An Internet of Things (IoT) network includes an IoT device with a communicator to send a communication including egress frame, protocol library builder to determine available protocols, frame analyzer to analyze an ingress frame, and frame builder to build the egress frame from the ingress frame. An IoT network includes an IoT device with network discoverer to identify available parallel communication channels between IoT device and target device, payload, payload fragmenter/packager to fragment the payload into sub-objects for transmission, and packet communicator to send sub-objects to the target device over parallel communication channels. An IoT network includes a plurality of IoT devices, which each include a communication channel to an upstream device, a network link to another one of the plurality of IoT devices, a hash calculator to identify a neighbor IoT device, and a communicator to send out a message to the neighbor IoT device.

A method for analyzing vulnerabilities may include: an analysis target URL receiving step of receiving a plurality of analysis target uniform resource locator (URL) addresses extracted from the analysis target server; an identification key setting step of setting respective identification keys corresponding to the plurality of analysis target URL addresses; a vulnerability analyzing step of performing a simulated attack so as to access the external server by the analysis target server by inserting an analysis hypertext transfer protocol (HTTP) request sentence including a URL address of an external server and the identification key into the analysis target URL address; an access record checking step of requesting an access record of the analysis target server to the external server; and a vulnerability extracting step of extracting a vulnerability of the analysis target server by using the identification key included in the access record.

A communication method applied to a customer-premises equipment (CPE), where the CPE works in a bridging mode, and the method includes that the CPE sends a first dialing request to a mobile communications network. The CPE accesses the mobile communications network after receiving a first dialing response. The CPE bridges a first public Internet Protocol (IP) address in the first dialing response to a router connected to the CPE. The CPE sends a second dialing request to the mobile communications network after accessing the mobile communications network. The CPE receives a second dialing response, obtains a second public IP address from the second dialing response, and establishes a logical link to the mobile communications network to communicate with the mobile communications network without relying on the router connected to the CPE.

A communication method applied to a customer-premises equipment (CPE), where the CPE works in a bridging mode, and the method includes that the CPE sends a first dialing request to a mobile communications network. The CPE accesses the mobile communications network after receiving a first dialing response. The CPE bridges a first public Internet Protocol (IP) address in the first dialing response to a router connected to the CPE. The CPE sends a second dialing request to the mobile communications network after accessing the mobile communications network. The CPE receives a second dialing response, obtains a second public IP address from the second dialing response, and establishes a logical link to the mobile communications network to communicate with the mobile communications network without relying on the router connected to the CPE.

Service-to-service role mapping systems and methods are disclosed herein. An example role mapping service gathers user metadata before the role mapping by a second service. The user metadata is communicated to a first service which embeds the user metadata in a communication to the first service where the role mapping service maps one or more search engine service roles to a user based on the user metadata.

Service-to-service role mapping systems and methods are disclosed herein. An example role mapping service gathers user metadata before the role mapping by a second service. The user metadata is communicated to a first service which embeds the user metadata in a communication to the first service where the role mapping service maps one or more search engine service roles to a user based on the user metadata.

Methods, apparatus, and articles of manufacture for decentralized data storage and processing for IoT devices are disclosed. An example apparatus includes memory; and a processor to cause storage of a contract in an off-chain datastore; generate a hash value of the contract; cause storage of the hash value on a blockchain to be accessible to multiple nodes in an IoT network; and cause storage of a transaction on the blockchain, the transaction corresponding to an objective of the contract based on data sensed by an IoT device in the IoT network.

Methods, apparatus, and articles of manufacture for decentralized data storage and processing for IoT devices are disclosed. An example apparatus includes memory; and a processor to cause storage of a contract in an off-chain datastore; generate a hash value of the contract; cause storage of the hash value on a blockchain to be accessible to multiple nodes in an IoT network; and cause storage of a transaction on the blockchain, the transaction corresponding to an objective of the contract based on data sensed by an IoT device in the IoT network.

Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.