A system and a method are disclosed for detecting a malicious website. In an embodiment, a mobile device detects a URL referencing an unknown website. Responsive to detecting the URL, the mobile device retrieves a representative image of the unknown website. The mobile device determines whether the representative image matches an image of a known legitimate website. Responsive to determining that the representative image matches the image of the known legitimate website, the mobile device determines if the unknown website is malicious. The mobile device performs a security action responsive to determining that the website is malicious.

System, device, and method of adaptive network protection for managed Internet-of-Things (IoT) services. A network traffic monitoring unit monitors data traffic, operations-and-management traffic, and control messages, that relate to cellular communication between an IoT device and a core cellular network. An IoT grouping unit groups multiple IoT devices into a particular IoT group. A baseline behavior determination unit determines a Regular Baseline Cellular Communication Behavior (RBCCB) profile that characterizes the cellular communications that are outgoing from and incoming to each member of the particular IoT group. An outlier detector subsequently detects that a particular IoT device of that particular IoT group, exhibits cellular traffic characteristics that are abnormal relative to the RBCCB profile that was characterized for that particular IoT group. An enforcement actions generator is triggered to selectively perform one or more enforcement operations, notification operations, and quarantine operations.

System, device, and method of adaptive network protection for managed Internet-of-Things (IoT) services. A network traffic monitoring unit monitors data traffic, operations-and-management traffic, and control messages, that relate to cellular communication between an IoT device and a core cellular network. An IoT grouping unit groups multiple IoT devices into a particular IoT group. A baseline behavior determination unit determines a Regular Baseline Cellular Communication Behavior (RBCCB) profile that characterizes the cellular communications that are outgoing from and incoming to each member of the particular IoT group. An outlier detector subsequently detects that a particular IoT device of that particular IoT group, exhibits cellular traffic characteristics that are abnormal relative to the RBCCB profile that was characterized for that particular IoT group. An enforcement actions generator is triggered to selectively perform one or more enforcement operations, notification operations, and quarantine operations.

Adaptive scanning is described. The adaptive scanning may include performing a passive scan of communications associated with a device, where the passive scan comprises observing one or more communications of the device over a network. One or more attributes associated with the device based on the passive scan are determined and an active scan of the device is performed based on the one or more attributes based on the passive scan. The active scan is customized for the device based on the one or more attributes determined based on the passive scan and the active scan comprises sending one or more requests to the device. One or more attributes associated with the device may be determined based on the active scan. The one or more attributes based on the passive scan and the one or more results based on the active scan associated with the device are stored.

A system, method and computer program product for computer based open innovation, includes an asset valuation device receiving asset information regarding one or more tangible or non-tangible assets, and generating a valuation signal, based on the asset information; a self-executing code device receiving the valuation signal, and generating a self-executing code signal, based on the valuation signal; an air router device having both a low band radio channel, and an internet router channel for redundant internet communications, and a malicious code removal device for scrubbing malicious code from data received, receiving the valuation signal, and generating a node voting request signal, based on the valuation signal; and a mesh network having a plurality of node devices receiving the node voting request signal, and generating vote confirmation signals, based on the node voting request signal.

A device for detecting nefarious communication signals in a vehicle includes a detection support logic, a nefarious logic, a filtering circuit, and a microcontroller. The device receives a measurement signal from the detection support logic. The device determines a characteristic of an alternating current (AC) signal during communication at a first time on a wiring harness of the vehicle based on the measurement signal. The device determines the characteristic of the AC signal at a second time based on the measurement signal. The device determines that the characteristic measured during the first time differs from the characteristic measured during the second time. The device transmits a blocking signal to the nefarious logic to filter a frequency band of a communication conductor of the wiring harness in response to the determination that the characteristic measured during the first time differs from the characteristic measured during the second time.

A device for detecting nefarious communication signals in a vehicle includes a detection support logic, a nefarious logic, a filtering circuit, and a microcontroller. The device receives a measurement signal from the detection support logic. The device determines a characteristic of an alternating current (AC) signal during communication at a first time on a wiring harness of the vehicle based on the measurement signal. The device determines the characteristic of the AC signal at a second time based on the measurement signal. The device determines that the characteristic measured during the first time differs from the characteristic measured during the second time. The device transmits a blocking signal to the nefarious logic to filter a frequency band of a communication conductor of the wiring harness in response to the determination that the characteristic measured during the first time differs from the characteristic measured during the second time.

The described technology is generally directed towards spammer location detection, and in particular, to locating a spammer that makes multiple calls from a given location via a cellular communications network. In some examples, network equipment can obtain call trace records associated with the multiple calls, identify a group of call trace records based on a shared call trace feature, aggregate data from call trace records within the group, and determine an estimated location based on the aggregated data.

The described technology is generally directed towards spammer location detection, and in particular, to locating a spammer that makes multiple calls from a given location via a cellular communications network. In some examples, network equipment can obtain call trace records associated with the multiple calls, identify a group of call trace records based on a shared call trace feature, aggregate data from call trace records within the group, and determine an estimated location based on the aggregated data.

Secured automated or semi-automated systems are provided herein. In one embodiment, a sensor system includes a sensor, a legacy computing environment that is configured to communicate with the sensor and process sensor raw data output, and transmit the processed sensor output to a first network node over the network, and a trusted computing environment configured to receive raw sensor output directly from the sensor and transmit the raw sensor output to an additional network node or the first network node over the network.