by comparing it with a signature in the database and performing one or more activities needed to prevent the malicious patch from performing undesired activities.

Abstract: A method for preventing malicious attacks on software, using the patching method, includes providing a database of legitimate and known patches, the database contains characteristic code paths of said legitimate patches. The method also includes detecting whether a patch is malicious by inspecting one or more characteristic paths of the patch and matching one or more code paths against the database of legitimate and known patches. An activity needed to prevent the malicious patch from performing undesired activities is then performed.

Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: A browser plug-in firewall manages data exchanged between a browser and a plug-in according to a pre-defined list of rights.