Abstract: An apparatus configured to: obtain an indication of partitions of a machine learning model corresponding to respective ones of the one or more groups; transmit, to the respective ones of the plurality of user equipments, a corresponding partition, of the partitions of the machine learning model; transmit, to the plurality of user equipments, an indication to record measurements for the first cell; receive, from at least one of the plurality of user equipments, at least one message regarding a handover failure, wherein the at least one message comprises a message generated using a first partition of the partitions of the machine learning model; and determine, with a second partition of the partitions of the machine learning model, whether the first cell is a rogue base station based, at least partially, on a plurality of detection reports.

Abstract: In a communication network, a device is configured to predict attacks and detect attacks from data logs received from the network and generate a response to an attack upon prediction or detection of an attack. Graph representations of data logs are generated based on a predefined schema. Attacks are detected by applying inference rules to a graph representation of the data logs. Attacks are predicted by using a graph neural network trained with subgraphs obtained by querying a graph representation of training data corresponding to normal traffic and attacks.

Abstract: A method comprising: retrieving update rules stored in a distributed ledger from the distributed ledger; checking whether or not a received initial transaction fulfills all the retrieved update rules; creating a block comprising the initial transaction if the initial transaction fulfills all the retrieved update rules; broadcasting the block into a network of the distributed ledger, wherein, the initial transaction requests to modify a content of a slice and/or an intent of the slice; if the initial transaction requests to modify the content of the slice, at least one of the update rules constrains the content of the slice or the modifying of the content of the slice, and if the initial transaction requests to modify the intent of the slice, at least one of the update rules constrains the intent of the slice or the modifying of the intent of the slice.

Abstract: A method for a physical random access channel (PRACH) attack detection includes detecting by a base station a plurality of preambles sent by devices through a PRACH; launching by the base station a random access (RA) procedure for at least one device for which a preamble has been detected; decoding by the base station at least one radio resource control (RRC) connection request received in the context of a launched RA procedure; determining by the base station a first metric and a second metric, wherein the first metric is the number of RRC connection requests successfully decoded over time, wherein the second metric is the number of preambles detected over the same time and for which a RA procedure has been launched; determining whether there is a suspicion of storm attack over the PRACH based on a result of a comparison of the first and second metrics.

Abstract: According to an example aspect of the present invention, there is provided a method comprising compiling a behavioural baseline database comprising system call behaviours of a computer program, using a first testing process based at least partly on emulated nodes, running a second test of the computer program using live nodes and logging system call behaviour of the computer program during the second test, and determining whether the system call behaviour logged during the second test comprises behaviour deviates from the behavioural baseline database.

Abstract: According to an example aspect of the present invention, there is provided a method, comprising running a multi-thread computer program and recording system calls thereby made to produce a test set of threads with their associated system calls, retrieving a mapping from the threads of the test set to reference threads of a database of reference threads, attempting to map, using the mapping, the threads of the test set to the reference threads of the database, and responsive to a first thread from among the threads of the test set not mapping to the reference threads of the database, flagging the first thread for a security action.

Abstract: The apparatus includes means for enabling an input interface and an audio interface in order to be declared as a input device and an audio device for the mobile device, means receiving parameters through the audio interface in an audio stream sent from the mobile device, the parameters being set by the application server and containing a query for user inputs for the service and a formula for a validation token, the query including a text for prompting for user inputs, means providing the query for user inputs, means receiving user inputs, means creating a validation token by applying the formula on the query, the user inputs and the random number, means sending the validation token in the form of required user inputs to the mobile device through the input interface, the token being sent to the application server by the mobile device.

Abstract: For ensuring a universal serial bus, USB, attack protection between a communication device (CD) and an accessory device (AD), a protection device (PD) being inserted between the communication device (CD) and the accessory device (AD) through a USB link, the communication device (CD): memorizes the highest value (HV) of indexes of string descriptor found in a USB Device Descriptor received from the accessory device (AD), sends a request (Req) for a string descriptor to the accessory device (AD) with a value (Val1) of index higher than said highest value (HV), receives a response (Res) generated and sent from the protection device (PD), the response containing an identifier (Id P) of the protection device validates the presence of the protection device (PD) if the identifier (Id P) is found in a database.

Abstract: A threat level is evaluated for an ongoing attack detected for a set of resources based on received notifications having low weight in the evaluation of the threat level. If the threat level is smaller than an entrapment threshold, sensors associated with resources of an information system infrastructure that are potential subsequent targets of the ongoing attack are activated, the weight of the notifications sent from the activated sensors are set as average weight in the evaluation of the threat level, and the threat level is further evaluated for the ongoing attack. If the threat level is greater than the entrapment threshold, traps are deployed in the information system infrastructure, the weight of the notifications sent from the deployed traps are set as high weight in the evaluation of the threat level, and the threat level is further evaluated for the ongoing attack.

Abstract: A system and method for protecting a universal serial bus device from being used in an attack during communication between a communication device and an accessory device is disclosed. A protection device inserted between them through a USB link performs steps of receiving a message from the accessory device, including fields of characteristics of the accessory device; generating a random identifier; sending it to the communication device that creates a registration rule based on the generated random identifier; modifying an intercepted response from the accessory device to a request from the communication device, the request being dedicated to get a value associated with a serial number of the accessory device, by including the generated random identifier; and sending the modified response to the communication device, the modified response triggering a query for registration of the accessory device by means of the modified response and the created registration rule.

Abstract: For ensuring a universal serial bus, USB, attack protection between a communication device (CD) and an accessory device (AD), a protection device (PD) being inserted between the communication device (CD) and the accessory device (AD) through a USB link, the communication device (CD): memorizes the highest value (HV) of indexes of string descriptor found in a USB Device Descriptor received from the accessory device (AD), sends a request (Req) for a string descriptor to the accessory device (AD) with a value (Val1) of index higher than said highest value (HV), receives a response (Res) generated and sent from the protection device (PD), the response containing an identifier (Id P) of the protection device validates the presence of the protection device (PD) if the identifier (Id P) is found in a database.

Abstract: A system and method for protecting a universal serial bus device from being used in an attack during communication between a communication device and an accessory device is disclosed. A protection device inserted between them through a USB link performs steps of receiving a message from the accessory device, including fields of characteristics of the accessory device; generating a random identifier; sending it to the communication device that creates a registration rule based on the generated random identifier; modifying an intercepted response from the accessory device to a request from the communication device, the request being dedicated to get a value associated with a serial number of the accessory device, by including the generated random identifier; and sending the modified response to the communication device, the modified response triggering a query for registration of the accessory device by means of the modified response and the created registration rule.

Abstract: Process for preserving the privacy of a user connected to a network through a terminal that comprises geolocation means adapted to emit geolocation information about the geographical position of said user, said process providing for: analyzing a packet from said terminal to detect the eventual presence of geolocation information into said packet; replacing in said packet said detected geolocation information by virtual geolocation information that have been computed for said user; forwarding through said network said packet with said virtual geolocation information.

Abstract: A threat level is evaluated for an ongoing attack detected for a set of resources based on received notifications having low weight in the evaluation of the threat level. If the threat level is smaller than an entrapment threshold, sensors associated with resources of an information system infrastructure that are potential subsequent targets of the ongoing attack are activated, the weight of the notifications sent from the activated sensors are set as average weight in the evaluation of the threat level, and the threat level is further evaluated for the ongoing attack. If the threat level is greater than the entrapment threshold, traps are deployed in the information system infrastructure, the weight of the notifications sent from the deployed traps are set as high weight in the evaluation of the threat level, and the threat level is further evaluated for the ongoing attack.

Abstract: Process for preserving the privacy of a user connected to a network through a terminal that comprises geolocation means adapted to emit geolocation information about the geographical position of said user, said process providing for: analyzing a packet from said terminal to detect the eventual presence of geolocation information into said packet; replacing in said packet said detected geolocation information by virtual geolocation information that have been computed for said user; forwarding through said network said packet with said virtual geolocation information.

Abstract: Process for preserving the privacy of a user connected to a network through a terminal that comprises geolocation means adapted to emit geolocation information (2, 2a) about the geographical position of said user, said process providing for: —analyzing a packet (1) from said terminal to detect the eventual presence of geolocation information (2) into said packet; —replacing in said packet said detected geolocation information by virtual geolocation information (9, 9a) that have been computed for said user; —forwarding through said network said packet with said virtual geolocation information.

Abstract: A capability for managing a representation of a smart environment is presented herein. The capability for managing a representation of a smart environment is configured to support augmented reality (AR)-based management of a representation of a smart environment, which may include AR-based generation of a representation of the smart environment, AR-based alignment of the representation of the smart environment with the physical reality of the smart environment, and the like.

Abstract: To securely transmit data from a communication terminal (TC) to an application server (SA) over a telecommunications network (RT), the communication terminal (TC) being connected to the application server (SA) via an unsecure access network (RAns) and being able to communicate with the application server (SA) via at least one secure access network (RAs), the communication terminal (TC) switches the connection with the application server (SA) from the unsecure access network (RAns) to a secure access network (RAs), when personal data (DonP) is likely to be entered or is entered by the user, transmits the personal data (DonP) to the application server (SA) via the secure access network (RAs), and switches the connection with the application server (SA) from the secure access network (RAs) to an unsecure access network (RAns).

Abstract: A method and system for providing conditional interaction for a virtual object (2) accessible with a mobile device (1), said mobile device (1) comprising geolocation means for assessing a real-world geographic location (PI) to said mobile device (1), and said virtual object (2) being assessed a location information (P2) corresponding to a real-world geographic location, In various embodiments at least one interaction is conditioned with said virtual object (2) through said mobile device (1), at least in function of the real-world geographic location (PI) of said mobile device (1) and the location information (P2) of said virtual object (2). In case said conditioning step is satisfied, interacting (7) with said mobile device (1) on said virtual object by modifying said location information (P2) of the virtual object (2).

Abstract: Process for preserving the privacy of a user connected to a network through a terminal that comprises geolocation means adapted to emit geolocation information (2, 2a) about the geographical position of said user, said process providing for:—analysing a packet (1) from said terminal to detect the eventual presence of geolocation information (2) into said packet;—replacing in said packet said detected geolocation information by virtual geolocation information (9, 9a) that have been computed for said user;—forwarding through said network said packet with said virtual geolocation information.