A security surveillance system for a mobile device with a wireless interface and a control unit that is connected to the wireless interface comprises a security controller that is coupled to the wireless interface and that inspects at least data traffic incoming via the wireless interface at the mobile device according to a number, i.e. one or more, of predefined data rules, wherein the security controller generates a warning signal if the data traffic violates one of the predefined data rules, and a warning indicator that is coupled to the security controller and that generates a warning indication based on the warning signal.

A security surveillance system for a mobile device with a wireless interface and a control unit that is connected to the wireless interface comprises a security controller that is coupled to the wireless interface and that inspects at least data traffic incoming via the wireless interface at the mobile device according to a number, i.e. one or more, of predefined data rules, wherein the security controller generates a warning signal if the data traffic violates one of the predefined data rules, and a warning indicator that is coupled to the security controller and that generates a warning indication based on the warning signal.

In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.

In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.

Systems and methods are described for a data breach detection based on snapshot analytics. The described systems and methods identify a plurality of snapshots of a data structure, identify a plurality of leaf nodes of the data structure for each of the snapshots, generate a vector of data attributes for each of the leaf nodes, assign a weight to each of the vectors to produce a set of weighted vectors for each of the snapshots, compute a distance metric between each pair of the snapshots based on the corresponding sets of weighted vectors, and detect an abnormal snapshot among the plurality of snapshots based on the distance metrics.

A contactless card can include a plurality of keys for a specific operation, e.g., encryption or signing a communication. The contactless card can also include an applet which uses a key selection module. The key selection module can select one of the plurality of keys and the applet can use the key to, e.g., encrypt or sign a communication using an encryption or signature algorithm. The contactless card can send the encrypted or signed communication to a host computer through a client device. The host computer can repeat the key selection technique of the contactless device to select the same key and thereby decrypt or verify the communication.

A method, apparatus, and computer program product provide for updating configuration parameters of a universal integrated circuit card via dedicated network functions in a 5G system. In the context of a method, the method receives an encapsulation request from a unified data management module, the encapsulation request comprising data for at least one configuration parameter associated with a universal integrated circuit card of a user device. The method generates, in response to the encapsulation request, a secure packet comprising the at least one configuration parameter and a secure packet header. The method also provides the secure packet to the unified data management module for delivery to the user device.

A method, apparatus, and computer program product provide for updating configuration parameters of a universal integrated circuit card via dedicated network functions in a 5G system. In the context of a method, the method receives an encapsulation request from a unified data management module, the encapsulation request comprising data for at least one configuration parameter associated with a universal integrated circuit card of a user device. The method generates, in response to the encapsulation request, a secure packet comprising the at least one configuration parameter and a secure packet header. The method also provides the secure packet to the unified data management module for delivery to the user device.

A data packet verification method and a device improve network security. The method includes: receiving a data packet of a terminal device, where the data packet carries a first token and a service identifier, and the service identifier is used to indicate a type of a service to which the data packet belongs; obtaining first input information based on the data packet, and generating a second token based on the first input information, where the first input information includes an identifier of the terminal device and the service identifier carried in the data packet; and sending the data packet when the first token is the same as the second token.

A data packet verification method and a device improve network security. The method includes: receiving a data packet of a terminal device, where the data packet carries a first token and a service identifier, and the service identifier is used to indicate a type of a service to which the data packet belongs; obtaining first input information based on the data packet, and generating a second token based on the first input information, where the first input information includes an identifier of the terminal device and the service identifier carried in the data packet; and sending the data packet when the first token is the same as the second token.