The disclosed technology includes a method and system for preventing or reducing cyber-attacks in telecommunications networks, such as 5G networks. For example, a first node in a 5G network can detect that a first connected device is at risk of a cyber-attack based on one or more conditions and can broadcast to a plurality of nodes in the RAN that the first connected device is at risk of the cyber-attack. The first node can receive a first message from a second node of the plurality of nodes confirming or acknowledging that the first connected device is at risk of the cyber-attack. In response to receiving the first message from the second node confirming or acknowledging that the first connected device is at risk of the cyber-attack, the system can deauthorize the first connected device.

Systems and method are provided for mitigating hacking of restricted access telecommunication services. In response to an authentication response from a user device, an authentication failure type and authentication failure frequency may be determined. Based on the authentication failure type and authentication failure frequency, the user device is blocked from accessing the telecommunication service for a predetermined period of time, preventing the service from being congested by recurring unauthorized users.

Systems and method are provided for mitigating hacking of restricted access telecommunication services. In response to an authentication response from a user device, an authentication failure type and authentication failure frequency may be determined. Based on the authentication failure type and authentication failure frequency, the user device is blocked from accessing the telecommunication service for a predetermined period of time, preventing the service from being congested by recurring unauthorized users.

According to some embodiments, there is provided a Collective Perception Message, CPM, characterizing a plurality of Vulnerable Road Users based on a plurality of received VAMs, thereby allowing an ITS station to efficiently aggregate VAM messages from VRUs and retransmit information about the VRUs to other ITS stations. Consequently, the security is improved as some ITS stations may not be able to detect or identify VRU stations by themselves but thanks to the CPM, these stations can still be informed of the VRUs. According to other aspects, congestion is avoided while maintaining safety vis-à-vis VRUs thanks to the use of a different transmission scheme when the VRU is already characterized in a CPM sent to the ITS stations. Also, a receiving station can evaluate whether the content of a CPM can be trusted or not. Safety is thus improved. This is achieved thanks to the CPM that references a certificate.

A computer-implementable method employs radio signal metadata to train a cognitive learning and inference system to produce an inferred function, wherein the metadata comprises a syntactic structure of at least one radio communication protocol. The inferred function is used to map metadata of a detected radio signal to a cognitive profile of a transmitter of the detected radio signal. The mapping effects intelligent discrimination of the transmitter from at least one other transmitter through corroborative or negating evidentiary observation of properties associated with the metadata of the detected radio signal. A response to the transmitter is based upon the mapping.

A computer-implementable method employs radio signal metadata to train a cognitive learning and inference system to produce an inferred function, wherein the metadata comprises a syntactic structure of at least one radio communication protocol. The inferred function is used to map metadata of a detected radio signal to a cognitive profile of a transmitter of the detected radio signal. The mapping effects intelligent discrimination of the transmitter from at least one other transmitter through corroborative or negating evidentiary observation of properties associated with the metadata of the detected radio signal. A response to the transmitter is based upon the mapping.

Plural Internet of Things (IoT) gateways detect, secure against and remediate malicious code with an autonomous communication of tokens between the IoT gateways on a time schedule. Detection of an invalid token or a token communication outside of a scheduled time indicates that malicious code may have interfered with token generation or communication. Once malicious code is verified on an IoT gateway, the failed gateway is remediated to an operational state, such as with a re-imaging by another IoT gateway through an in band communication or a re-imaging by a server information handling system through an out of band communication.

Apparatus, systems and methods for agile network isolation through use of packet level non-repudiation (PLNR) are provided. Using a fast cryptography to verify that incoming packets are undeniably being received from the identified source, real-time attack notifications can be independently verified and shared among the network devices to remove compromised nodes from the network. The ability to collaborate among nodes without trust may be achieved via PLNR, to share attack notifications in real-time may be achieved via Telling Attack Layer (TATL), and to establish the identity of an attack in a permanent and binding way may be achieved via DISCOvery (DISCO).

Apparatus, systems and methods for agile network isolation through use of packet level non-repudiation (PLNR) are provided. Using a fast cryptography to verify that incoming packets are undeniably being received from the identified source, real-time attack notifications can be independently verified and shared among the network devices to remove compromised nodes from the network. The ability to collaborate among nodes without trust may be achieved via PLNR, to share attack notifications in real-time may be achieved via Telling Attack Layer (TATL), and to establish the identity of an attack in a permanent and binding way may be achieved via DISCOvery (DISCO).

Methods for managing a communication session in a communication network are disclosed. For example, a method includes detecting, by a first endpoint comprising at least one processor, an error condition associated with the communication session, sending, by the first endpoint, a notification of the error condition to a second endpoint that is using a transport layer session and receiving, by the first endpoint, a communication from the second endpoint, proposing a response to the error condition. Another method includes receiving, by a first endpoint comprising at least one processor, a notification of an error condition associated with the communication session, selecting, by the first endpoint, a response to the error condition, and sending, by the first endpoint, a communication to a second endpoint that is using a transport layer session, proposing a response to the error condition.