Abstract: Systems, methods, and computer-readable media herein dynamically adjust the policies used within a core network. These policies are determine based on the identification of a user device being a reduced capability device and the data requirements for that device. A correlation between the type of reduced capability device and the data requirements is used to derive data-drive insights using a near-real time RAN intelligence controller. The data used to determine these insights and policies are based near-real time sources.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for adjusting the transmission power of an unmanned aerial vehicle are disclosed. In one aspect, a method includes the actions of determining, by an unmanned aerial vehicle that includes a radio transceiver, an altitude of the unmanned aerial vehicle and a distance between the unmanned aerial vehicle and a base station. The actions further include, based on the altitude of the unmanned aerial vehicle and the distance between the unmanned aerial vehicle and the base station, determining, by an unmanned aerial vehicle, a transmission power level for the radio transceiver. The actions further include communicating, by the unmanned aerial vehicle, with the base station using the radio transceiver operating at the transmission power level.

Abstract: The disclosed embodiments include a software-defined security (SDS) service that can monitor runtime behavior of a network of nodes of a wireless network and detect anomalous activity indicating contamination of the network of nodes, where the contamination includes unauthorized instructions designed to damage or interrupt a function of the network of nodes. The SDS service can dynamically coordinate a blacklist and a whitelist, where the blacklist includes an indication of contaminated assets and the whitelist includes an indication of non-contaminated assets. The contaminated assets are isolated with a cleanroom environment, where the security resources sanitize the contaminated assets. Then, indications of the decontaminated assets are moved from the blacklist to the whitelist, and the use of the security resources are dynamically adjusted according to a load ratio between the whitelist and the blacklist.

Abstract: A method performed by a system includes instantiating a vulnerability-risk-threat (VRT) service for a security edge protection proxy (SEPP) element of a 5G telecommunications network. The system intercepts and parameterizes network traffic of the SEPP element to identify network functions (NFs) or associated services that requires cybersecurity protection and selects security resources for protecting the identified NFs or associated services. The system prioritizes an NF or associated service that is most frequently used (MFU) or most recently used (MRU) and then allocates the security resources in accordance with the prioritization.

Abstract: Systems, methods, and computer-readable media herein dynamically adjust the policies used within a core network. These policies are determine based on the identification of a user device being a reduced capability device and the data requirements for that device. A correlation between the type of reduced capability device and the data requirements is used to derive data-drive insights using a near-real time RAN intelligence controller. The data used to determine these insights and policies are based near-real time sources.

Abstract: The disclosed embodiments include a method performed by a wireless network to dynamically provision security resources during runtime execution of a service environment. The security resources are distributed across cell sites that provide coverage areas for multiple wireless devices (WDs) in multiple service environments. The cell sites are monitored during runtime execution of the multiple service environments to detect risk levels that indicate a vulnerability to the wireless network. When an elevated risk level is detected for a particular cell site, security resources of the security layer are dynamically provisioned for the particular cell site to safeguard the entire wireless network. Hence, the provisioned security resources can include a security resource from a different cell site.

Abstract: Techniques are described herein for facilitating V2X communications using a connected vehicle platform. The techniques include receiving, from an onboard diagnostics (OBD) accessory device, a vehicle report comprising vehicle data of a vehicle equipped with the OBD accessory device, the vehicle located at a target location. An additional vehicle located within a predetermined distance of the target location is identified. The additional vehicle is equipped with an onboard diagnostics unit (OBU). A traffic advisory message is generated based at least on the vehicle data in the vehicle report. Thereafter, the techniques include determining whether the additional vehicle is located within a communication range of the vehicle and in response to making a determination that the additional vehicle is located outside of the communication range of the vehicle, the traffic advisory message is broadcasted to the OBU of the additional vehicle.

Abstract: This disclosure describe techniques to transmitting information from a vehicle to an intended destination, via a selected transmission method. A system is described that can capture current sensor data from a vehicle system of an idle vehicle and infer the occurrence of a trigger event. In doing so, the system may generate a message indicating the occurrence of the trigger event and transmit the message to one or more connected devices in a range of the intended destination.

Abstract: The disclosed embodiments include a software-defined security (SDS) service that can monitor runtime behavior of a network of nodes of a wireless network and detect anomalous activity indicating contamination of the network of nodes, where the contamination includes unauthorized instructions designed to damage or interrupt a function of the network of nodes. The SDS service can dynamically coordinate a blacklist and a whitelist, where the blacklist includes an indication of contaminated assets and the whitelist includes an indication of non-contaminated assets. The contaminated assets are isolated with a cleanroom environment, where the security resources sanitize the contaminated assets. Then, indications of the decontaminated assets are moved from the blacklist to the whitelist, and the use of the security resources are dynamically adjusted according to a load ratio between the whitelist and the blacklist.

Abstract: A method performed by a cybersecurity system includes monitoring multiple network functions (NFs) of a service-based architecture (SBA) of a 5G network. The NFs are communicatively interconnected over an HTTP/2 interface. The cybersecurity system detects potentially malicious network traffic communicated over the HTTP/2 interface, identifies a NFs or associated services that are susceptible to a cyberattack based on the potentially malicious network traffic and deploys resources to secure the NFs or associated services. In one example, the resources are prioritized for a most frequently used (MFU) or most recently used (MRU) NF or associated service.

Abstract: The disclosed technology proposes a new methodology to include the effect of speed and direction of a UE into the threshold used for determining when to switch between a 4G UL connection and a 5G UL connection. The system can use a lookup table with various speeds mapping to varying thresholds. The system can use an accelerometer sensor or digital compass to determine the direction of the vehicle, such as heading away from or toward the 5G site, so the vehicle can switch sooner from 5G-NR to LTE and from LTE to NR, respectively. For C-V2X applications, latency is an important factor because 5G technology provides shorter latency than 4G; thus keeping the link on 5G is preferred when under good coverage. Further, the idea is not limited to UL, 5G and/or vehicle technologies, but can also be applied to DL direction, Wi-Fi and/or drone technologies as well.

Abstract: A security system generates a digital signature for a small cell of a wireless network and assigns the digital signature to the small cell for connecting to the wireless network. The digital signature can be generated based on a connectivity schedule for the small cell. When the security system obtains a connection request from the small cell to connect to the wireless network, the security system compares an instance of the digital signature included in the connection request with an expected digital signature and compares the point in time when the connection request was communicated with an expected time indicated in the connectivity schedule. The security system detects an anomaly when the instance of the digital signature deviates from the expected digital signature or the point in time deviates from the expected time, and causes performance of an action based on a type or degree of the anomaly.

Abstract: A system obtains security data of interconnected networks. The visibility of the security data is asymmetric for each interconnected network relative to the other. The security data is continuously stored and used in real-time or near real-time to identify services of the interconnected networks that require safeguards against a potential cyberattack. The interworking system determines a security parameter that relates the security data to the potential cyberattack and communicates the security parameter to the interconnected networks. The interconnected networks can safeguard against the potential cyberattack based on the security parameter.

Abstract: An outbound roaming system detects that a wireless device has left a home wireless network and, in response, identifies a visited wireless network on which the wireless device is likely to roam or is currently roaming. The outbound roaming system queries the visited wireless network to offer security information for the wireless device. The security information can include a security parameter for the visited wireless network to mitigate a potential cyberattack enabled by the wireless device. In response to receiving an acceptance of the offer and satisfying a condition, the outbound roaming system provides the security information to the visited wireless network. As such, the visited wireless network can dynamically defend against cyberattacks enabled by roaming devices.

Abstract: The disclosed technology proposes a new methodology to include the effect of speed and direction of a UE into the threshold used for determining when to switch between a 4G UL connection and a 5G UL connection. The system can use a lookup table with various speeds mapping to varying thresholds. The system can use an accelerometer sensor or digital compass to determine the direction of the vehicle, such as heading away from or toward the 5G site, so the vehicle can switch sooner from 5G-NR to LTE and from LTE to NR, respectively. For C-V2X applications, latency is an important factor because 5G technology provides shorter latency than 4G; thus keeping the link on 5G is preferred when under good coverage. Further, the idea is not limited to UL, 5G and/or vehicle technologies, but can also be applied to DL direction, Wi-Fi and/or drone technologies as well.

Abstract: Systems, methods, and computer-readable media herein dynamically adjust the policies used within a core network. These policies are determine based on the identification of a user device being a reduced capability device and the data requirements for that device. A correlation between the type of reduced capability device and the data requirements is used to derive data-drive insights using a non-real time RAN intelligence controller. The data used to determine these insights and policies are based on historical and non-real time sources.

Abstract: Systems, methods, and computer-readable media herein dynamically adjust the policies used within a core network. These policies are determine based on the identification of a user device being a reduced capability device and the data requirements for that device. A correlation between the type of reduced capability device and the data requirements is used to derive data-drive insights using a near-real time RAN intelligence controller. The data used to determine these insights and policies are based near-real time sources.

Abstract: A security system generates a digital signature for a small cell of a wireless network and assigns the digital signature to the small cell for connecting to the wireless network. The digital signature can be generated based on a connectivity schedule for the small cell. When the security system obtains a connection request from the small cell to connect to the wireless network, the security system compares an instance of the digital signature included in the connection request with an expected digital signature and compares the point in time when the connection request was communicated with an expected time indicated in the connectivity schedule. The security system detects an anomaly when the instance of the digital signature deviates from the expected digital signature or the point in time deviates from the expected time, and causes performance of an action based on a type or degree of the anomaly.

Abstract: A system obtains security data of interconnected networks. The visibility of the security data is asymmetric for each interconnected network relative to the other. The security data is continuously stored and used in real-time or near real-time to identify services of the interconnected networks that require safeguards against a potential cyberattack. The interworking system determines a security parameter that relates the security data to the potential cyberattack and communicates the security parameter to the interconnected networks. The interconnected networks can safeguard against the potential cyberattack based on the security parameter.

Abstract: A method is performed by a wireless mobile network to mitigate interference between communication links. A request is received for resources needed to support an application by a vehicle relative to another vehicle. The resources are configured based on the application and are used to establish a direct communication link between the vehicles. The resources are to be shared between the direct communication link and another communication link. The mobile network defines certain blanked resources that are disallowed for use to perform the application. Any remaining resources (or non-blanked resources) are allowed for use to perform the application. The blanked resources can be used by the other communication link to avoid interference with the direct communication link. The allocation of resources is communicated to the vehicle to establish the direct communication link with the other vehicle.