Abstract: In one example embodiment, a proxy for a network obtains a traffic flow. The proxy determines whether a security policy in a whitelist for the traffic flow is active. If it is determined that the security policy for the traffic flow is active, the proxy selectively decrypts the traffic flow to produce one or more traffic flow attributes and, based on the one or more traffic flow attributes, determines whether the traffic flow is potentially malicious.

Abstract: Systems, methods, and computer-readable mediums for distributing machine learning model training to network edge devices, while centrally monitoring training of the models and controlling deployment of the models. A machine learning model architecture can be generated at a machine learning structure controller. The machine learning model architecture can be deployed to network edge devices in a network environment to instantiate and train a machine learning model at the network edge devices. Performance reports indicating performance of the machine learning model at the network edge devices can be received by the machine learning structure controller from the network edge devices.

Abstract: Presented herein are methodologies to on-board and monitor Internet of Things (IoT) devices on a network. The methodology includes receiving at a server, from a plurality of IoT devices communicating over a network, data representative of external environmental factors being experienced by individual ones of the plurality of IoT devices at a predetermined location; generating, using machine learning, an aggregated model of the external environmental factors at the predetermined location; receiving, at the server, a communication indicative that a new IoT device seeks to join the network at the predetermined location; receiving, from the new IoT device, data representative of external environmental factors being experienced by the new IoT device; determining whether there is a discrepancy between the external environmental factors of the new IoT device and the aggregated model; and when there is such a discrepancy, prohibiting the new IoT device from joining the network.

Abstract: Techniques for establishing network policy parameters for an internet of things (IoT) device. A first network message is received from the IoT device using a cellular communication network. The first network message includes a protocol configuration options (PCO) element including a network policy identifier relating to the IoT device. A packet data network gateway (PGW) in the cellular communication network determines network policy parameters relating to the IoT device and the cellular communication network, based on the policy identifier. The network policy parameters for the IoT device are established in the cellular communication network.

Abstract: Automatic, adaptive stimulus generation includes receiving, at a network device that is associated with a network or system, analytics data that provides an indication of how the network or system is responding to a set of test stimuli introduced into the network or system to facilitate an analysis operation. The network device analyzes the analytics data based on an intended objective for the analysis operation and generates control settings based on the analyzing. The control settings control creation of a subsequent stimulus to be introduced into the network or system during subsequent execution of the analysis operation.

Abstract: Techniques for orchestrating a machine learning (ML) system on a distributed network. Determined performance levels for a ML system, determined from performance data received from the distributed network, are compared to performance requirements from the ML system. An orchestration module for the ML system then determines adjustments for the ML system that will improve the performance of the ML system and executes the adjustments for the ML system.

Abstract: Techniques for establishing network quality of service for an internet of things device are described. A manufacturer usage description identifier relating to the internet of things device is received. The internet of things device is coupled to a communication network. Quality of service parameters relating to the internet of things device and the communication network are determined based on the manufacturer usage description identifier. The quality of service parameters are provided to a network policy controller.

Abstract: In one embodiment, an apparatus includes a multi-socket motherboard, a processor connected to a first socket on the multi-socket motherboard, and an RDMA (Remote Direct Memory Access) interface module connected to a second socket on the multi-socket motherboard and in communication with the processor over a coherency interface. The RDMA interface module provides an inter-server interface between servers in an RDMA domain. A method for transferring data between servers with RDMA interface modules is also disclosed herein.

Abstract: In one embodiment, an apparatus comprising at least one memory, and processing circuitry, the processing circuitry adapted to obtain combined data, the combined data including policy data, or a pointer to the policy data, the policy data relating to general access for an Internet of Things (IoT) device, and update metadata, or a pointer to the update metadata, the update metadata relating to at least one update that is relevant to the IoT device in accordance with at least one criterion, and cause access of the IoT device to the at least one update to be in accordance with an update specific policy that is based on the combined data.

Abstract: In one example embodiment, a proxy for a network obtains a traffic flow. The proxy determines whether a security policy in a whitelist for the traffic flow is active. If it is determined that the security policy for the traffic flow is active, the proxy selectively decrypts the traffic flow to produce one or more traffic flow attributes and, based on the one or more traffic flow attributes, determines whether the traffic flow is potentially malicious.

Abstract: Techniques relating to a geographic lighting controller. A controller determines a target lighting pattern based on an instruction for a smart lighting effect. The controller retrieves from a database, based on the target geographic location, information identifying a first plurality of smart lights to activate as part of the smart lighting effect. The controller determines a plurality of network addresses for the first plurality of smart lights, based on the retrieved information, generates a lighting effect command relating to the first plurality of smart lights, and transmits the lighting effect command to create the smart lighting effect.

Abstract: Biometric masking includes testing video data and/or audio data from the video conference for biometric markers indicative of emotion or stress levels. If at least one of the biometric markers is detected with the testing, the video data and/or the audio data is edited to obfuscate the at least one of the biometric markers so that the video data and the audio data is transmitted to participants of the video conference with the at least one of the biometric markers obfuscated.

Abstract: In one embodiment, an apparatus comprising at least one memory, and processing circuitry, the processing circuitry adapted to obtain combined data, the combined data including policy data, or a pointer to the policy data, the policy data relating to general access for an Internet of Things (IoT) device, and update metadata, or a pointer to the update metadata, the update metadata relating to at least one update that is relevant to the IoT device in accordance with at least one criterion, and cause access of the IoT device to the at least one update to be in accordance with an update specific policy that is based on the combined data.

Abstract: Techniques relating to a geographic lighting controller. A controller determines a target lighting pattern based on an instruction for a smart lighting effect. The controller retrieves from a database, based on the target geographic location, information identifying a first plurality of smart lights to activate as part of the smart lighting effect. The controller determines a plurality of network addresses for the first plurality of smart lights, based on the retrieved information, generates a lighting effect command relating to the first plurality of smart lights, and transmits the lighting effect command to create the smart lighting effect.

Abstract: In one embodiment, a device including a processor, and a memory to store data used by the processor, wherein the processor is operative to run a manufacturer usage description (MUD) controller operative to obtain a MUD profile of an Internet of Things (IoT) device from a MUD server, the MUD profile of the IoT device including: access rights of the IoT device, and any one or more of the following a default device username and/or a default device password of the IoT device, a recommended/required device password complexity of the IoT device, at least one service that should be enabled/disabled on the IoT device, and/or allowed security protocols and/or ciphers for communication to and/or from the IoT device, enforce security of the IoT device according to the MUD profile of the IoT device. Related apparatus and methods are also described.

Abstract: In one embodiment, a classification device in a computer network analyzes data from a given device in the computer network, and classifies the given device as a particular type of device based on the data. The classification device may then determine whether a manufacturer usage description (MUD) policy exists for the particular type of device. In response to there being no existing MUD policy for the particular type of device, the classification device may then determine patterns of the analyzed data, classify the patterns into context-based policies, and generate a derived MUD policy for the particular type of device based on the context-based policies. The classification device may then apply one of either the existing or derived MUD policy for the given device within the computer network.

Abstract: Embodiments herein receive a request to reserve a fog computing resource for an end device, where the request includes a specified future time at which the fog computing resource will be used by the end device. It is determined that sufficient fog computing resources are available at the specified future time on a first fog node of a plurality of fog nodes. The fog computing resource of the first fog node is reserved for the specified future time, and an address corresponding to the first fog node is transmitted.

Abstract: In one embodiment a method including obtaining metrics regarding a WiFi network and a RAN having overlapping coverage ranges, based at least partly on the metrics, allocating a first adjusted spectrum allocation to a first network, and a second adjusted spectrum allocation to a second network, the first adjusted spectrum allocation decreased from a first current spectrum allocation, and the second adjusted spectrum allocation increased from a second current spectrum allocation, and causing enforcement of the first adjusted spectrum allocation and the second adjusted spectrum allocation, wherein the obtaining, allocating and causing are performed a plurality of times, and wherein in at least one of the plurality of times the first network is the WiFi network and the second network is the RAN, and in at least one other of the plurality of times the first network is the RAN and the second network is the WiFi network.

Abstract: Meta behavioral analytics techniques include, at one or more network devices that are operatively coupled to a plurality of behavioral analytics systems associated with a network or system, monitoring data outputs of the plurality of behavioral analytics systems that are representative of activity in the network or system. The one or more network devices correlate the data outputs from two or more of the plurality of behavioral analytics systems that are dedicated to analyzing different subject matter domains. Additionally, based on the correlating, the one or more network devices detect a previously unidentified condition in (a) the network or system; or (b) one of the plurality of behavioral analytics systems.

Abstract: Automatic, adaptive stimulus generation includes receiving, at a network device that is associated with a network or system, analytics data that provides an indication of how the network or system is responding to a set of test stimuli introduced into the network or system to facilitate an analysis operation. The network device analyzes the analytics data based on an intended objective for the analysis operation and generates control settings based on the analyzing. The control settings control creation of a subsequent stimulus to be introduced into the network or system during subsequent execution of the analysis operation.