Abstract: A system may comprise a group of processor cores configured to generate kernel-space threads in a kernel space and user-space threads in a user space of a Linux operating system. Each kernel-space thread may be executable by one of the processor cores to perform operations. For example, a kernel-space thread may receive a data packet transmitted from a client device via a network. The kernel-space thread may determine a particular communication channel assigned to a processor core that is executing the kernel-space thread. The kernel-space thread may determine if the data packet satisfies a condition based on information extracted from the data packet. In response to determining that the data packet does not satisfy the condition, the kernel-space thread may transmit data from the data packet via the particular communication channel to a user-space thread. The user-space thread may be configured to receive and process the data.

Abstract: A method includes receiving, by a processing device, a first packet addressed to a first virtualized execution environment, determining, by the processing device, whether the first packet has similar characteristics with a second packet by applying a first filtering rule to the first packet, wherein the first filtering rule is generated in view of characteristics of the second packet, and wherein the second packet is stored in a first filtering queue of a second virtualized execution environment, and responsive to determining that the first packet is similar to the second packet, discarding, by the processing device, the first packet.

Abstract: A method includes accessing, by a hypervisor executing by a processing device, a filtering queue that stores at least one packet determined to be malicious by a virtual machine, generating, by the hypervisor, a filtering rule in view of characteristics of the at least one packet determined to be malicious, and storing the filtering rule in a data store to apply to subsequent packets addressed to the virtual machine to determine whether any of the subsequent packets have similar characteristics with the at least one packet determined to be malicious.

Abstract: An example system includes a memory, a processor in communication with the memory, and a compiler that includes a serializer and a deserializer. The compiler executes on the processor to receive an input including a plurality of tags associated with a message. The compiler parses the input according to a specification and builds a tag trie from the plurality of tags, which includes a tag path and an end leaf. Each tag path includes a first tag and one or more candidate tags, which includes a last candidate tag. The last candidate tag in each tag path is the respective end leaf. The compiler walks the tag trie to obtain each tag path and generates a type of source code, which converts the input into an equivalent representation of a data structure associated with the message. The compiler also provides the type of source code to a user application.

Abstract: A communication pathway or tunnel can be established between a service node (or other similar node) of a wireless network and an external network using software-defined networking. Packet-based communications can be routed through the wireless network using the communication pathway without requiring a specific node, such as a gateway node, for interfacing with the external network. The software-defined networking system can include program code executed by a computing device to monitor communications in the wireless network and identify a communication that includes a request to establish a communication pathway to the external network. In response, the program code can reprogram network hardware-devices to establish the communication pathway and allow packet communications to be exchanged between the wireless network and the external network via the communication pathway.

Abstract: A method includes accessing, by a hypervisor executing by a processing device, a filtering queue that stores at least one packet determined to be malicious by a virtual machine, generating, by the hypervisor, a filtering rule in view of characteristics of the at least one packet determined to be malicious, and storing the filtering rule in a data store to apply to subsequent packets addressed to the virtual machine to determine whether any of the subsequent packets have similar characteristics with the at least one packet determined to be malicious.

Abstract: An example system includes a memory, a processor in communication with the memory, and a compiler that includes a serializer and a deserializer. The compiler executes on the processor to receive an input including a plurality of tags associated with a message. The compiler parses the input according to a specification and builds a tag trie from the plurality of tags, which includes a tag path and an end leaf. Each tag path includes a first tag and one or more candidate tags, which includes a last candidate tag. The last candidate tag in each tag path is the respective end leaf. The compiler walks the tag trie to obtain each tag path and generates a type of source code, which converts the input into an equivalent representation of a data structure associated with the message. The compiler also provides the type of source code to a user application.

Abstract: A communication pathway or tunnel can be established between a service node (or other similar node) of a wireless network and an external network using software-defined networking. Packet-based communications can be routed through the wireless network using the communication pathway without requiring a specific node, such as a gateway node, for interfacing with the external network. The software-defined networking system can include program code executed by a computing device to monitor communications in the wireless network and identify a communication that includes a request to establish a communication pathway to the external network. In response, the program code can reprogram network hardware-devices to establish the communication pathway and allow packet communications to be exchanged between the wireless network and the external network via the communication pathway.