A wireless User Equipment (UE) generate a Session Initiation Protocol (SIP) message that comprises a SIP header and a user message. The SIP header indicates a priority QoS and the user message indicates a message destination. The wireless UE wirelessly transfers the SIP message to a wireless network and the wireless network transfers the SIP message to a message network. In response to the priority QoS indicated in the SIP header, the message network generates and transfers another SIP message using the priority QoS. The other SIP message comprises another SIP header and the user message.

A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

A method, non-transitory computer readable medium and apparatus for changing a quality of service for data packets that are delivered over-the-top are disclosed. For example, the method includes a processor that identifies the data packets as video data packets that are delivered over-the-top in a communication network, changes the quality of service associated with the data packets from a best effort quality of service level to a higher priority quality of service level, monitors the data packets until no video data packet is identified in the data packets and changes the quality of service associated with the data packets back to the best effort quality of service level from the higher priority quality of service level.

Example packet control methods and apparatus are described. One example method includes detecting a packet flow causing a congestion status change. A congestion isolation message is generated and is used to change a priority of a packet in the packet flow. The congestion isolation message includes description information of the packet flow. The congestion isolation message is sent to at least one node.

A method for dividing communication services in smart substation into different priorities, the method including: determining the priority of a message to be sent according to the service type and its priority definition; the communication services includes trip message, state change message, sampled value message, device status message, time synchronization message, and file transfer message; the corresponding priority is respectively defined as 7, 6, 5, 4, 3, 1; and filling the user priority field of IEEE802.1Q label in a message header with a binary value corresponding to its priority.

For an application collectively transmitting a group of packets desired to be transmitted at once, the group of successive packets are transferred with low latency, while fairness is maintained among communication flows with the identical priority. A packet transfer device 100 includes a packet classification unit 120 configured to classify received packets, queues 140 for respective classifications, priorities being set to the queues, a dequeue processing unit 150 configured to extract packets from the queue under a predetermined rule based on the priorities set to the queues, and a queue priority control unit 130 configured to perform control, upon detecting that a reception amount of packets related to a communication flow temporarily or intermittently increases from a reception amount under a normal condition, such that a priority of one of the queues holding the packets related to the communication flow is temporarily raised from a priority under the normal condition, during a period while the reception amount of packets related to the communication flow temporarily or intermittently increases.

A system for transferring a frame within an Ethernet network of a vehicle. The system includes an Ethernet switch, first and second feature modules and a NAM. The Ethernet switch includes first and second ports connected respectively to the first and second feature modules. The NAM: receives a priority request message from the second feature module; generates a priority response message indicating information for the second feature module to set a priority level of a frame; and transmits the priority response message to the second feature module. The Ethernet switch: receives the frame from the second feature module at the first port, where the frame has a first bit indicative of the priority level and a second bit indicative of a port of the first feature module; and forwards the frame, based on the first and second bits, to a corresponding one of the queues having the priority level and for transmission to the port of the first feature module.

This application provides a packet processing method and apparatus, to avoid chain impact of an abnormal packet caused by an abnormal underlying latency on an uncertain target flow. The method includes: receiving, by a first device, a first packet sent by a second device, where the first packet carries a first label, and the first label is determined based on a cycle in which the second device sends the first packet; determining, by the first device based on the first label, whether the first packet is a normal packet; if determining that the first packet is a normal packet, determining, by the first device, a second packet based on the first packet, where the second packet carries a second label; and sending, by the first device, the second packet to a third device in a first cycle, where the second label is determined based on the first cycle.

A computer-implemented method for protecting a processing environment from malicious incoming network traffic may be provided. The method comprises: in response to receiving incoming network traffic comprising a data packet, performing a packet and traffic analysis of the data packet to determine whether said data packet is non-malicious and malicious, and processing of the data packet in a sandbox environment. Furthermore, the method comprises: in response to detecting that the data packet is non-malicious based on the packet and traffic analysis, releasing the processed data packet from the sandbox environment for further processing in the processing environment, and in response to detecting that the data packet is malicious based on the packet and traffic analysis discarding the data packet.

Methods and apparatus for memory allocation and reallocation in networking stack infrastructures. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. A user space networking stack is disclosed that enables extensible, cross-platform-capable, user space control of the networking protocol stack functionality. The user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack). Due to this disclosed architecture, physical memory allocations (and deallocations) may be more flexibly implemented.