Abstract: In embodiments of the present disclosure, there is provided an approach for aligning target beacon transmission time (TBTT) for multi-link connection. A method comprises setting up a first link and a second link between an access point (AP) and a wireless device based on multi-link operation (MLO), and obtaining a first TBTT of the first link and a second TBTT of the second link. The method further comprises aligning the first TBTT and the second TBTT at a start time, and then transmitting beacon frames on the first link and the second link according to the aligning of the first TBTT and second TBTT. Embodiments of the present disclosure synchronize and align the beacon TBTTs for different links, and can reduce the wake-up time on all active links, thereby saving power for the wireless device.

Abstract: An example method of controlling a wireless access point may include associating accumulated-channel-resource-consumption variables with, respectively, resource consumers of the wireless access point.

Abstract: In embodiments of the present disclosure, there is provided a method for authenticating an access point. In the method, a request for joining a network is received from an access point. A neighbor authentication notification is transmitted to the access point for obtaining an authentication code from a neighbor access point that is connected in the network in accordance with a determination that the access point is verified. The authentication code that is generated by the neighbor access point is received from the access point. The access point is accepted to join the network in accordance with a determination that the authentication code is valid. Embodiments of the present disclosure present a safe and effective way for authenticating the access point that is requesting to join the network, which provides enhanced authentication and increases the security level of the network.

Abstract: Systems and methods are provided for a detection and defense system relating to a network connection sharing application. For example, the system can simulate a request for a network password using a conventional application that shares this information. The application may be implemented on, for example, a mobile device or a virtual machine (VM). In some embodiments, the mobile device/VM attempts to establish a network connection to an access point (AP) using the shared password over a tunnel established between the AP and mobile device/VM. If the mobile device/VM can connect to the AP, an assumption may be made that the user credentials have been leaked and a potential security risk exists. An alert can be sent to a network administrator of the communication network (e.g., to perform an action, etc.). The action may include, for example, changing the password, removing access from one or more users, and the like.

Abstract: According to one example of the present disclosure, an access point (AP) comprises a wired interface and a wireless interface. External wireless client devices may associate with the AP and the AP may forward traffic received from the wireless clients. The AP includes a virtual client which is to simulate a wireless client device.

Abstract: In embodiments of the present disclosure, a method is provided for performing a frame processing operation on a broadcast/multicast frame at a physical access point (AP). A pre-processing operation is performed on the frame at a protocol layer between a physical layer and an upper layer of the AP to obtain a pre-processed frame. The pre-processing operation comprises a common operation to be performed for the plurality of virtual interfaces at the protocol layer. In this way, by performing a pre-processing operation common to the virtual interfaces supported by the physical AP, the consumption of resources caused by the performance of repeated operations in the frame processing operation can be reduced.

Abstract: An example device comprising: a processor to determine that a client device is located in an overlapping area between the first network device and a second network device, to synchronize a first clock of the first network device with a second clock of the second network device, to negotiate, with the second network device, a overlapping access window, an overlapping forbidden window, and a non-overlapping access window for the first network device and the second network device in beacon intervals, to allocate the overlapping access window, the overlapping forbidden window, and the non-overlapping access window by the first network device, to store the allocated overlapping access window, the allocated overlapping forbidden window, and the allocated non-overlapping access window as channel scheduling rules for spatial reuse, and to control frame transmission of the network device based on the channel scheduling rules.

Abstract: Examples disclosed herein include accessing, by a host device, device information corresponding to an intermediate communication device communicatively coupled to the host device. Identifying, by the host device, a unique identifier corresponding to the intermediate communication device from the accessed device information. Query, by the host device, a public key from a remote resource, based on the identified unique identifier. Receiving, by the host device, the public key from the remote resource. Authenticating, by the host device, the intermediate communication device based on the received public key and a private key stored in the intermediate communication device.

Abstract: An example device comprising: a processor to detect a time difference between a first system clock of an access point (AP) and a second system clock of a controller; determine whether the AP has abnormal dock based on the time difference; and automatically recover the first system clock of the AP when the AP has abnormal clock.

Abstract: Systems and methods are provided for a detection and defense system relating to a network connection sharing application. For example, the system can simulate a request for a network password using a conventional application that shares this information. The application may be implemented on, for example, a mobile device or a virtual machine (VM). In some embodiments, the mobile device/VM attempts to establish a network connection to an access point (AP) using the shared password over a tunnel established between the AP and mobile device/VM. If the mobile device/VM can connect to the AP, an assumption may be made that the user credentials have been leaked and a potential security risk exists. An alert can be sent to a network administrator of the communication network (e.g., to perform an action, etc.). The action may include, for example, changing the password, removing access from one or more users, and the like.

Abstract: An example first device may include a processor to establish a plurality of links associating between the first network device and a second network device, the plurality of links corresponding to a plurality of virtual local area networks (VLANs) that a plurality of client devices associated with the first network device belong to; create a mapping between the plurality of links and the plurality of VLANs; and forward data received from a particular client device among the plurality of client devices in a particular VLAN of the plurality of VLANs to the second network device via a particular link corresponding to the particular VLAN based on the mapping.

Abstract: In embodiments of the present disclosure, there is provided an approach for performing channel scan by utilizing a target wake time (TWT) mechanism. According to embodiments of the present disclosure, a compound AP transmits, to an uplink AP, a request to negotiate a schedule for a TWT session. The compound AP receives a response to the request from the uplink AP. The response comprises timing information of the TWT session. Then, the compound AP performs channel scan during a sleep period determined from the timing information. Data transmission between the compound AP and the uplink AP is disabled during the sleep period. Embodiments of the present disclosure provide an effective way for performing the channel scan, thereby ensuring data delivery and enhancing connection robustness between the compound AP and the uplink AP.

Abstract: In embodiments of the present disclosure, there is provided an approach for managing Target Wake Time (TWT) clients in a congested environment. According to embodiments of the present disclosure, a TWT client transmits, to an AP, a request to negotiate a schedule for a TWT session. The request comprises a first set of TWT parameters requested by the TWT client. The AP determines, based on respective sets of TWT parameters of existing TWT sessions and the first set of TWT parameters, a second set of TWT parameters for the TWT client to minimize overlap between the TWT session and the existing TWT sessions. The AP transmits a response comprising the second set of TWT parameters to the TWT client. Embodiments of the present disclosure provide an effective way for assigning air resources to multiple TWT clients in a congested environment, thereby reducing collisions among TWT sessions.

Abstract: In one example a computer implemented method comprises receiving, at an access point of a wireless network, a multicast/broadcast frame which identifies one or more stations associated with the access point as a recipient for the multicast/broadcast frame, and in response to a determination that at least one station of the one or more stations identified as a recipient for the multicast/broadcast frame is in an inactive state, determining a beacon slot time for a transmission of the multicast/broadcast frame from the access point, in response to a determination that at least one of the one or more stations in an inactive state will miss the beacon signal, converting the multicast/broadcast frame to a unicast frame, and holding a copy of the unicast frame to be transmitted to the at least one of the one or more stations in an inactive state that will miss the beacon signal.

Abstract: In one example in accordance with the present disclosure, a device may include a processor to detect a distance between a first location of the device and a second location of a peer device, automatically select one value for GI from at least two available values based on the detected distance, and update the value of GI using the selected value. A method may include detecting a distance between a first location of the AP and a second location of a peer device, selecting one value for GI from at least two available values based on the detected distance, and updating the value of GI using the selected value.

Abstract: Some examples relate to use of a three-address scheme for forwarding frames in a wireless mesh network (WMN). In an example, a node in a WMN may receive an Ethernet packet from a station outside of the WMN. The Ethernet packet may include a first address scheme comprising a destination address (DA) field, and a source address (SA) of the Ethernet packet. The Ethernet packet may be encapsulated in a second Ethernet packet comprising second address scheme. The second Ethernet packet may be encapsulated in an IEEE 802.11 frame comprising a third address scheme.

Abstract: In embodiments of the present disclosure, there is provided an approach for performing channel scan by utilizing a target wake time (TWT) mechanism. According to embodiments of the present disclosure, a compound AP transmits, to an uplink AP, a request to negotiate a schedule for a TWT session. The compound AP receives a response to the request from the uplink AP. The response comprises timing information of the TWT session. Then, the compound AP performs channel scan during a sleep period determined from the timing information. Data transmission between the compound AP and the uplink AP is disabled during the sleep period. Embodiments of the present disclosure provide an effective way for performing the channel scan, thereby ensuring data delivery and enhancing connection robustness between the compound AP and the uplink AP.

Abstract: In embodiments of the present disclosure, there is provided an approach for managing Target Wake Time (TWT) clients in a congested environment. According to embodiments of the present disclosure, a TWT client transmits, to an AP, a request to negotiate a schedule for a TWT session. The request comprises a first set of TWT parameters requested by the TWT client. The AP determines, based on respective sets of TWT parameters of existing TWT sessions and the first set of TWT parameters, a second set of TWT parameters for the TWT client to minimize overlap between the TWT session and the existing TWT sessions. The AP transmits a response comprising the second set of TWT parameters to the TWT client. Embodiments of the present disclosure provide an effective way for assigning air resources to multiple TWT clients in a congested environment, thereby reducing collisions among TWT sessions.

Abstract: An example device comprising: a monitor to detect cellular signals; and a processor to: calculate frequencies of interferences produced due to the detected cellular signals; estimate energy levels of the interferences at the calculated frequencies; and determine available frequencies based on the calculated frequencies and the estimated energy levels to avoid transmissions on a plurality of frequency bands associated with a second order harmonic distortion, a third order harmonic distortion, a second order inter-modulation distortion (IMD 2), or a third order inter-modulation distortion (IMD 3).

Abstract: In embodiments of the present disclosure, there is provided a method for authenticating an access point. In the method, a request for joining a network is received from an access point. A neighbor authentication notification is transmitted to the access point for obtaining an authentication code from a neighbor access point that is connected in the network in accordance with a determination that the access point is verified. The authentication code that is generated by the neighbor access point is received from the access point. The access point is accepted to join the network in accordance with a determination that the authentication code is valid. Embodiments of the present disclosure present a safe and effective way for authenticating the access point that is requesting to join the network, which provides enhanced authentication and increases the security level of the network.