A means and system is designed to distinguish human users from bots (automated programs to generate posts or interactions) in social media (including microblogging services and social networking services) by assigning a likelihood score to each user for being a human or a bot. The bot score assigned to each user is computed from statistical, temporal and text features that are detected in user's social media interactions (relative indicators specific to a given social media data set) and user's historical profile information.

Disclosed herein are embodiments of systems, methods, and products comprises a server, which receives a request from a user's electronic client device. The server determines the authentication level of the request. If the authentication level satisfies a threshold, the server may route the request to a call center computing system; otherwise, the server authenticates the user based on the authentication level. Specifically, the server presents one or more security challenges corresponding to the authentication level and authorizes the user if the user correctly answers the security challenges. The server may receive a second request from the same user who has been authorized for the first authentication level. If the authentication level of the second request is higher, the server may present more security challenges on the second level; if the authentication level is lower, the server directly allows the access of the requested services.

In one aspect, a computerized method useful for detecting a data-center bot interacting with a web page includes the step of inserting a code within a web page source. The computerized method includes the step of detecting that the web page is visited by a machine, wherein the machine is running a web browser to access the web page. The computerized method includes the step of rendering and loading the web page with the code in the web browser of the machine. The code utilizes an API to perform an operation on a GPU of the machine.

A technique for local proxy detection includes monitoring outbound traffic from the endpoint with remote network addresses outside the enterprise network, detecting use of a secure communication protocol with a request from the endpoint to one of the remote network addresses, identifying a plaintext network address within the request, and in response to identifying a plaintext network address in the request, initiating remediation of a potentially malicious local proxy on the endpoint.

A botnet identification module identifies members of one or more botnets based upon network traffic destined to one or more servers over time, and provides sets of botnet sources to a traffic monitoring module. Each set of botnet sources includes a plurality of source identifiers of end stations acting as part of a corresponding botnet. A traffic monitoring module receives the sets of botnet sources from the botnet identification module, and upon a receipt of traffic identified as malicious that was sent by a source identified within one of the sets of botnet sources, activates a protection mechanism with regard to all traffic from all of the sources identified by the one of the sets of botnet sources for an amount of time.

Systems and methods for matching and scoring sameness. In some embodiments, a computer-implemented method is provided, comprising acts of: identifying a plurality of first-degree anchor values from the first digital interaction, wherein the plurality of first-degree anchor values comprise first-degree anchor values X and Y; accessing a profile of the first-degree anchor value X, wherein: the profile of the first-degree anchor value X comprises a plurality of sets of second-degree anchor values; and each set of the plurality of sets of second-degree anchor values corresponds to a respective anchor type and comprises one or more second-degree anchor values of that anchor type; determining how closely the first-degree anchor values X and Y are associated; and generating an association score indicative of how closely the plurality of first-degree anchors are associated, based at least in part on how closely the first-degree anchor values X and Y are associated.

Systems, methods, apparatuses, and software for a content delivery network that caches content for delivery to end user devices is presented. In one example, a content delivery network (CDN) is presented having a plurality of cache nodes that cache content for delivery to end user devices. The CDN includes an anonymization node configured to establish anonymized network addresses for transfer of content to cache nodes from one or more origin servers that store the content before caching by the CDN. The anonymization node is configured to provide indications of relationships between the anonymized network addresses and the cache nodes to a routing node of the CDN. The routing node is configured to route the content transferred by the one or more origin servers responsive to content requests of the cache nodes based on the indications of the relationships between the anonymous network addresses to the cache nodes.

System, method, and device of detecting identity of a user and authenticating a user; as well as detecting a possible attacker or impostor, and differentiating among users of an electronic device or of a computerized service. A mobile or portable electronic device is utilized to capture a self-taken image or video of a user, which is utilized as a user-authentication factor. The accelerometer and gyroscope or device-orientation sensor of the mobile device, sense and measure spatial and physical device properties during, before or after the submission of the self-taken image or video. Based on such spatial and physical device properties, in combination with computer-vision analysis of the content shown in the self-taken image or video, the system determines liveness of the user and freshness of the submitted self-taken image or video, and differentiates between a legitimate user and an attacker.

System, method, and device of detecting identity of a user and authenticating a user; as well as detecting a possible attacker or impostor, and differentiating among users of an electronic device or of a computerized service. A mobile or portable electronic device is utilized to capture a self-taken image or video of a user, which is utilized as a user-authentication factor. The accelerometer and gyroscope or device-orientation sensor of the mobile device, sense and measure spatial and physical device properties during, before or after the submission of the self-taken image or video. Based on such spatial and physical device properties, in combination with computer-vision analysis of the content shown in the self-taken image or video, the system determines liveness of the user and freshness of the submitted self-taken image or video, and differentiates between a legitimate user and an attacker.

A system includes a terminal and a gateway. The terminal is programmed to identify, in received data, a signature of rogue data that includes at least a device identifier and an application identifier, and to transmit, via uplink to a satellite, the identified signature to a gateway. The gateway is programmed to block downlink data, upon determining that downlink data includes the received signature, and to broadcast the received signature to a second gateway.