Abstract: This disclosure describes techniques for an email security system to detect a malicious email and take remedial actions in response to the detected malicious email. The techniques described herein may enable the email security system to detect whether an email is malicious based on whether one or more files attached to the email are malicious. In some cases, the email security system determines whether an email attachment file is malicious based on a set of features that are specific to both a classification of the email (e.g., a semantic classification of the email) and a format of the email attachment file.

Abstract: Techniques and architecture are described that provide a multi-platform tool focused on displaying various levels of a topology of a network to a user while maintaining an original context of the user that was initially selected. Elements within the topology are dynamically added or removed from the user's view, e.g., the display, as the elements come in and out of focus. For example, in configurations, as the user traverses the topology, e.g., graph, the nodes that are not of interest generally become invisible. Thus, the user receives a clear view of how the selected component changed according to the user's actions and may achieve an easily maintained history of the current hops through the network topology.

Abstract: Adaptive channel aging detection to determine channel sounding intervals in a wireless network is provided. A station may receive data packets from an Access Point (AP) over a channel established between the AP and the station. The station may estimate a channel condition of the channel based on Legacy Long Training Field (L-LTF) symbols in the data packets. The station may determine an amount of variation in the channel condition estimated so far from a latest Channel Sounding Information (CSI) report. The station may determine whether the latest CSI report is still valid based on the variation.

Abstract: Multi-Link Device (MLD) based relay support may be provided. Support a MLD relay can include provisioning a Virtual Media Access Control (vMAC) address for the MLD relay between a Transmitter STA (tSTA) and a Destination STA (dSTA). The MLD relay is configured, comprising determining a bridging configuration between a first link with the tSTA and a second link with the dSTA. A transmission from the tSTA is received via the first link, and the transmission is relayed to the dSTA via the second link.

Abstract: Network Allocation Vector (NAV) protection in a relay may be provided. Providing NAV protection in a relay can include determining a frame sequence for sending a data signal to a destination Station (dSTA). A Multi-User Request to Send (MU-RTS) is transmitted, the MU-RTS comprising a MU-RTS user information field with a plurality of available bits, the plurality of available bits including one or more frame sequence bits of indicating the frame sequence. One or more Clear to Send (CTS) signals is received, and the data signal is transmitted in response to receiving the CTS. One or more acknowledge signals are received based on the frame sequence.

Abstract: A method to continue Stream Classification Service (SCS) in roaming across Access Points (APs) in an Extended Service Set (ESS) may be provided. A first AP of the ESS may receive a SCS request from a station for a SCS flow. The SCS request may include a SCS identifier for the SCS flow and Quality of Service (QoS) resources requested for the SCS flow. The first AP may configure the QoS resources for the SCS flow at the first AP. A second AP of the ESS may receive a re-association request from the station in response to the station roaming to the second AP. The second AP may configure the QoS resources for the SCS flow at the second AP based on the re-association request.

Abstract: In one embodiment, the disclosure relates to a multi-use electro-optical device. The device may include a first group of optical inputs that include one or more optical inputs that are user selectable for a first operating mode. The device may also include a second group of optical inputs that include four or more optical inputs, wherein the four or more optical inputs are user selectable for a second operating mode. The device may include a first optical output operable to support the second operating mode. The first optical output is in optical communication with the four or more optical inputs. The device may also include a second group of optical outputs that includes four or more optical outputs, wherein the four or more optical outputs are user selectable for a first operating mode. The device also may include a modulator stage that includes four or more modulators.

Abstract: Authorization for stream classification service requests for Peer-to-Peer (P2P) traffic flows may be provided. An Access Point (AP) may receive a Stream Classification Service (SCS) request from a station for a P2P traffic flow. The SCS request may include a flow identifier for the P2P traffic flow and Quality of Service (QOS) resource requested for the P2P traffic flow. The AP may determine whether to grant the SCS request. Determining whether to grant the SCS request may include determining that a network policy allows the P2P traffic flow based on the flow identifier and determining that the AP can support the QoS resource requested for the P2P traffic flow.

Abstract: Enabling secondary channel access during beacon and groupcast traffic and shortening the periods of beacon and groupcast traffic may be provided. Enabling secondary channel access can include advertising a capability to exchange traffic on secondary channels during beacon period. During a beacon period, beacons and groupcast traffic are transmitted on a primary channel and traffic is exchanged with the one or more clients on one or more secondary channels. Enabling secondary channel access between OBSSs can include one BSS transmitting beacons and groupcast traffic on a primary channel and another BSS exchanging traffic on secondary channels. Shortening beacon periods can include offsetting or otherwise organizing Delivery Traffic Indication Map (DTIM) beacons and groupcast traffic.

Abstract: Access Point (AP) location techniques using Ultra-Wideband (UWB) and, specifically, optimizing UWB location techniques to reduce collisions may be provided. AP location techniques using UWB can include determining a plurality of Access Point (AP) pairs. A schedule is determined for the plurality of AP pairs to perform AP-to-AP ranging, preamble codes are determined for each AP pair to manage cross-correlation between AP pairs of the plurality of AP pairs scheduled to perform AP-to-AP ranging simultaneously, wherein the plurality of AP pairs are operable to perform AP-to-AP ranging using Ultra-Wideband (UWB) and according to the schedule and the preamble codes for each AP pair.

Abstract: Large Language Model (LLM) driven proactive scheduling may be provided. First, a proactive feedback module may be used that gathers user requests and device feedback. Next, an instructive interpreter module may be used that receives the user requests and the device feedback and produces instructive prompts based on the user requests and the device feedback. Then a user-reinforced scheduling optimization module may be used that receives responses to the instructive prompts and continuously enhances bandwidth scheduling based on the receives responses.

Abstract: Seamless roaming and client tracking using Ultra-Wideband (UWB) may be provided. Seamless roaming and client tracking using UWB can comprise receiving a request for a client to subscribe to an UWB seamless roaming and tracking service and receiving a coarse location of the client. A configuration is negotiated for UWB seamless roaming and tracking for the client. A plurality of UWB sessions are created and assigned to a plurality of Access Points (APs) based on the coarse location of the client, wherein the plurality of APs are operable to start the UWB sessions to perform UWB ranging of the client. Ranging reports are received from the plurality of APs, and a location of the client is determined based on the ranging reports.

Abstract: Backscatter AMP device detection and characterization using Ultra Wideband (UWB) impulse radar may be provided. First, a computing device may transmit an UWB signal comprising pulses to a Backscatter Device (BKD). Next, the computing device may receive a reflection of the UWB signal from the BKD in response to the UWB signal. Then the computing device may locate the BKD using a Channel Impulse Response (CIR) of the reflection of the UWB signal.

Abstract: Coordinated Restricted Target Wait Time (rTWT) scheduling may be provided. Coordinated rTWT scheduling can be performed with an Overlapping Basic Service Set (OBSS), including determining one or more service periods for the OBSS. A coordinated rTWT service period frame is generated comprising one or more service period elements each associated with one of the one or more service periods for the OBSS. The coordinated rTWT service period frame is sent to a Station (STA), wherein the STA is operable to determine whether to communicate during the one or more service periods of the OBSS based on the one or more service period elements.

Abstract: Coordinating Dynamic Sub-Band Operation (DSO) using Multi-Access Point (AP) Coordination (MAPC) may be provided. Coordinating DSO can include determining a proposed inter-Basic Service Set (BSS) DSO agreement for an Overlapping BSS (OBSS) and sending an inter-BSS DSO request to the OBSS based on the proposed inter-BSS DSO agreement. An inter-BSS DSO response is received from the OBSS. When the inter-BSS DSO response accepts the proposed inter-BSS DSO agreement, the proposed inter-BSS DSO agreement is established.

Abstract: Distributed Resource Units (DRUs) in Coordinated Orthogonal Frequency-Division Multiple Access (C-OFDMA) may be provided. Using C-OFMA with DRUs can include determining to use with DRUs for a Transmit Opportunity (TXOP). Neighbor Access Point (AP) traffic information is requested from a neighbor AP, and the neighbor AP traffic information is received from the neighbor AP. A DRU assignment for the neighbor AP is determined based on the neighbor AP traffic information, and the DRU assignment is sent to the neighbor AP. Traffic is exchanged with one or more Stations (STAs) using C-OFDMA with DRUs during the TXOP, wherein the neighbor AP is operable to exchange neighbor AP traffic with one or more additional STAs during the TXOP using C-OFDMA with DRUs based on the DRU assignment.

Abstract: Recovering from recursive wireless client authentication failures may be provided. A re-association request may be received from a client device in response to the client device failing to authenticate with a network through an Access Point (AP) of the network. The re-association request may be processed. In response to processing of the re-association request resulting in another authentication failure for the client device through the AP, it may be determined that a number of authentication failures through the AP is greater than a predetermined number. An indication may be sent to the client device in response to determining that the number of authentication failures is greater than the predetermined number. The indication frame may trigger the client device to send a new association request instead of another re-association request.

Abstract: Signaling to identify a Stream Classification Service (SCS) flow using a Fully Qualified Domain Name (FQDN)/Uniform Resource Locator (URL) or an application Identifier (ID) may be provided. An Access Point (AP) may receive a SCS request from a station for a SCS flow. The SCS request may include a flow identifier for the SCS flow. The flow identifier may include a FDQN or an application ID for identifying the SCS flow. The AP may verify a network policy associated with the flow identifier for the SCS flow. The AP may process the SCS request for the SCS flow based on the network policy.

Abstract: Opportunistic Key Caching (OKC) in Suite-B-192 Authentication and Key Management (AKM) may be provided. OKC in Suite-B-192 AKM can comprise performing an association process with a Station (STA). An initial Key Confirmation Key (KCK) can be received, and a Pairwise Master Key (PMK) Identifier (PMKID) is determined based on the initial KCK. A four-way handshake is performed to derive one or more keys using the PMKID.