Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: In one embodiment, a gateway device communicates on a first digital computer network. The gateway device also communicates on a near vertical incident skywave area network using digital data encapsulated in analog ionospheric refracted signals. The gateway device further modulates signals between the first digital computer network and the near vertical incident skywave area network based on dynamic channel selection and multi-domain multiplexing.

Abstract: Correcting for antennae spatial distortions in Radio Frequency (RF) localization may be provided. A plurality of actual locations associated with a plurality of Access Point (APs) may be received. Then a plurality of signal strengths associated with the plurality of APs may be received. Based on the plurality of signal strengths, a model may be created that models a plurality of inference errors respectively corresponding to the plurality of APs between a plurality of inferred locations respectively corresponding to the plurality of APs and the plurality of actual locations. The model may then be used in determining a location of a device.

Abstract: Techniques for establishing connections between user devices and access points to connect to networks. Access points may indicate privacy-support capabilities, enabling a user device to discover privacy-capable access networks, and use this capability for network selection. Furthermore, the techniques enable the user device to request to enable and/or disable privacy support on an on-demand basis. The techniques described herein include the use of an access point that indicates the network's privacy capability to an endpoint device (e.g., source device, user device, etc.) over one or more link-layer messages, IP address configuration mechanisms, and over authentication protocols.

Abstract: Techniques for using Locator ID Separation Protocol (LISP), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to obfuscate server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns an endpoint identifiers (EID) that is mapped to the client device and at least one routing locator (RLOC) of the endpoint device. In this way, IP addresses of servers are obfuscated by a network mapping of EIDs and RLOCs. The client device may then communicate data packets to the server using the EIDs as the destination address, and a virtual network service that works in conjunction with DNS can encapsulate the data packet with the RLOC using LISP and forward the data packet onto the server.

Abstract: A method of continuous multi-factor authentication may include executing wireless sensing based at least in part on execution of a continuous multi-factor authentication (CMFA) application at a computing device, collecting channel state information (CSI) data from a network device communicatively coupled to the computing device, transmitting the CSI data to a CMFA device, and receiving a trust score from the CMFA device based on the CSI data.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Stateless address translation at an Autonomous System (AS) boundary for host privacy may be provided. An address associated with a host device in the AS may be received. The address may comprise a network prefix and an interface identifier (ID). Then a cypher value may be assigned to a cypher bit range in the network prefix. The cypher value may be associated with a first cypher algorithm of a plurality of cypher algorithms. Next, the address may be encoded wherein encoding the address comprises applying the first cypher algorithm to encode a coding bit range in the address that is less significant than the cypher bit range. The encoded address may then be used for flows from the host that egress the AS.

Abstract: In one embodiment, a processor of a vehicle detects a difference between a physical characteristic of the vehicle predicted by a first machine learning-based model and a physical characteristic of the vehicle indicated by telemetry data generated by a sub-system of the vehicle. The processor forms a packet payload of an update packet indicative of the detected difference, based in part on a relevancy of the physical characteristic to the first machine learning-based model. The processor applies a synchronization strategy to the update packet, to synchronize the update packet with a second machine learning-based model executed by a receiver. The processor sends the update packet to the receiver via a network, to update the second machine learning-based model.

Abstract: Stateless address translation at an Autonomous System (AS) boundary for host privacy may be provided. An address associated with a host device in the AS may be received. The address may comprise a network prefix and an interface identifier (ID). Then a cypher value may be assigned to a cypher bit range in the network prefix. The cypher value may be associated with a first cypher algorithm of a plurality of cypher algorithms. Next, the address may be encoded wherein encoding the address comprises applying the first cypher algorithm to encode a coding bit range in the address that is less significant than the cypher bit range. The encoded address may then be used for flows from the host that egress the AS.

Abstract: Object movement detection may be provided. Channel State Information (CSI) data may be obtained. The CSI data may be associated with a plurality of links between a plurality of Access Points (APs) that provide coverage to an area. Next, a plurality of features may be extracted from the CSI data. The plurality of features may then be converted to a plurality of scores. Then motion in sub-areas of the area may be classified based on a comparison of the plurality of scores to a threshold for the area. The threshold may be determined based upon data collected when no motion occurred in the area.

Abstract: Correcting for antennae spatial distortions in Radio Frequency (RF) localization may be provided. A plurality of actual locations associated with a plurality of Access Point (APs) may be received. Then a plurality of signal strengths associated with the plurality of APs may be received. Based on the plurality of signal strengths, a model may be created that models a plurality of inference errors respectively corresponding to the plurality of APs between a plurality of inferred locations respectively corresponding to the plurality of APs and the plurality of actual locations. The model may then be used in determining a location of a device.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: Embodiments include detection of physical events associated with a wireless network, where the detected physical events are associated with the measurable effects on radio signals between devices in the wireless network. The detected physical event and associated radio signal information is used to provide precise low cost time synchronization for a device in a network.

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: In one embodiment, a processor of a vehicle detects a difference between a physical characteristic of the vehicle predicted by a first machine learning-based model and a physical characteristic of the vehicle indicated by telemetry data generated by a sub-system of the vehicle. The processor forms a packet payload of an update packet indicative of the detected difference, based in part on a relevancy of the physical characteristic to the first machine learning-based model. The processor applies a synchronization strategy to the update packet, to synchronize the update packet with a second machine learning-based model executed by a receiver. The processor sends the update packet to the receiver via a network, to update the second machine learning-based model.