Abstract: The disclosed computer-implemented method for tuning application network behavior may include identifying an application for a closed operating system. The closed operating system may prevent applications from implementing machine-level traffic control for network traffic. The method may include determining an expected network behavior of the application, intercepting network traffic of the application on the closed operating system, determining whether the intercepted network traffic conforms to the expected network behavior, and modifying, based on the determining whether the intercepted network traffic conforms to the expected network behavior, the network traffic. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Application identification and control in a network device. In one embodiment, a method may include establishing, at a network device, a Virtual Private Network (VPN) tunnel through which all Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic sent from or received at the network device is routed. The method may also include monitoring, at the network device, all TCP and UDP traffic sent from or received at the network device through the VPN tunnel. The method may further include extracting, at the network device, payload data from the monitored TCP and UDP traffic. The method may also include analyzing the extracted payload data to identify applications executing on the network device that sent or received the monitored TCP and UDP traffic. The method may further include taking, at the network device, a security action on the network device based on the identified applications.

Abstract: The disclosed computer-implemented method for split network tunneling based on traffic inspection may include a computing device directing network traffic to a network client of the computing device. The network client may perform an inspection of the network traffic. The network traffic may be categorized based on the inspection. In response to categorizing the network traffic, a security action may be performed to protect the computing device from computer malware. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for chaining virtual private networks may include (i) establishing a virtual private network client that routes network traffic to a virtual private network, (ii) establishing an additional virtual private network client that routes the network traffic to an additional virtual private network, (iii) configuring the virtual private network client for split routing such that the virtual private network client routes different ranges of incoming network traffic to respective different network addresses, (iv) configuring the additional virtual private network client to route all incoming network traffic according to a default route, and (v) chaining the virtual private network client and the additional virtual private network client such that they process incoming network traffic in series. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Application identification and control in a network device. In one embodiment, a method may include establishing, at a network device, a Virtual Private Network (VPN) tunnel through which all Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic sent from or received at the network device is routed. The method may also include monitoring, at the network device, all TCP and UDP traffic sent from or received at the network device through the VPN tunnel. The method may further include extracting, at the network device, payload data from the monitored TCP and UDP traffic. The method may also include analyzing the extracted payload data to identify applications executing on the network device that sent or received the monitored TCP and UDP traffic. The method may further include taking, at the network device, a security action on the network device based on the identified applications.

Abstract: A computer-implemented method for detecting near field communication risks may include (1) identifying a mobile device capable of near field communication, (2) identifying an attempted near field communication involving the mobile device, (3) tracking at least one contextual behavior relating to the attempted near field communication; and (4) determining, based at least in part on the contextual behavior, that the attempted near field communication poses a risk to the mobile device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for detecting near field communication risks may include (1) identifying a mobile device capable of near field communication, (2) identifying an attempted near field communication involving the mobile device, (3) tracking at least one contextual behavior relating to the attempted near field communication; and (4) determining, based at least in part on the contextual behavior, that the attempted near field communication poses a risk to the mobile device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for validating digital signatures may include (1) receiving, through a camera of smart glasses, an image of an object, (2) decrypting, using a processor of the smart glasses, a digital signature on the object to obtain a decrypted digital signature, (3) attempting, using the processor of the smart glasses, to validate the object by comparing content of the object with the decrypted digital signature, and (4) outputting a result of the attempt to validate the object from an output component of the smart glasses. Various other methods, systems, and computer-readable media are also disclosed.