Possible Denial of Service (DoS) activity is detected and remediated based on an initial heartbeat failure from a network asset, followed by externally directed network traffic from the network asset. In general, an interruption of the heartbeat can signal the possible presence of malware on the network asset, and the externally directed network traffic, and particularly certain patterns of traffic such as a high volume of traffic toward an address with a known, good reputation, can signal the possible presence of a DoS bot on the network asset that is sourcing the network traffic.

The application discloses an electronic operating device (100) arranged to protect communication between a consumer application (125) and a network-connected consumer device (300). The operating device protects a command message by signing the command message with a private key obtained from a key storage of the operating device (optionally also encrypting the command message with an encryption key), and sends the protected command message to the network controller (200). The network controller performs the verification of the signature of the command message such that legacy consumer devices without cryptographic capability can be used. The signature ensures that only authorised devices (100) can send commands to the consumer device (300).

Discussed are a cross certification method and a certifying device to perform the method. The certifying device can include a certification communication unit; a certification storage unit; and a certification control unit, wherein when a first certification is approved, the certification control unit encrypts a second identification information with a unidirectional encryption algorithm to generate a certification cryptogram, and transmits the certification cryptogram to an electronic device to request a second certification, when receiving a first random number in response to the request for the second certification, the certification control unit inputs the second identification information and an initial vector to a random number generating algorithm to generate a second random number, and the certification control unit compares the first random number and the second random number to verify the first random number, and determines whether to approve the second certification according to a result of the verification.

Systems and methods described herein provide for building policies using namespaces. A device may receive a request to access a resource in a computing environment. The request may include one or more attributes. The device may identify a set of namespaces having domain-specific policy grammar to generate domain-specific policies. The device may determine a namespace from the identified set of namespaces which corresponds to the one or more attributes of the request. The device may generate, using domain-specific policy grammar of the determined namespace, a domain-specific policy to apply to the request.

Each of the plurality of network assets on the private network is identified and categorized according to a CPE for storage in a device inventory database, and to generate an asset profile for each of the plurality of network assets. Attacks on the plurality of assets related to each of the identified CPEs are identified and monitored according to a CVE (common vulnerabilities exposures) format, and determine whether the CVE is relevant against the asset profile. Responsive to detecting a relevant CVE notification including CVE-id, impact on one or more network assets affected by the CVE based on the asset profiles is determined. The impact is either low impact, high impact and blocked, or high impact and unblocked.

A system and method for implementation of transaction security on a distributed ledger-based Mobility-as-a-Service (MaaS) platform is provided. The system includes a message broker device which receives a transaction request associated with a transport service from a publisher node of a transportation provider. The message broker device routes, via an API gateway hosted on the message broker device, the transaction request to a subscriber node of the transportation provider. The API gateway validates the transaction request based on application of a set of security rules on the transaction request. The subscriber node is associated with a first node of a distributed ledger node that stores a first state object. The first state object includes transaction data associated with the transport service. The distributed ledger node receives the validated first transaction request from the API gateway, via the subscriber node and updates the transaction data based on the received transaction request.

Systems, methods, and computer-readable media are provided for generating a unique ID for a sensor in a network. Once the sensor is installed on a component of the network, the sensor can send attributes of the sensor to a control server of the network. The attributes of the sensor can include at least one unique identifier of the sensor or the host component of the sensor. The control server can determine a hash value using a one-way hash function and a secret key, send the hash value to the sensor, and designate the hash value as a sensor ID of the sensor. In response to receiving the sensor ID, the sensor can incorporate the sensor ID in subsequent communication messages. Other components of the network can verify the validity of the sensor using a hash of the at least one unique identifier of the sensor and the secret key.

The Distributed Software Defined Network (dSDN) disclosed herein is an end-to-end architecture that enables secure and flexible programmability across a network with full lifecycle management of services and infrastructure applications (fxDeviceApp). The dSDN also harmonizes application deployment across the network independent of the hardware vendor. As a result, the dSDN simplifies the network deployment lifecycle from concept to design to implementation to decommissioning.

A telecommunication system can include routing devices, a bearer-management device, and a policy-management device. The bearer-management device can receive a request from a terminal to create a specialized bearer (SB) for a non-audio, non-video media type. The bearer-management device can determine that the request is associated with an authorized user, and then send a setup message comprising a Quality of Service (QoS) indicator to the policy-management device. The policy-management device can create the SB permitting data exchange between the terminal and a routing device. The SB can have QoS characteristics associated with the QoS indicator. In some examples, the terminal can receive a network address, determine an associated network port, and send a SIP INVITE message indicating the non-audio, non-video media type. The terminal can then exchange data on the network port with a peer network terminal.

Systems, methods, and related technologies for classification are described. Network traffic from a network may be accessed and an entity may be selected. One or more values associated with one or more properties associated with the entity may be determined. The one or more values may be accessed from the network traffic. A first model associated with a first level of granularity is accessed. A first classification result of the entity based on the first model is determined by a processing device. A second model associated with a second level of granularity is accessed. The second level of granularity is higher than the first level of granularity and the second model is accessed based on the first classification result. A second classification result of the entity based on the second model is determined. At least one of the first classification result or the second classification result is stored.