Abstract: A computer network includes a camera node, a network access node, a verification node, and a display node. Video content recorded by a camera at the camera node is transmitted to the display node and to the verification node for verification. The video content is verified at the display node and at the verification node. Recording metadata of the video content is stored in a distributed ledger and retrieved by the display node to verify the video content. The verification node receives, from the network access node, verification data for verifying the video content.

Abstract: A computer network includes a camera node, a network access node, a verification node, and a display node. Video content recorded by a camera at the camera node is transmitted to the display node and to the verification node for verification. The video content is verified at the display node and at the verification node. Recording metadata of the video content is stored in a distributed ledger and retrieved by the display node to verify the video content. The verification node receives, from the network access node, verification data for verifying the video content.

Abstract: Computer-implemented methods and apparatuses for recursive multi-layer examination for computer network security remediation may include: identifying one or more first communications originating from or directed to a first node; identifying at least one of a protocol and an application used for each of the one or more first communications; examining each of the one or more first communications for malicious behavior; receiving a first risk score for each of the one or more first communications responsive to the examining; determining the first risk score associated with one of the one or more first communications exceeds a first predetermined threshold; and indicating the first node and a second node in communication with the first node via the one of the one or more first communications are malicious. Exemplary methods may further include: providing the identified malicious nodes and communications originating from or directed to the malicious nodes.

Abstract: Multi-node affinity-based examination for computer network security remediation is provided herein. Exemplary methods may include receiving a query that includes a selection of Internet protocol (IP) addresses belonging to nodes within a network, obtaining characteristics for the nodes, determining communications between the nodes and communications between the nodes and any other nodes not included in the selection, determining a primary affinity indicative of communication between the nodes and a secondary affinity indicative of communication between the nodes and the other nodes not included in the selection, and generating a graphical user interface (GUI) that includes representations of the nodes in the range and the other nodes outside the range, placing links between the nodes in the selection and the other nodes not included in the selection based on the primary affinity and the secondary affinity, and providing the graphical user interface to a user.

Abstract: Computer-implemented methods and apparatuses for recursive multi-layer examination for computer network security remediation may include: identifying one or more first communications originating from or directed to a first node; identifying at least one of a protocol and an application used for each of the one or more first communications; examining each of the one or more first communications for malicious behavior; receiving a first risk score for each of the one or more first communications responsive to the examining; determining the first risk score associated with one of the one or more first communications exceeds a first predetermined threshold; and indicating the first node and a second node in communication with the first node via the one of the one or more first communications are malicious. Exemplary methods may further include: providing the identified malicious nodes and communications originating from or directed to the malicious nodes.

Abstract: Multi-node affinity-based examination for computer network security remediation is provided herein. Exemplary methods may include receiving a query that includes a selection of Internet protocol (IP) addresses belonging to nodes within a network, obtaining characteristics for the nodes, determining communications between the nodes and communications between the nodes and any other nodes not included in the selection, determining a primary affinity indicative of communication between the nodes and a secondary affinity indicative of communication between the nodes and the other nodes not included in the selection, and generating a graphical user interface (GUI) that includes representations of the nodes in the range and the other nodes outside the range, placing links between the nodes in the selection and the other nodes not included in the selection based on the primary affinity and the secondary affinity, and providing the graphical user interface to a user.

Abstract: Computer-implemented methods and apparatuses for recursive multi-layer examination for computer network security remediation is provided herein. Exemplary methods may include: receiving a first identifier associated with a first node; retrieving first metadata using the first identifier; identifying a second node in communication with the first node using the first metadata; ascertaining a first characteristic of each first communication between the first and second nodes using the first metadata; examining each first communication for malicious behavior using the first characteristic; receiving a first risk score for each first communication responsive to the examining; determining the first risk score associated with one of the second communications exceeds a first predetermined threshold and indicating the first and second nodes are malicious. Exemplary methods may further include: providing the identified malicious nodes and communications originating from or directed to the malicious nodes.