Techniques for providing network slice-based security in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for network slice-based security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network slice information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network slice information.

Techniques for providing network slice-based security in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for network slice-based security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network slice information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network slice information.

A computer device may include a memory storing instructions and processor configured to execute the instructions to host a network function container that implements a microservice for a network function in a wireless communications network, wherein the network function container is deployed by a container orchestration platform; host a service proxy container associated with the network function container, wherein the service proxy container is deployed by the container orchestration platform; and configure the hosted service proxy container to apply a wireless network policy to the microservice for the network function. The processor may be further configured to intercept messages associated with the microservice for the network function using the configured service proxy container; and apply the wireless network policy to the intercepted messages using the configured service proxy container.

A threat monitoring and vulnerability management system is disclosed. The system includes one or more sensors configured to scan a frequency spectrum of a project 25 (P25) network and to collect data on the P25 network. The system further includes a server coupled to the sensors and configured to receive the collected data from the plurality of sensors, compare the collected data with previously stored historical data to determine whether an anomaly exists within data patterns of the collected data, responsive to determining that the anomaly exists, determine at least one of: whether use of a cloned radio that mimics an authorized connection occurs, whether jamming of a radio frequency (RF) communication occurs, or whether jamming of a voice communication occurs within the P25 network by comparing the collected data with preset thresholds, and send a real-time alert to a dispatch and control console unit coupled to the server and the P25 network in response to determining that some of the collected data exceeds at least one of the preset thresholds, such that the dispatch and control console unit provides one or more corrective actions to the P25 network.

A baseband processor of a communication device, the baseband processor comprising a multiple encryption manager that utilizes a transmit data stream as an input data stream in the case that the transmit data stream is determined not to already have encryption applied by a higher layer component, and that utilizes a known unencrypted dataset as an input data stream in the case that the transmit data stream is determined to already have encryption applied by a higher layer component, an encryptor block that encrypts the input data stream into an encrypted data stream, and a randomness inspector that is in communication with the encryptor block, the randomness inspector unit accessing the input data stream and the encrypted data stream from the encryptor block and determining a randomness gain by comparing a first randomness measurement associated with the input data stream to a second randomness measurement associated with the encrypted data stream.

A computer-implemented method includes receiving, by a base station of a first security system, an identification of a portable security system. The method further includes adding, by the base station, the portable security system as a sensor to a plurality of sensors monitored by the first security system. The method further includes configuring, by the base station, the portable security system in protect-mode, wherein the portable security system sounds an alarm in response to a sensor from the second system indicating a security-breach. The method further includes in response to the alarm from the portable security system, generating, by the base station, an alarm event of the first security system.

The present disclosure describes event detection and management for quantum communications in a communication network. The event detection and management for quantum communications in a communication network may be provided based on event-based interaction between quantum nodes of the communication network and a network controller of the communication network, such as where the quantum nodes detect events associated with quantum communications and report the events associated with quantum communications to the network controller and where the network controller receives the events associated with quantum communications from the quantum nodes and initiates event management operations based on the events associated with quantum communications. The event detection and management for quantum communications in a communication network may be provided for various aspects of quantum communications, such as for quantum channels configured to support quantum information transfers, quantum information transfers via quantum channels, quantum applications, and so forth.

Systems and methods are provided for a detection and defense system relating to a network connection sharing application. For example, the system can simulate a request for a network password using a conventional application that shares this information. The application may be implemented on, for example, a mobile device or a virtual machine (VM). In some embodiments, the mobile device/VM attempts to establish a network connection to an access point (AP) using the shared password over a tunnel established between the AP and mobile device/VM. If the mobile device/VM can connect to the AP, an assumption may be made that the user credentials have been leaked and a potential security risk exists. An alert can be sent to a network administrator of the communication network (e.g., to perform an action, etc.). The action may include, for example, changing the password, removing access from one or more users, and the like.

Systems and methods are provided for a detection and defense system relating to a network connection sharing application. For example, the system can simulate a request for a network password using a conventional application that shares this information. The application may be implemented on, for example, a mobile device or a virtual machine (VM). In some embodiments, the mobile device/VM attempts to establish a network connection to an access point (AP) using the shared password over a tunnel established between the AP and mobile device/VM. If the mobile device/VM can connect to the AP, an assumption may be made that the user credentials have been leaked and a potential security risk exists. An alert can be sent to a network administrator of the communication network (e.g., to perform an action, etc.). The action may include, for example, changing the password, removing access from one or more users, and the like.

A monitoring system is described for monitoring at least one slice of a communications network using at least one access network, an edge network and a core network. The system, comprises, for each slice, a plurality of intrusion detection modules configured to monitor elements associated with said section and comprising at least a first module for detecting intrusions at the access network level, a second module for detecting intrusions at the edge network level, and at least a third module at the core network level, each of the modules being configured to provide a piece of information representative of a local confidence level assigned to the section according to a behaviour of at least one element that it monitors. One of the third modules is additionally configured to evaluate, from the provided information, an overall confidence level for this section and to trigger an intrusion mitigation action for this section depending on the value of this overall confidence level.