Abstract: A distributed denial of service (“DDoS”) attack profiler can determine a plurality of DDoS attack properties associated with a DDoS attack that utilizes an Internet of Things (“IoT”) device operating in communication with a home gateway. The DDoS attack profiler can create a DDoS attack profile and can provide a DDoS attack report based upon the DDoS attack profile to a correlator. An IoT device profiler can determine a plurality of IoT device properties and can create, based upon the plurality of IoT device properties, an IoT device profile. The IoT device profiler can create an anomaly report that identifies an anomaly associated with the IoT device. The correlator can correlate the DDoS attack report with the anomaly report to determine if a match exists. In response to determining that the match exists, the home gateway system can store the bot match record in a bot match repository.

Abstract: The described technology is generally directed towards a cellular network area optimizer. The area optimizer observes cellular network conditions at multiple radio access network (RAN) nodes within a target area. Based on observed conditions, the area optimizer applies a set of parameter values at the multiple RAN nodes. The set of parameter values enhances the overall throughput, while maintaining or improving connection retainability and accessibility, of the multiple RAN nodes under the observed conditions. The area optimizer learns different sets of parameter values to apply in response to different observed conditions by making parameter value adjustments and observing the effect of the adjustments on overall throughput of the RAN nodes in the target area.

Abstract: Aspects of detecting and mitigating denial of service (“DoS”) attacks over home gateway network address translation (“NAT”) are disclosed herein. According to one aspect disclosed herein, a home gateway system can detect that a NAT table is overpopulated. In response to detecting that the NAT table is overpopulated, the home gateway system can determine a mitigation action to be performed. The home gateway system can then perform the mitigation action in an attempt to mitigate an effect of the NAT table overpopulation.

Abstract: The described technology is generally directed towards a cellular network area optimizer. The area optimizer observes cellular network conditions at multiple radio access network (RAN) nodes within a target area. Based on observed conditions, the area optimizer applies a set of parameter values at the multiple RAN nodes. The set of parameter values enhances the overall throughput, while maintaining or improving connection retainability and accessibility, of the multiple RAN nodes under the observed conditions. The area optimizer learns different sets of parameter values to apply in response to different observed conditions by making parameter value adjustments and observing the effect of the adjustments on overall throughput of the RAN nodes in the target area.

Abstract: Described is centralized scheduling of baseband unit resources of a hub, including allocating and deallocating baseband unit resources of a distributed unit instance based on anticipated and/or actual demand for the resources. For example, when user equipment transitions to a connected state, a corresponding message can be detected and used to determine whether sufficient baseband unit resources exist to handle the traffic of the newly connecting user equipment. If not, additional baseband unit resources are allocated, coupled to a node (cell), and the node scheduled to handle the user equipment traffic. When user equipment transitions to an inactive state, the corresponding command can be detected and used to determine whether the baseband unit resources are still needed for other traffic. If not, the baseband unit resources are deallocated.

Abstract: A distributed denial of service (“DDoS”) attack profiler can determine a plurality of DDoS attack properties associated with a DDoS attack that utilizes an Internet of Things (“IoT”) device operating in communication with a home gateway. The DDoS attack profiler can create a DDoS attack profile and can provide a DDoS attack report based upon the DDoS attack profile to a correlator. An IoT device profiler can determine a plurality of IoT device properties and can create, based upon the plurality of IoT device properties, an IoT device profile. The IoT device profiler can create an anomaly report that identifies an anomaly associated with the IoT device. The correlator can correlate the DDoS attack report with the anomaly report to determine if a match exists. In response to determining that the match exists, the home gateway system can store the bot match record in a bot match repository.

Abstract: Aspects of detecting and mitigating denial of service (“DoS”) attacks over home gateway network address translation (“NAT”) are disclosed herein. According to one aspect disclosed herein, a home gateway system can detect that a NAT table is overpopulated. In response to detecting that the NAT table is overpopulated, the home gateway system can determine a mitigation action to be performed. The home gateway system can then perform the mitigation action in an attempt to mitigate an effect of the NAT table overpopulation.

Abstract: Described is allocating and deallocating baseband unit resources of a distributed unit based on anticipated and/or actual demand for the resources. For example, when user equipment transitions to a connected state, a corresponding message can be detected and used to determine whether sufficient baseband unit resources are needed to handle the traffic of the newly connecting user equipment. If not, additional baseband unit resources are allocated. When user equipment transitions to an inactive state, the corresponding command can be detected and used to determine whether the baseband unit resources are still needed for other traffic. If not, baseband unit resources are deallocated; that is, if a distributed unit's resources are no longer needed, the distributed unit's resources are deactivated to reduce resource consumption. Deallocation can be performed by changing the resources to a power conservation (e.g., sleep) state, with allocation performed by changing such resources back to an active state.

Abstract: The disclosed technology is directed towards load balancing baseband units in a communications network. A baseband physical layer 1 unit's functions are disaggregated into Layer 1 (L1) distributed units and radio units, instead of deploying full-fledged baseband units at a service? provider's service areas (cells). A load balancer scales up the number of active distributed units based on increased actual demand, and scales down the active distributed units based on decreased demand. The L1 distributed units and radio units can be software-defined network functions, and need not be collocated, whereby the distributed units can be in the cloud or hub remotely located relative to the radio units deployed at the service areas. Examples of load balancing can be load balancing of transmitted data per carrier, per subcarrier, per user equipment, per transmission time interval (TTI/slot), per bearer, or per channel.

Abstract: Described is pooling baseband units into a hub and mapping radio units associated with the hub to baseband units of the group based on respective resource capacity data of the respective baseband units and an estimated resource usage data of a device that couples to a baseband unit. In one alternative, estimated peak resource usage data of a radio unit over an operation interval is used to select a baseband unit, generally based on which baseband unit of the pool has the least remaining resource capacity, to which the radio unit is mapped for the operation interval. In another alterative, estimated peak resource usage data resource (usage and duration) of a user equipment session is used to dynamically map the user equipment session to a baseband unit, generally selected by which baseband unit of the pool has the least remaining resource capacity.

Abstract: Described is allocating and deallocating baseband unit resources of a distributed unit based on anticipated and/or actual demand for the resources. For example, when user equipment transitions to a connected state, a corresponding message can be detected and used to determine whether sufficient baseband unit resources are needed to handle the traffic of the newly connecting user equipment. If not, additional baseband unit resources are allocated. When user equipment transitions to an inactive state, the corresponding command can be detected and used to determine whether the baseband unit resources are still needed for other traffic. If not, baseband unit resources are deallocated; that is, if a distributed unit's resources are no longer needed, the distributed unit's resources are deactivated to reduce resource consumption. Deallocation can be performed by changing the resources to a power conservation (e.g., sleep) state, with allocation performed by changing such resources back to an active state.

Abstract: Example mobile devices disclosed herein include a camera, memory including computer-executable instructions, and a processor to execute the instructions to at least associate a location of the mobile device with picture data obtained with the camera. The processor is also to assign a first data tag to the picture data when the location of the mobile device corresponds to a first area, the first data tag to identify a first security level for the picture data, or assign a second data tag to the picture data when the location of the mobile device does not correspond to the first area, the second data tag to identify a second security level for the picture data. The processor is further to determine whether to permit an application to access the picture data based on whether the first data tag or the second data tag is assigned to the picture data.

Abstract: Aspects of the subject disclosure may include, for example, a network API service that receives network event data and provides performance hints to a resource manager that manages application containers at edge cloud locations. Network event data may be received from access networks, core networks, nodes within access networks or core networks, or the like. Performance hints may allow booting of application containers at edge cloud locations. Other embodiments are disclosed.

Abstract: The disclosed technology is directed towards load balancing baseband units in a communications network. A baseband physical layer 1 unit's functions are disaggregated into Layer 1 (L1) distributed units and radio units, instead of deploying full-fledged baseband units at a service' provider's service areas (cells). A load balancer scales up the number of active distributed units based on increased actual demand, and scales down the active distributed units based on decreased demand. The L1 distributed units and radio units can be software-defined network functions, and need not be collocated, whereby the distributed units can be in the cloud or hub remotely located relative to the radio units deployed at the service areas. Examples of load balancing can be load balancing of transmitted data per carrier, per subcarrier, per user equipment, per transmission time interval (TTI/slot), per bearer, or per channel.

Abstract: A method for warning a driver of a vehicle (1), in particular a truck, in turn maneuvers includes the following steps: generating (S1) an adaptive monitoring area (2) for the vehicle (1) based on at least a maximum lateral acceleration (4) of the vehicle (1) at a current longitudinal velocity (6) of the vehicle (1); identifying (S2) a vulnerable road user (VRU) (8) within the adaptive monitoring area (2); determining (S3, S4) a driver's intention to turn (40) the vehicle (1); determining S5) whether there is a collision risk between the vehicle (1) and the VRU (8); and outputting a warning signal (SW) based on the determined collision risk.

Abstract: A method for estimating a position of a trailer relative to a truck of a road train includes providing or obtaining a kinematic model of the road train, providing or obtaining a length estimation of the trailer, and measuring an articulation angle between the truck and the trailer. The method further includes determining a position of the trailer relative to the truck using the kinematic model, the length estimation, and the measured articulation angle.

Abstract: Described is pooling baseband units into a hub and mapping radio units associated with the hub to baseband units of the group based on respective resource capacity data of the respective baseband units and an estimated resource usage data of a device that couples to a baseband unit. In one alternative, estimated peak resource usage data of a radio unit over an operation interval is used to select a baseband unit, generally based on which baseband unit of the pool has the least remaining resource capacity, to which the radio unit is mapped for the operation interval. In another alterative, estimated peak resource usage data resource (usage and duration) of a user equipment session is used to dynamically map the user equipment session to a baseband unit, generally selected by which baseband unit of the pool has the least remaining resource capacity.

Abstract: Systems and methods may create and manage hybrid clouds including both standard compute nodes and edge devices. Edge devices can be enrolled in a hybrid cloud by deploying a lightweight container to the edge device.

Abstract: Example mobile devices disclosed herein include a camera, memory including computer-executable instructions, and a processor to execute the instructions to at least associate a location of the mobile device with picture data obtained with the camera. The processor is also to assign a first data tag to the picture data when the location of the mobile device corresponds to a first area, the first data tag to identify a first security level for the picture data, or assign a second data tag to the picture data when the location of the mobile device does not correspond to the first area, the second data tag to identify a second security level for the picture data. The processor is further to determine whether to permit an application to access the picture data based on whether the first data tag or the second data tag is assigned to the picture data.

Abstract: Aspects of the subject disclosure may include, for example, a network API service that receives network event data and provides performance hints to a resource manager that manages application containers at edge cloud locations. Network event data may be received from access networks, core networks, nodes within access networks or core networks, or the like. Performance hints may allow booting of application containers at edge cloud locations. Other embodiments are disclosed.