Systems and methods for inspection of traffic between UE and the core network to mitigate DDoS attacks on mobile networks are provided. According to one embodiment, the method involves parsing SCTP packets and monitoring header anomalies to block anomalous packet floods. According to another embodiment, a memory table maintains requesting S1AP-IDs which have sent certain monitored commands and then blocking those which are sending these messages at abnormally high rates. According to yet another embodiment, a packet classifier parses the GTP-U protocol, unwraps the encapsulated IP packet and then monitors layer 3, 4 and 7 rate-based attacks such as UDP, ICMP, SYN, HTTP GET floods and drops them to protect the targeted Internet server as well as mobile infrastructure (e.g., the MME, the SGW, the PGW, and the PDN) downstream from the DDoS mitigation system.

Systems and methods for inspection of traffic between UE and the core network to mitigate DDoS attacks on mobile networks are provided. According to one embodiment, the method involves parsing SCTP packets and monitoring header anomalies to block anomalous packet floods. According to another embodiment, a memory table maintains requesting S1AP-IDs which have sent certain monitored commands and then blocking those which are sending these messages at abnormally high rates. According to yet another embodiment, a packet classifier parses the GTP-U protocol, unwraps the encapsulated IP packet and then monitors layer 3, 4 and 7 rate-based attacks such as UDP, ICMP, SYN, HTTP GET floods and drops them to protect the targeted Internet server as well as mobile infrastructure (e.g., the MME, the SGW, the PGW, and the PDN) downstream from the DDoS mitigation system.

A computer-implemented method is provided for safety analysis of a technical system including a human object. The method includes: determining a system model of the technical system including the human object; determining for at least one use case of the technical system in accordance with a human interaction of the human object with the technical system; and simulating the technical system in accordance with the system model and the at least one use case. The simulating of the technical system includes tracking of safety hazard events in relation to the human interaction.

A method of determining a proximity of an antenna located in a payment instrument to an antenna located within an electronic device may include receiving, at the antenna located within the electronic device, a first signal from the antenna located in the payment instrument, the first signal received at a first time, receiving, at the antenna located within an electronic device, a second signal from the antenna located in the payment instrument, the second signal received at a second time, the second time being later than the first time, determining a difference in a signal strength between the first and second signals, and displaying, on a display of the electronic device, an indication based on the determination.

A method is disclosed. The method comprising: receiving, by an access control sewer via a directory sewer from an authentication requestor, an authentication request comprising an account identifier, and information regarding a prior authentication method on the account identifier and a current authentication method for the account identifier associated with a transaction; performing, by the access control server, a risk analysis for the transaction based at least in part on the information and a threshold; authenticating, by the access control server, the user of the account identifier using the information, the account identifier, and a result of the risk analysis; modifying, by the access control server, an authentication response to include an authentication indicator, and transmitting, by the access control sewer, the authentication response to the authentication requestor.

An authorization process employs a network ID as a possession factor for a secure account, such as a bank account or e-mail account, and determines one or more risk indicators associated with the possession factor. The authorization process is successfully completed when a risk score that is based on the risk indicators is less than a certain risk threshold. The risk indicators include a device history of the network ID and/or at least one attribute of a cellular account associated with the network ID. The device history identifies other mobile devices and/or SIM cards, if any, that have been previously activated with the network ID, while the one or more attributes can further indicate potentially fraudulent activity associated with the cellular account through which wireless services for the network ID are currently provided.

User interface (UI) manipulation techniques are disclosed that can allow a user device to hide and obscure sensitive information displayed on a flexible, foldable, or otherwise reconfigurable display from onlookers whilst maintaining or improving its accessibility exclusively to the primary user. Examples of the disclosed techniques can manipulate the UI in a way such that it is largely only viewable as intended when the user device is physically configured to a certain folding angle (and/or viewing angle). In some examples, the UI can be customized such that it promotes a certain device configuration (e.g., folding angle) that can provide an optimum security configuration for the user's current surroundings. The UI displayed on the display screen can change in form factor (e.g., an intended size as viewed by the user) to adapt to the current surroundings and/or based on the sensitivity in the displayed content.

Methods and systems for consensus-based online authentication are provided. An encryption device may be authenticated based on an authentication cryptogram generated by the encryption device. The encryption device may transmit a request for security assessment to one or more support devices. The support devices may individually assess the encryption device, other security devices, and contextual information. The support devices may choose to participate in a multi-party computation with the encryption device based on the security assessments. Support devices that choose to participate may transmit one or more secret shares or partial computations to the encryption device. The encryption device may use the secret shares or partial computations to generate an authentication cryptogram. The authentication cryptogram may be transmitted to a decryption device, which may decrypt the authentication cryptogram, evaluate its contents, and authenticate the encryption device based on its contents.

Techniques discussed herein can facilitate improved security establishment procedures for Vehicle to Everything (V2X) direct connections. Various embodiments are employable at or comprise User Equipment, and can initiate and/or receive V2X security establishment connections wherein a receiving UE can reject the connection based on the initiating UE's capabilities/policy and/or the initiating UE can make the final decision regarding the connection based at least on receiving security policy and capability information from the receiving UE.

An apparatus for providing secure communications may include a processor; memory in electronic communication with the processor; an output in electronic communication with the processor; and instructions stored in the memory and executable by the processor to cause the apparatus to store a plurality of encryption protocols; store at least one encryption hopping protocol; select at least one encryption hopping protocol; encrypt the data according to the selected encryption hopping protocol; and transmit data from the output utilizing the selected encryption hopping protocol.