Some embodiments provide a method for detecting a threat to a datacenter. The method generates a graph of connections between data compute nodes (DCNs) in the datacenter. Each connection has an associated time period during which the connection is active. The method receives an anomalous event occurring during a particular time period at a particular DCN operating in the datacenter. The method analyzes the generated graph to determine a set of paths between DCNs in the datacenter that include connections to the particular DCN during the particular time period. The method uses the set of paths to identify a threat to the datacenter.

A communication device is a communication device connected to a mobility network which is a network mounted in a mobility and which is used by a plurality of electronic control devices for communication. The communication device includes: a holding unit which holds range information indicating a transferable path range determined for a message on the mobility network; a receiving unit which receives the message on the mobility network; and a determining unit which determines validity of the received message by using the range information.

In one embodiment, a network device, includes a network interface port configured to receive data symbols from a network node over a packet data network, at least some of the symbols being included in data packets, and controller circuitry including physical layer (PHY) circuitry, which includes receive PHY pipeline circuitry configured to process the received data symbols, and a counter configured to maintain a counter value indicative of a number of the data symbols in the receive PHY pipeline circuitry.

In an example implementation, a print supply cartridge comprises a microcontroller to receive a timing challenge and enable authentication of the cartridge by providing a challenge response. The challenge response is provided in a challenge response time that falls within an expected time window.

Novel tools and techniques are provided for implementing monitoring and detection of fraudulent or unauthorized use in telephone conferencing systems or voice networks. In various embodiments, a computing system might monitor call activity through telephone conferencing system or voice network. In response to detecting use of the telephone conferencing system or voice network by at least one party based on the monitored call activity, the computing system might identify incoming and/or outgoing associated with a call initiated by the at least one party. The computing system might analyze the identified incoming and/or outgoing call data to determine whether the call initiated by the at least one party constitutes at least one of fraudulent use or unauthorized use of the telephone conferencing system or voice network. If so, the computing system might initiate one or more first actions.

Systems, apparatuses, methods, and computer program products are disclosed for generating behavioral attribute data structures. An example method includes generating, by video monitoring circuitry, a video data structure comprising a video stream captured over a duration of time, wherein the video stream comprises a plurality of video frames, extracting, by biometric attribute generation circuitry, a set of biometric attributes from the video stream, generating, by biometric attribute generation circuitry, a biometric attribute data structure comprising the set of biometric attributes extracted from the video data structure, generating, by sensor circuitry, a sensor data structure comprising a set of sensor data captured over the duration of time, and generating, by behavioral attribute generation circuitry, a behavioral attribute data structure from the sensor data structure and the biometric attribute data structure, wherein the behavioral attribute data structure comprises a set of behavioral attributes of the user derived from the set of sensor data.

Systems and methods provide a platform for threat information sharing. A method comprises transmitting an access permission request to a blockchain network. The request asks for access to cyber threat information stored in at least one cyber threat information storage system. The information may come from a plurality of organizations. The blockchain network may include a blockchain ledger storing access control information from the plurality of organizations. Upon receipt of a reference to an access permission token generated by the blockchain network using at least one smart contract, a transaction request to the cyber threat information server may be sent. In response to the transaction request including the reference to the access permission token, the requested cyber threat information may be retrieved from the cyber threat information server.

System and method for secure time synchronization in an industrial facility, wherein a synchronization request of a facility component is transmitted to a registration service of a certificate management of the facility and the synchronization request is examined by the registration service, where the synchronization request includes a signature of the requesting facility component, and where depending on an outcome of the examination, a synchronization response is then transmitted to the requesting facility component a system time of the facility component is matched to a system time of the registration service based on the synchronization response.

A smart device includes a transceiver for outputting a user identifier to an authentication server, for receiving a data packet and a pre-authorization token from the authentication server, wherein the data packet comprises reader identifiers associated with a plurality of reader devices, and wherein the pre-authorization token indicates that smart device is approved to interact with the plurality of reader devices, a storage device for storing the reader identifiers and the pre-authorization token, wherein the transceiver is for receiving a reader identifier from a reader device, a processor for determining an authorized reader condition when the reader identifiers includes the reader identifier, wherein the processor is for determining a reader token in response to the pre-authorization token and the authorized reader condition, wherein the transceiver for transmitting the reader token to the reader device.

A network device includes: a network interface configured to receive target data, a first processor configured to determine feature information of the target data, a second processor configured to perform preprocessing on the feature information, and a third processor configured to perform inference on a preprocessing result. In addition, the second processor is further configured to perform policy analysis based on an inference result.