Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for validating interactions with false rendered elements. In one aspect, a method includes receiving a rendering notification and a declaration of a rendered element defined in an active window on a client device, detecting interaction with the rendered element at the client device, determining whether the interaction occurred at a declared location of the rendered element within the active window, and processing the interaction including: in response to determining that the interaction occurred: capturing a screenshot of the active window on the client device; verifying a visual appearance of the rendered element in the screenshot with a declared appearance of the rendered element, and generating an interaction attestation, thereby validating the interaction. In response to determining that the interaction did not occur, refraining from generating the interaction attestation.

Disclosed is a terminal device. The terminal device includes: a communication interface comprising communication circuitry, a memory configured to store at least one command, and a processor, connected to the communication interface and the memory and configured to control the terminal device, the processor, by executing the at least one command, is further configured to: based on receiving, from an external server, sequence information of a plurality of attack words and a system call pattern associated with the sequence information, store the received sequence information and the received system call pattern in the memory, compare a system call command sequentially generated in the terminal device with the stored sequence information and the stored system call pattern, perform a security operation based on the comparison, and the sequence information of the plurality of attack words and the system call pattern associated with the sequence information may be generated by an external server, based on each of the plurality of attack words being identified from target information as occurring by a predetermined number or more.

Disclosed is a terminal device. The terminal device includes: a communication interface comprising communication circuitry, a memory configured to store at least one command, and a processor, connected to the communication interface and the memory and configured to control the terminal device, the processor, by executing the at least one command, is further configured to: based on receiving, from an external server, sequence information of a plurality of attack words and a system call pattern associated with the sequence information, store the received sequence information and the received system call pattern in the memory, compare a system call command sequentially generated in the terminal device with the stored sequence information and the stored system call pattern, perform a security operation based on the comparison, and the sequence information of the plurality of attack words and the system call pattern associated with the sequence information may be generated by an external server, based on each of the plurality of attack words being identified from target information as occurring by a predetermined number or more.

According to an example aspect of the present invention, there is provided a method comprising, determining, by an apparatus configured to operate as a network function a cellular communication system, at least two disjoint network paths, wherein the at least two disjoint network paths are different paths, and comprise different physical resources, transmitting, by the apparatus, a subscription request to an analytics function of the cellular communication system, to request notifications about attacks or risks of attacks on at least one network function on at least one of the at least two disjoint network paths, receiving from the analytics function, by the apparatus, information about at least one compromised network entity and/or at least one network entity having a risk of being compromised on said at least one of the at least two disjoint network paths and performing, by the apparatus, attack mitigation based on said information.

According to an example aspect of the present invention, there is provided a method comprising, determining, by an apparatus configured to operate as a network function a cellular communication system, at least two disjoint network paths, wherein the at least two disjoint network paths are different paths, and comprise different physical resources, transmitting, by the apparatus, a subscription request to an analytics function of the cellular communication system, to request notifications about attacks or risks of attacks on at least one network function on at least one of the at least two disjoint network paths, receiving from the analytics function, by the apparatus, information about at least one compromised network entity and/or at least one network entity having a risk of being compromised on said at least one of the at least two disjoint network paths and performing, by the apparatus, attack mitigation based on said information.

Systems and methods are provided to stop both external and internal fraud, ensure correct actions are being followed, and information is available to fraud teams for investigation. The system includes components that can address: 1) behavioral analytics (ANI reputation, IVR behavior, account activity)—this gives a risk assessment event before a call gets to an agent; 2) fraud detection—the ability to identify, in real time, if a caller is part of a fraudster cohort' and alert the agent and escalate to the fraud team; 3) identity authentication—the ability to identify through natural language if the caller is who they say they are; and 4) two factor authentication—the ability to send a text message to the caller and automatically process the response and create a case in the event of suspected fraud.

Provided are a method for managing network slice connection, a terminal and a computer-readable storage medium. The method for managing network slice connection includes: obtaining connection request information transmitted by a terminal application in a case where the terminal application initiates a network slice connection request; performing an authentication process on the terminal application initiating the network slice connection request; and in response to the terminal application passing the authentication process, enabling the terminal application to connect to a network slice according to the connection request information.

The present disclosure is directed to distributing processing capabilities throughout different nodes in a wireless mesh network. Methods and apparatus consistent with the present disclosure increase the efficiency of communications in a wireless mesh network because they help minimize the need to forward communications to other nodes in the wireless mesh network such that an evaluation can be performed. Apparatus and methods consistent with the present disclosure may distribute ratings or verdicts associated with previous requests to access data to different nodes in a wireless mesh network without generating additional wireless communications through the wireless mesh network. Apparatus and methods consistent with the present disclosure distribute content ratings to different nodes in a wireless network such that different wireless nodes may block redundant requests to undesired content without increasing messaging traffic.

An Electronic Control Unit (ECU) provides security for an automotive system. The ECU is classified according to a Cybersecurity Assurance Level (CAL) and calculates a cryptographic value for one or more or all modules of the ECU. The calculated cryptographic value is compared with a stored cryptographic value. Based on the CAL classification of the ECU, either control to one or more modules of the ECU is provided or the ECU is shut down as follows: when the calculated cryptographic value matches the stored cryptographic value, control to the one or more or all modules of the ECU is provided; and, when the calculated cryptographic value does not match the stored cryptographic value, the ECU is shut down in one of a current boot cycle or a subsequent boot cycle.

A computer-implemented method for determining security reputations of wireless network access points may include (1) receiving a unique identifier for a wireless network access point to which a mobile device has connected and security information that identifies the security posture of the mobile device after connecting to the wireless network access point, (2) adding the unique identifier and the security information to a security database, (3) correlating the security information with an additional set of security information that identifies the security posture of an additional mobile device after connecting to the wireless network access point, (4) assigning a security reputation to the wireless network access point, and (5) enabling a requesting mobile device to determine whether to connect to the wireless network access point by providing the security reputation of the wireless network access point to the requesting mobile device. Various other methods, systems, and computer-readable media are also disclosed.