Abstract: Analyzing and reporting anomalous internet traffic data by accepting a request for a connection to a virtual security appliance, collecting attribute data about the connection, applying an alert module to the data, and automatically generating an alert concerning an identified incident. An alert system for analyzing and reporting the anomalous internet traffic data. A processor to analyze and report anomalous internet traffic data.

Abstract: A system and method for retrieval and analysis of stored objects for malware is described. The method involves receiving a scan request message from a customer to conduct analytics on one or more objects stored within a third-party controlled service. In response to receipt of the scan request message, the system generates a redirect message. The redirect message redirects the customer to an authentication portal of the third-party controlled service operating as a logon page and configures receipt by the system of access credentials for the third-party controlled service upon verification of the customer. Using the access credentials, the system is able to retrieve the one or more objects using the access credentials and performing analytics on each object of the one or more objects to classify each object as malicious or benign.

Abstract: Techniques are disclosed relating to data management. A computer system may evaluate network traffic to extract and group data objects based on their content satisfying similarity criteria, and to identify baseline behavior with respect to those data objects. The computer system may generate data-defined network (DDN) data structures that include a content class and one or more behavioral classes. The content class may be indicative of one or more of the data objects that have been grouped based on them satisfying the similarity criteria. The one or more behavioral classes may indicate baseline behavior of those data objects within the content class as determined from evaluation of the network traffic. The computer system may detect, using the DDN data structures, anomalous data behavior within network traffic. In response to detecting anomalous data behavior, the computer system may prevent network traffic corresponding to the anomalous data behavior from being communicated.

Abstract: A method to monitor integrity of webpages. The method may include obtaining a destination of outgoing network traffic resulting from rendered code of a webpage. The rendered code may be generated using source code of the webpage that is obtained in response to a request to a webserver that hosts the webpage. The method may also include obtaining a previous destination of previous outgoing network traffic resulting from previous rendered code of the webpage. The previous rendered code may be generated before the request is sent to the webserver for the source code used to generate the rendered code. The method may also include comparing the destination and the previous destination to determine a change in integrity of security of the webpage. In response to the change in the integrity of security of the webpage, an alert regarding the integrity of security of the webpage may be generated.

Abstract: A system for detecting and preventing execution of malware on a target system includes an interface for receiving training data. The training data includes domain names known to be legitimate and domain names known to be associated with malware. The system is configured to train a first model to classify the domain names in the training data as being legitimate domain names or malware-associated domain names using a supervised learning methodology. The system configured to train a second model to predict a correct domain name associated with domain names in the training data using an unsupervised learning methodology. The system configured to train a third model to classify the domain names in the training data as being legitimate domain names or malware-associated domain names based on an output of the first learning model and an output of the second learning model.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to identify and report cloud-based security vulnerabilities. An apparatus comprising: a security vulnerability detector to, in response to a resource monitor monitoring a threshold amount of activity in a resource of a cloud computing environment, determine one or more security vulnerabilities associated with the resource and the cloud computing environment; a vulnerability processor to correlate the one or more security vulnerabilities with one or more kill chains to exploit at least one security vulnerability in the cloud computing environment; and a report generator to generate a report including a story graph indicating a subset of at least one of: (a) the one or more security vulnerabilities associated with the one or more kill chains, (b) one or more remediation actions to obviate the one or more security vulnerabilities, or (c) threat intelligence feeds associated with the one or more security vulnerabilities.

Abstract: Techniques for mitigating cybersecurity performance gaps in an organization are disclosed. The method comprises the steps of selecting a threat framework for formulating a threat detection strategy, mapping most likely adversary tactics that may be used to circumvent the threat detection strategy, updating the threat detection strategy, and performing threat detection to determine threat assessment scores. Further, the determined scores are categorized and contextualized to identify cybersecurity gaps in the organization. These gaps are prioritized based on certain criteria to provide automated recommendations and alerts regarding cybersecurity performance gaps and related organizational risks.

Abstract: Techniques for discovery and management of applications in a computing environment of an organization are disclosed. A security management system discovers use of applications within a computing environment to manage access to applications for minimizing security threats and risks in a computing environment of the organization. The security management system can obtain network data about network traffic to identify unique applications. The security management system performs analysis and correlation, including using one or more data sources, to determine information about an application. The system computes a measure of security for an application (“an application risk score”) and a user (“a user risk score”). The score is analyzed to determine a threat of security posed by the application based on use of the application. The security system performs one or more instructions to configure access permitted by an application, whether access is denied or restricted.

Abstract: A threat detection system for a mobile communication system, and a global device and a local device thereof are provided. The threat detection system is used for detecting and defensing low and slow distributed denial-of-service (LSDDoS) attacks. The global device is located in a core network of the mobile communication system, and is used for training a tensor neural network (TNN) model to build a threat classifier. The threat classifier is used for the local device to identify a plurality of threat types. The local device inputs the to-be-identified data into the threat classifier to generate a classification result corresponding to one of the threat types.

Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.

Abstract: Methods to secure against IP address thefts by rogue devices in a virtualized datacenter are provided. Rogue devices are detected and distinguished from a migration of an endpoint in a virtualized datacenter. A first hop network element in a one or more network fabrics intercepts a request that includes an identity of an endpoint and performs a local lookup for the endpoint entity identifier. Based on the lookup not finding the endpoint entity identifier, the first hop network element broadcasts a message such as a remote media access address (MAC) query to other network elements in the one or more network fabrics. Based on the received response, which may include an IP address associated with the MAC address, the first hop network element performs a theft validation process to determine whether the request originated from a migrated endpoint or a rogue device.

Abstract: Provided is an arrangement for monitoring, a monitoring device and intermediary device and method for monitoring an encrypted connection between a client and an access point in a network, wherein—an Extensible Authentication Protocol is used for access authentication of the client to the network on an authentication server, and—a transport layer security protocol having a key disclosure function is executed within the Extensible Authentication Protocol, in which security information for the cryptographic protection of the connection is provided to an intermediary device and is transmitted from the intermediary device to a monitoring device for monitoring the connection. Also provided is a computer program product of the same.

Abstract: Systems, methods, and apparatuses enable a machine learning model to determine a risk probability of a URL. A query configurator receives a URL in a query and normalizes the URL. The normalized URL is segmented into a plurality of segments. The plurality of segments is serially provided to the machine learning model trained to provide an indication of risk associated with the URL. The indication of risk associated with the URL can be a probability value based on one or more risk probabilities determined for segment-segment transitions of the URL. A security service compares the probability value of the URL to a threshold value and performs a security action based on a result of comparing the probability value to the threshold value.

Abstract: A computer system applies security policies to web traffic while maintaining privacy. A network security agent is authenticated by a client application to dynamically obtain one or more security policies, wherein the client application and the network security agent are configured to execute on a device and the network security agent is capable of communicating with a source of security policies. Connection information is obtained that includes a request to initiate an encrypted connection with a destination entity. The client application determines whether the encrypted connection between the client application and the destination entity is permitted according to the security policy and based on the connection information. The encrypted connection between the client and the destination entity is established in response to determining that the encrypted connection is permitted. Embodiments may further include a method and computer program product for applying security policies to web traffic.

Abstract: Systems, methods, and apparatuses enable one or more security microservices to optimize a security configuration of a networked environment by applying security policies to resource groups passively to determine whether network sets, resource groups, or security policies should be modified, prior to active enforcement. When security policies are applied passively, security actions that are performed in response to a violation of security policy do not impact network traffic. The one or more security microservices evaluate the results of the passive application of security policies to determine whether there is at least one recommended modification to network sets, resource groups, or security policies. When there is at least one recommended modification, the modification is applied.

Abstract: An apparatus for security management based on event correlation in a distributed multi-layered cloud environment is disclosed, wherein the distributed multi-layered cloud environment comprises at least one first layer cloud service provider, and at least one second layer cloud service provider as a tenant of the first layer cloud service provider, and the apparatus is installed at least on one cloud service provider of the first layer cloud service provider and the second layer cloud service provider, the apparatus comprising: a central processing module configured to: provide correlation as a Service (CORRaaS) to a plurality of tenants as virtualized security appliances or virtualized security functions for the plurality of tenants's lices, generate a second interface for allowing the plurality of tenants to configure the correlation as a Service (CORRaaS), and correlate and process security events from security functions in the plurality of tenants' slices to form processed security event data, and to detec

Abstract: A distributed security system includes a plurality of content processing nodes that are located external to a network edge of an enterprise and located external from one of a computer device and a mobile device associated with a user, and a content processing node is configured to monitor a content item that is sent from or requested by the external system; classify the content item via a plurality of data inspection engines that utilize policy data and threat data; and one of distribute the content item, preclude distribution of the content item, allow distribution of the content item after a cleaning process, or perform threat detection on the content item, based on classification by the plurality of data inspection engines; and an authority node communicatively coupled to the plurality of content processing nodes and configured to provide the policy data and the threat data for threat classification.

Abstract: Techniques are described for adjusting policy characteristics based on a determined similarity between routes. A similarity metric may be determined indicating the similarity between a first route followed by a vehicle and/or driver and a second (e.g., previous) route followed by the vehicle and/or driver. A similarity metric may indicate the similarity in movements, and changes in movement, exhibited by the vehicle on the routes. The similarity metric may be determined through analysis of real time data collected by in-vehicle sensor(s), mobile user device(s), external sensors or other data sources. Based on the similarity metric, a premium, a deductible, a price, or other characteristic(s) of a policy may be determined. In some examples, policy characteristics may be adjusted (e.g., in real time) based on the analysis according to changing risk conditions if a driver is following routes that are dissimilar from typical routes.

Abstract: Techniques for parameterized trust and permission policies between entities for cloud resources are described. A method of parameterized trust and permission policies between entities for cloud resources may include receiving, by an access control service of a provider network, a request to generate a parameterized policy template, the parameterized policy template including characteristics of at least one action or at least one resource to be specified by a user, receiving a parameterized action list or a parameterized resource list from the user, validating the parameterized action list or the parameterized resource list based on the characteristics defined in the parameterized policy template, and generating a parameterized role based on the parameterized policy template and the parameterized action list or the parameterized resource list.

Abstract: A building system includes heating ventilation or air conditioning (HVAC) devices configured for communication on a building automation network and a communication engine. The communication engine is configured to provide a diagnostic attribute. The diagnostic attribute indicates communications with the HVAC devices as being according to a first communication protocol or at least one different communication protocol. Systems and methods may detect insecure communications and/or upgrade in secure communication protocols in wireless or wired networks, such as, BACnet systems and/or subsystems.

Abstract: A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

Abstract: The disclosure relates generally to methods, systems, and apparatuses for managing network connections. A system for managing network connections includes a storage component, a decoding component, a rule manager component, and a notification component. The storage component is configured to store a list of expected connections for a plurality of networked machines, wherein each connection in the list of expected connections defines a start point and an end point for the connection. The decoding component is configured to decode messages from the plurality of networked machines indicating one or more connections for a corresponding machine. The rule manager component is configured to identify an unexpected presence or absence of a connection on at least one of the plurality of network machines based on the list of expected connections. The notification component is configured to provide a notification or indication of the unexpected presence or absence.

Abstract: A system validates the establishment and/or continuation of a connection between two applications over a network. The system uses network application security rules to allow or disallow connections between the two applications. Those rules include definitions of the source and destination applications to which the rules apply. The system automatically updates the application definitions over time to encompass new versions of the applications covered by the security rules, but without encompassing other applications. The system is then capable of applying the updated rules both to the original applications and to the updated versions of those applications. This process enables the security rules to maintain security over time in a way that is consistent with the original intent of the rules even as applications on the network evolve.

Abstract: An autonomous mobile device (AMD) may be used in an environment as a communication endpoint for voice or video communications. An incoming request for communication may initiate a process in which the AMD finds a user within the environment. Information obtained from sensors onboard the AMD or in the environment may be used to determine the whereabouts of the user. If an existing communication endpoint is not available to the user or cannot support a requested communication modality, the AMD may travel to permitted areas within the environment to find the user, while avoiding areas designated as private. Once found, communication may be established with the user. If the incoming request expires, the AMD may present information indicative of the request to the user.

Abstract: Methods and apparatus for delivery of packetized content (e.g., video, audio, data, etc.) over a content delivery network. In one embodiment, the content is packetized using an Internet Protocol (IP), and delivered by a service provider over both managed and unmanaged networks to subscribers of the provider, so as to provide delivery at any time, at any location, and via any designated user device. The delivered content may originate from the service provider, third-party content sources (e.g., networks or studios), the subscriber(s) themselves, or other sources including the Internet. Use of a common control and service functions within the network afford the ability to integrate or blend services together, thereby affording the service provider and subscriber new service and economic opportunities. Content delivery sessions may also be migrated from one device to another. A network-based user interface infrastructure, and gateway-based client-side architecture, are also disclosed.

Abstract: Systems and methods for dynamically controlling network registrations are disclosed. The method includes replacing a stringent error message with a lenient cause message in responding to a registration request from a user equipment.

Abstract: The present disclosure describes methods and systems for an automatic device discovery. A registration request is transmitted to register a media device with a server, the registration request comprising a device identifier associated with the media device. A discovery request is caused to be issued to allow client devices previously registered with the server and connected to the first network to discover the media device, wherein the discovery request is to cause at least a subset of the client devices previously registered with the server and connected to the first network to initiate discovery of the media device without requesting permission from a user of a respective client device to initiate the discovery of the media device, wherein the at least the subset of the client devices includes two or more client devices each associated with an auto-connect status.

Abstract: In some embodiments, a method can include connecting, via an application stored in a browser cache of a presenter compute device, to a synchronized mesh server endpoint. The synchronized mesh server endpoint establishes a session between the presenter compute device and multiple audience compute devices. The method can further include formatting each page from multiple pages of a portable document format (PDF) to a unique scalable vector graphics (SVG) representation from multiple SVG representations, such that the multiple SVG representations are stored in the browser cache when the multiple pages are formatted. The PDF file includes the multiple pages and multiple tags. The method further includes uploading the multiple SVG representations and the multiple tags to the synchronized mesh server endpoint. The method further includes clearing the application from the browser cache, after the uploading and when an end-of-session message is received from the synchronized mesh server endpoint.

Abstract: Systems and methods are described for managing services of a computing device over a mobile network where requests for managed or unmanaged services are translated to corresponding IP addresses sent to the computing device and corresponding requests sent to the translated IP addresses are either permitted, rated, quality controlled or secured if the computing device has a valid data plan or is otherwise permissioned for using the mobile network, are denied if filtered and if the computing device does not have a valid data plan or is not otherwise permissioned and the request corresponds to the first address, and are permitted, rated, quality controlled or not secured even if the computing device does not have a valid data plan or is not otherwise permissioned if the request corresponds to the second address.

Abstract: Provided is a method, computer program product, and virtual conferencing system for automatically positioning a video thumbnail within an area on a display during a virtual conferencing session. A processor may receive a data stream of a virtual conferencing session. The data stream includes visual data associated with a presentation. The processor may analyze the visual data to identify a blank space area in the visual data. The processor may display the visual data to one or more users of the virtual conferencing session. The processor may display a video thumbnail of a presenter in the blank space area.

Abstract: A method for selecting a data stream for distribution to a plurality of broadcasting sites. The method includes: receiving a main data stream and a back-up data stream respectively, generated by a main broadcast gateway and a secondary broadcast gateway respectively, from source data, called a main stream and a secondary stream respectively; receiving at least one packet including a piece of information representative of a quality of service associated with the main stream and the secondary stream respectively, at one instant at least or over one given period at least, the at least one packet, called a main current packet and a secondary current packet respectively, being generated by the main broadcast gateway and secondary broadcast gateway respectively; and selecting in real time the main stream or the secondary stream respectively in taking account of the main current packet and secondary current packet, delivering the data stream for distribution.

Abstract: Techniques for improved media streaming are provided. A request for a variant list for streaming media content is received from a requesting entity, where the request includes a predefined flag. A set of predefined rules corresponding to the predefined flag is identified. The variant list is pruned based on the set of predefined rules, and the pruned variant list is transmitted to the requesting entity.

Abstract: The objective of the present invention is to provide a method, apparatus, computing node and computer program product for fault handling in a stream computing system. Here, at a computing node, recording arrival sequences of respective original data from a upstream computing node; performing persistence operation on the respective original data according to a predetermined period; in the case of failure and restart, restoring to-be-computed data in internal storage from the original data subjected to the persistent operation and/or the upstream computing node, and replaying and computing the restored to-be-computed data according to the respective previous arrival sequences; continuing encoding each completely computed result data according to offset of the result data in the last persistent operation period before the failure and transmitting the encoded result data to a next node.

Abstract: A method for controlling media reception at an electronic device communicating with at least one external device includes establishing a communication session between the electronic device and the at least one external device via a server; in response to establishing the communication session, creating an instance of a first reception control state machine for controlling multiple media receptions in the communication session; receiving, from the server, a media transmission notification indicating that a media reception is available from an external device; receiving, from a user of the electronic device, an input for permitting the media reception; and in response to receiving the input, transmitting a media reception request requesting the media reception to the server and creating an instance of a second reception control state machine for controlling the media reception.

Abstract: An example embodiment may involve receiving an indication of media content selected by way of a first client device. The indication may specify that the media content has been flagged for audible playout at a later time (such as when the client device or its user is in an automobile). The example embodiment may further involve receiving a request to stream the audio file to a second client device. The second client device may be associated with the first client device. The example embodiment may further involve causing the audio file to be streamed to the second client device.

Abstract: A decoding complexity may be used to predict power consumption for receiving, decoding, and/or displaying multimedia content at a wireless transmit/receive unit (WTRU). The decoding complexity may be based on decoding complexity feedback received from a reference device, such as another WTRU. The decoding complexity feedback may be based on measurements performed at the reference device for receiving decoding, and/or displaying the multimedia content. A content providing device may indicate the decoding complexity of requested media content to a WTRU, or another network entity. The decoding complexity may be indicated in a streaming protocol or file associated with the media content. The WTRU, or other network entity, may use the decoding complexity determine its preferences regarding transmission of the media content. The content providing device may determine whether to transmit the media content based on the decoding complexity and/or the preferences of the WTRU or other network entity.

Abstract: One disclosed example method includes receiving, by a video conference provider, video frames from a plurality of existing participants in a video conference; receiving, by the video conference provider, a request from a new user to join the video conference, and in response: generating, by the video conference provider, an instantaneous decoder refresh (IDR) frame; determining, by the video conference provider, one or more prior video frames previously acknowledged by each existing participant of the plurality of existing participants; generating, by the video conference provider, a benchmark frame for each of the plurality of existing participants based on at least one of the determined one or more prior video frames and the IDR frame; transmitting, by the video conference provider, the IDR frame to the new user; and transmitting, by the video conference provider, a message comprising the benchmark frame to each of the plurality of existing participants.

Abstract: According to an embodiment, a method of selecting a Rice parameter for encoding a video bitstream using at least one processor includes obtaining an absolute level corresponding to a current transform block; determining whether transform skip is enabled; generating a lookup variable based on the absolute level and the determination of whether the transform skip is enabled; obtaining the Rice parameter from a lookup table based on the lookup variable; and encoding a residual subblock based on the Rice parameter.

Abstract: The media production element combines media content from a plurality of streaming electronic devices when they are registered to be within the same streaming event. The media production element can produce a combined live video stream or a combined media production using selections and combinations of the streamed content provided by the multiple electronic devices. A network assistance device can provide feedback to the media production element regarding network conditions for the electronic devices that are registered to an event. Such feedback can prevent bad network connections from affecting the final media production by helping the media production element to decide which data stream to use in the production and when to switch from an electronic device that can be on its way to losing optimum radio conditions.

Abstract: Systems and methods for providing a middleware application for user-interface-driven applications include receiving, at the middleware application, queries from different dynamic user interface modules associated with respective front-end applications. The front-end applications are authenticated using authentication data included in the query and verification data external to the middleware application. In response to each query, the middleware application receives data from different external data sources, each being a separate instance of the same back-end service. The data is used to generate objects declaring instances of user interface elements, which are sent by the middleware application to the requesting dynamic user interface module for rendering at the associated front-end application.

Abstract: A server-side technique to detect and mitigate client-side content filtering, such as ad blocking. In operation, the technique operates on a server-side of a client-server communication path to provide real-time detect the existence of a client filter (e.g., an ad blocker plug-in) through transparent request exchanges, and then to mitigate (defeat) that filter through one or operations designed to modify the HTML response body or otherwise obscure URLs. Preferably, the publisher (the CDN customer) defines one or more criteria of the page resources being served by the overlay (CDN) and that need to be protected against the client-side filtering.

Abstract: In some implementations, a device may determine whether an existing record for a file, received at a file storage location, is present in a record log. The device may generate, based on determining that the existing record for the file is not present in the record log, a record for the file in the record log. The record may identify the file and a first region. The device may determine, after generating the record, whether the record has been changed to identify a second region. The device may process the file based on determining that the record has not been changed to identify the second region.

Abstract: A proxy server for uploading a file according to an embodiment of the present disclosure improves the upload speed of a file and to minimize upload delay due to the occurrence of an error in the upload process. Due to the fact that the upload of the upload target file is started by the client delivering only one HTTP request to the proxy server to start the upload of the upload target file instead of requesting an upload link for each divided chunk to the backend server and receiving the response message from the backend server, a transaction over a network having a relatively slow communication speed can be minimized and the upload speed can be improved accordingly.

Abstract: The current document is directed a resource-exchange system that facilitates resource exchange and sharing among computing facilities. The currently disclosed methods and systems employ efficient, distributed-search-based auction methods and subsystems within distributed computer systems that include large numbers of geographically distributed data centers to locate resource-provider computing facilities that match the resource needs of resource-consumer computing facilities. Multiple security methods and subsystems are employed to prevent unauthorized access to resource-exchange-system services, to secure resource-exchange-system-participant data from unauthorized access, and to prevent hosted virtual machines and other hosted computational entities from interfering with operation of native virtual machines and other native computational entities within hosting resource-provider computing facilities.

Abstract: Management of communication systems is facilitated. A method comprises: processing, by a device comprising a processor, first information representative of human-readable language and indicative of terms of agreements associated with respective software for a communication system, wherein the communication system is arranged according to a first configuration of virtual machines and server devices, and wherein the agreements comprise license agreements for the respective software; converting, by the device, the first information into machine-readable rules indicative of the terms of the agreements associated with the respective software for the communication system; and based on a result of comparing the machine-readable rules and first information indicative of the first configuration, determining, by the device, whether the first configuration of the communication system satisfies a defined criterion.

Abstract: Systems for high-performance computing. A storage control architecture is implemented by a plurality of nodes, where a node comprises combinations of executable containers that execute in cooperation with virtual machines running above a hypervisor. The containers run in a virtual machine above a hypervisor, and/or can be integrated directly into the operating system of a host node. Sensitive information such as credit card information may be isolated from the containers in a separate virtual machine that is configured to be threat resistant, and which can be accessed through a threat resistant interface module. One of the virtual machines of the node may be a node-specific control virtual machine that is configured to operate as a dedicated storage controller for a node. One of the virtual machines of the node may be a node-specific container service machine that is configured to provide storage-related and other support to a hosted executable container.

Abstract: The method includes: receiving, by a first managed object device, a first transaction resource creation request that is sent by an application server and includes an identifier of a first to-be-operated resource, a first execution time, and a first to-be-executed operation; receiving, by a second managed object device, a second transaction resource creation request that is sent by the application server and includes an identifier of a second to-be-operated resource, a second execution time, and a second to-be-executed operation; successfully creating, by the first managed object device, a first transaction resource according to the first transaction resource creation request, and successfully creating, by the second managed device, a second transaction resource according to the second transaction resource creation request.

Abstract: One or more metrics associated with performance of a serverless function chain are received. The one or more metrics are analyzed by a reinforcement learning (RL) model to determine a tuning factor in view of a goal provided to the RL model. The tuning factor is transmitted to a serverless function controller, wherein the serverless function controller is to utilize the tuning factor to tune the serverless function chain.

Abstract: A lightweight and extensible information model for machine-to-machine systems is disclosed. A service layer information management architecture uses three categories of atomic objects, subjects, actions, and descriptions. Information for use within the model is built using the atomic information objects. Application programming interfaces are used to perform operations and information processing by different nodes. Common service functions are used in the model as instances of a generic common service information model.

Abstract: Aspects of the disclosure provide for managing traffic for multiple versions of an application deployed in a computer system. A method of the disclosure includes: determining first workload information relating to a deployment of a first version of an application in a computer system and second workload information relating to a deployment of a second version of the application in the computer system; determining traffic information relating to the deployment of the first version of the application, wherein the traffic information comprises information about traffic handled by the first version of the application during a time frame; and determining an amount of traffic to be routed to the second version of the application in view of the first workload information, the second workload information, and the traffic information.