This invention relates to a process for detecting and mitigating risk generated when a customer's log-in credentials are compromised. A significant majority of stolen credentials and customer's personally identifiable information data eventually make their way to the dark web. By dynamically monitoring the dark web and combining the analysis with related information about the user and their credentials on the deep web and the surface web, through a machine learning model, a service provider pre-emptively or otherwise can act to mitigate the risk arising from such compromise of said customer log-in credentials.

User equipment is registered with a visited public land mobile network, VPLMN, in a process including: producing at the user equipment a concealed identifier; producing at the user equipment a freshness code; and sending by the user equipment to the VPLMN the concealed identifier and the freshness code; receiving by the user equipment an identity request from the VPLMN indicating that the long-term identifier must be transmitted to the VPLMN in a non-concealed form; receiving by the user equipment from the VPLMN a permission authenticator; and verifying at the user equipment if the permission authenticator has been formed with a cryptographic authentication of the home public land mobile network, HPLMN, and the user equipment or a subscription module at the user equipment indicating permission to transmit the long-term identifier to the VPLMN in the non-concealed form and if yes, transmitting the long-term identifier to the VPLMN in the non-concealed form.

Aspects of the subject disclosure may include, for example, selecting, a group of International Mobile Subscriber Identities (IMSIs), selecting a group of traffic simulator devices, and provisioning each of the group of IMSIs to each of the group of traffic simulator devices. Further embodiments can include providing first instructions to a first portion of the group of traffic simulator devices. The first instructions cause the first portion of the group of traffic simulator devices to generate simulated voice traffic over a first plurality of time periods. Additional embodiments can include providing second instructions to a second portion of the group of traffic simulator devices. The second instructions cause the second portion of the group of traffic simulator devices to generate simulated data traffic over a second plurality of time periods. Other embodiments are disclosed.

Methods and devices employed in providing lawful interception (LI) by products related to a service session of an LI target as a unique chain. The packets sent to a legal enforcement agency are chained and have shorter headers. The number of packets is reduced by including both intercept-related information (IRI) and content of communications (CC) in the same packet if time-wise appropriate.

The present disclosure relates to the field of communication technology, and provides a UPF configuration method, a UPF configuration apparatus and a device. The UPF configuration method for a network device includes calling a policy control service of a UPF. The policy control service is used to configure a network policy for the UPF, or configure the network policy and network policy triggering information for the UPF.

An apparatus for monitoring a plurality of devices that use a plurality of networks includes a network interface and a processor. The processor is configured to receive, via the network interface, a plurality of packets that were collectively communicated, from the devices, via all of the networks, to aggregate the packets, using at least one field that is included in respective packet headers of the packets, into a plurality of packet aggregations, such that all of the packets in each one of the packet aggregations were collectively communicated from no more than one of the devices, to group the packet aggregations into a plurality of groups, such that there is a one-to-one correspondence between the groups and the devices, in that all of the packets in each of the groups were collectively communicated from a different respective one of the devices, and to generate an output in response thereto.

A computer-implemented system and method for secure electronic message exchange includes receiving an encrypted message between one of an inmate or an outside user. The message is transmitted between the users without decrypting the message at the server to ensure privacy. In various configurations, the message is stored at the server in encrypted form and a notification message is transmitted to a recipient. The recipient may then request retrieval of the message from the server. After being authenticated, the encrypted message is provided to the recipient without being decrypted at the server.

Techniques for deperimeterized access control are described. A method of deperimeterized access control may include receiving, by a controller of a deperimeterized access control service, a single packet authorization (SPA) request for a session ticket from an agent on a electronic device, wherein the agent sends the request for the session ticket in response to intercepting traffic destined for a service associated with the deperimeterized access control service and determining that the agent does not have a session ticket for the service, authorizing the SPA request, providing a session ticket to the agent based on the request, receiving, by a gateway of the deperimeterized access control service, a request to initiate a session with a service, the request including the session ticket, validating the session ticket, and providing session parameters to the agent to be used to initiate the session between the electronic device and the service.

There is disclosed in one example a computing apparatus, including: a hardware platform, including a processor and a memory; and executable instructions encoded in the memory to provide a client-only virtual private network (VPN) including a VPN client and a VPN server on a single physical device, wherein the VPN client is configured to communicatively couple to the VPN server and to provide proxied Internet protocol (IP) communication services via the VPN server.

An apparatus for monitoring a plurality of devices that use a plurality of networks includes a network interface and a processor. The processor is configured to receive, via the network interface, a plurality of packets that were collectively communicated, from the devices, via all of the networks, to aggregate the packets, using at least one field that is included in respective packet headers of the packets, into a plurality of packet aggregations, such that all of the packets in each one of the packet aggregations were collectively communicated from no more than one of the devices, to group the packet aggregations into a plurality of groups, such that there is a one-to-one correspondence between the groups and the devices, in that all of the packets in each of the groups were collectively communicated from a different respective one of the devices, and to generate an output in response thereto.