The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. Embodiments herein provide an apparatus and method for verifying authenticity of a BH-RLF. A method is provided for using a new message to verify the authenticity of the BH-RLF. A method is provided for using existing and/or message over an F1AP and an RRC to verify the authenticity of the BH-RLF. A method is provided for using a hash based procedure for protection of the BH-RLF indication. A method is provided for generating a unique secret key at an parent IAB node and a child IAB node to protect the BAP control messages. Further, a method is provided for re-using ICMP ping messages to check the destination availability based on a received BH-RLF indication.

The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. Embodiments herein provide an apparatus and method for verifying authenticity of a BH-RLF. A method is provided for using a new message to verify the authenticity of the BH-RLF. A method is provided for using existing and/or message over an F1AP and an RRC to verify the authenticity of the BH-RLF. A method is provided for using a hash based procedure for protection of the BH-RLF indication. A method is provided for generating a unique secret key at an parent IAB node and a child IAB node to protect the BAP control messages. Further, a method is provided for re-using ICMP ping messages to check the destination availability based on a received BH-RLF indication.

Systems and methods are disclosed herein for real-time digital authentication. According to some embodiments, a certification authentication method includes receiving a list of third party root certificates from a remote server, the list of third party root certificates including at least one association between a program configured to run on the computing apparatus and a public key for authenticating communication between the program and an associated server of the program. The method may also include authenticating the list of third party root certificates. The method may also include initiating a communication between the computing apparatus and the associated server and authenticating the communication with the associated server using the public key. Furthermore, the method may also include loading the program onto the one or more memories during a bootstrapping process in response to determining that the communication with the associated server is authentic.

Techniques, devices, and systems for receiving, from a mobile device, a request associated with a subscriber information module (SIM) are described herein. At least one of the mobile device, the SIM, or a communication identifier can be determined. A query can be transmitted, based on a difference between a first time associated with the query and a second time associated with a previous query meeting or exceeding a threshold amount of time. An action can be performed based on the query information being associated with the malicious activity information.

Techniques, devices, and systems for receiving, from a mobile device, a request associated with a subscriber information module (SIM) are described herein. At least one of the mobile device, the SIM, or a communication identifier can be determined. A query can be transmitted, based on a difference between a first time associated with the query and a second time associated with a previous query meeting or exceeding a threshold amount of time. An action can be performed based on the query information being associated with the malicious activity information.

A method for DoS attacks at an NF includes maintaining, at a first NF, an NF subscription database containing rules that specify maximum numbers of allowed subscriptions and corresponding rule criteria. The method further includes receiving, at the first NF and from a second NF, a subscription request for establishing a subscription. The method further includes determining, by the first NF, that the subscription request matches criteria for at least one rule in the NF subscription database and incrementing, by the first NF, at least one count of a number of subscriptions for the at least one rule. The method further includes determining, by the first NF, that the at least one count of the number of subscriptions exceeds a maximum number of allowed subscriptions for the at least one rule. The method further includes, in response to determining that the at least one count of the number of subscriptions exceeds the maximum number of allowed subscriptions for the at least one rule, preventing establishment of the subscription.

Method, device, and system of detecting a mule bank account, or a bank account used for terror funding or money laundering. A method includes: monitoring interactions of a user with a computing device during online access with a bank account; and based on the monitoring, determining that the bank account is utilized as a mule bank account to illegally receive and transfer money, or is used for money laundering or terror funding. The method takes into account one or more indicators, such as, utilization of a remote access channel, utilization of a virtual machine or a proxy server, unique behavior across multiple different accounts, temporal correlation among operations, detection of a set of operations that follow a pre-defined mule account playbook, detection of multiple incoming fund transfers from multiple countries that are followed by a single outgoing fund transfer to a different country, and other indicators.

The invention is concerned with improvements in mobile communications, and especially with improvements in bonding communications simultaneously utilising multiple mobile networks. It may be embodied in a mobile device (12a, 12b, 12c). The mobile device (12) has a plurality of mobile network interface units (22a, 22b, 22c) each of which is configurable to connect to each of a group of mobile networks (16a, 16b, 16c). The mobile device (12) comprises at least one digital processing device implementing allocation logic which allocates each mobile network unit to one of the mobile networks (16a, 16b, 16c) and causes each mobile network interface unit (22a, 22b, 22c) to be configured to connect to the network (16a, 16b, 16c) to which it is allocated. The allocation logic serves to allocate the mobile network units (22a, 22b, 22c) to the mobile networks (16a, 16b, 16c) based on operating parameters, and to re-allocate the mobile network interface units (22a, 22b, 22c) in response to changes in the operating parameters, causing the mobile network units (22a, 22b, 22c) to be re-configured such as to disconnect from one mobile network and connect to another mobile network.

The present invention provides a wireless communication method of an access point. The wireless communication method comprises the steps of: establishing a cache table comprising a plurality of reference MAC and corresponding PMKs and reference PMKIDs; receiving an association request from a station; reading a MAC address of the station and a PMKID from the association request; if the MAC address of the station and the PMKID do not match items of the cache table, performing a calculation on the PMKID to obtain an original PMKID; determining if the original PMKID matches any one of the reference PMKIDs within the cache table; and if the original PMKID matches one reference PMKID within the cache table, determining that the reference MAC recorded in the cache table and the MAC address belong to the same station.

The disclosed technology includes a method and system for preventing or reducing cyber-attacks in telecommunications networks, such as 5G networks. For example, a first node in a 5G network can detect that a first connected device is at risk of a cyber-attack based on one or more conditions and can broadcast to a plurality of nodes in the RAN that the first connected device is at risk of the cyber-attack. The first node can receive a first message from a second node of the plurality of nodes confirming or acknowledging that the first connected device is at risk of the cyber-attack. In response to receiving the first message from the second node confirming or acknowledging that the first connected device is at risk of the cyber-attack, the system can deauthorize the first connected device.