公开(公告)号：US09680843B2

公开(公告)日：2017-06-13

申请号：US14337808

申请日：2014-07-22

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Ilona Murynets ,  Jeffrey E. Bickford ,  Gustavo De Los Reyes ,  Ramesh Subbaraman ,  Wei Wang

IPC: G06F21/55 ,  H04L29/06 ,  G06F13/14

CPC classification number: H04L63/1408 ,  H04L63/1433

Abstract: A request is received over a network to resolve a problem relating to a networked user device. The request is accepted in order to provide user service. Based on the request, one of multiple available diagnostic algorithms is selected to analyze user data related to a user's account to identify symptoms of the problem and diagnose a cause of the symptoms identified.

公开(公告)号：US09641545B2

公开(公告)日：2017-05-02

申请号：US14922744

申请日：2015-10-26

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Nathaniel Boggs ,  Wei Wang ,  Baris Coskun ,  Suhas Mathur

IPC: G06F15/173 ,  H04L29/06 ,  H04L12/24 ,  H04W12/12

CPC classification number: H04L63/1425 ,  H04L41/14 ,  H04L63/1416 ,  H04W12/12

Abstract: Anomalies are detected in a network by detecting communication between a plurality of entities and a set of users in the network, determining an overlap between subsets of the set of users that the entities comprising the plurality of entities communicated with, respectively, and determining whether the communication between the plurality of entities and the set of users is anomalous based on the overlap.

公开(公告)号：US09537829B2

公开(公告)日：2017-01-03

申请号：US14921881

申请日：2015-10-23

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Wei Wang ,  Charles Shen

IPC: H04L29/06 ,  H04W12/08

CPC classification number: H04L63/0272 ,  H04L63/0209 ,  H04L63/04 ,  H04W12/08

Abstract: Methods and apparatus are disclosed to prevent consecutive attacks on a virtual private mobile network. An example method includes for each of a plurality of network elements, generating virtualized slices based on a virtualized slice count value for subgroups associated with the virtual private mobile network, and assigning non-consecutive ones of the virtualized slices to the subgroups associated with the virtual private mobile network based on demand for the virtualized slices by the respective ones of the subgroups. The example method also includes, in response to a request from a mobile device to access the virtual private mobile network for a first time, assigning the mobile device to one of the virtual slices of the plurality of network elements based on (i) the subgroup associated with the mobile device, and (ii) availability of the virtual slices.

Abstract translation: 公开了防止对虚拟专用移动网络的连续攻击的方法和装置。 一个示例性方法包括针对多个网络元件中的每一个，基于与虚拟专用移动网络相关联的子组的虚拟化切片计数值生成虚拟化切片，以及将非连续的虚拟切片分配给与虚拟专用网络相关联的子组 基于对各个子组的虚拟化片的需求的专用移动网络。 该示例方法还包括响应于来自移动设备的第一次访问虚拟专用移动网络的请求，基于（i）该子组将移动设备分配给多个网元中的一个虚拟片段 与所述移动设备相关联，以及（ii）虚拟切片的可用性。

公开(公告)号：US09392001B2

公开(公告)日：2016-07-12

申请号：US14283248

申请日：2014-05-21

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Wei Wang ,  Qi Shen ,  Andrea Forte ,  Jeffrey Bickford

IPC: H04L29/06 ,  G06F15/16 ,  G06F21/55 ,  G06F21/56

CPC classification number: H04L63/14 ,  G06F21/552 ,  G06F21/566 ,  H04L63/1491

Abstract: Concepts and technologies are disclosed herein for multilayered deception for intrusion detection. According to various embodiments of the concepts and technologies disclosed herein, a multilayer deception system includes honey servers, honey files and folders, honey databases, and/or honey computers. A multilayer deception system controller generates honey activity between the honey entities and exposes a honey profile with contact information associated with a honey user. Contact directed at the honey user and/or activity at any of the honey entities can trigger alarms and/or indicate an attack, and can be analyzed to prevent future attacks.

Abstract translation: 这里公开了用于入侵检测的多层欺骗的概念和技术。 根据本文公开的概念和技术的各种实施例，多层欺骗系统包括蜂蜜服务器，蜂蜜文件和文件夹，蜂蜜数据库和/或蜂蜜计算机。 多层欺骗系统控制器在蜂蜜实体之间产生蜂蜜活动，并且露出具有与蜂蜜用户相关联的联系信息的蜂蜜简档。 任何蜂蜜实体的蜂蜜用户和/或活动的联系可以触发报警和/或指示攻击，并且可以进行分析以防止将来的攻击。

公开(公告)号：US20160043998A1

公开(公告)日：2016-02-11

申请号：US14921881

申请日：2015-10-23

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Wei Wang ,  Charles Shen

IPC: H04L29/06

CPC classification number: H04L63/0272 ,  H04L63/0209 ,  H04L63/04 ,  H04W12/08

Abstract: Methods and apparatus are disclosed to prevent consecutive attacks on a virtual private mobile network. An example method includes for each of a plurality of network elements, generating virtualized slices based on a virtualized slice count value for subgroups associated with the virtual private mobile network, and assigning non-consecutive ones of the virtualized slices to the subgroups associated with the virtual private mobile network based on demand for the virtualized slices by the respective ones of the subgroups. The example method also includes, in response to a request from a mobile device to access the virtual private mobile network for a first time, assigning the mobile device to one of the virtual slices of the plurality of network elements based on (i) the subgroup associated with the mobile device, and (ii) availability of the virtual slices.

Abstract translation: 公开了防止对虚拟专用移动网络的连续攻击的方法和装置。 一个示例性方法包括针对多个网络元件中的每一个，基于与虚拟专用移动网络相关联的子组的虚拟化切片计数值生成虚拟化切片，以及将非连续的虚拟切片分配给与虚拟专用网络相关联的子组 基于对各个子组的虚拟化片的需求的专用移动网络。 该示例方法还包括响应于来自移动设备的第一次访问虚拟专用移动网络的请求，基于（i）该子组将移动设备分配给多个网元中的一个虚拟片段 与所述移动设备相关联，以及（ii）虚拟切片的可用性。

公开(公告)号：US08973139B2

公开(公告)日：2015-03-03

申请号：US13689506

申请日：2012-11-29

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Wei Wang ,  Jeffrey E Bickford

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/1416

Abstract: A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application.

Abstract translation: 公开了一种用于检测改变的应用的方法，计算机可读介质和装置。 为多个端点设备获得网络流量数据，以确定第一应用的网络流量签名。 签名包括时间窗内的一组流。 监视网络流量数据以确定第二应用的网络流量签名。 第二应用的签名包括第一应用的网络流量签名加上流向附加地址的流。 与具有与第一应用的签名匹配的网络业务数据的端点设备的百分比相比，该方法确定具有与第二应用的签名相匹配的网络流量数据的端点设备的比率。 当百分比满足阈值时，该方法确定第二应用是包括第一应用的改变版本的改变的应用。

公开(公告)号：US20140150102A1

公开(公告)日：2014-05-29

申请号：US13689506

申请日：2012-11-29

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Wei Wang ,  Jeffrey E. Bickford

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/1416

Abstract: A method, computer readable medium and apparatus for detecting an altered application are disclosed. Network traffic data is obtained for a number of endpoint devices to determine a network traffic signature for a first application. The signature comprises a set of flows within a time window. Network traffic data is monitored to determine a network traffic signature for a second application. The signature for the second application comprises the network traffic signature of the first application plus a flow to an additional address. The method determines a ratio of endpoint devices having network traffic data that matches the signature for the second application as compared to a percentage of endpoint devices having network traffic data that matches the signature for the first application. When the percentage satisfies a threshold, the method determines that the second application is the altered application comprising an altered version of the first application.

Abstract translation: 公开了一种用于检测改变的应用的方法，计算机可读介质和装置。 为多个端点设备获得网络流量数据，以确定第一应用的网络流量签名。 签名包括时间窗内的一组流。 监视网络流量数据以确定第二应用的网络流量签名。 第二应用的签名包括第一应用的网络流量签名加上流向附加地址的流。 与具有与第一应用的签名匹配的网络业务数据的端点设备的百分比相比，该方法确定具有与第二应用的签名相匹配的网络流量数据的端点设备的比率。 当百分比满足阈值时，该方法确定第二应用是包括第一应用的改变版本的改变的应用。

公开(公告)号：US20140108799A1

公开(公告)日：2014-04-17

申请号：US13652369

申请日：2012-10-15

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Wei Wang ,  Mikhail Istomin

IPC: G06F21/20 ,  H04B5/00 ,  H04L9/32 ,  H04W12/06

CPC classification number: G06F21/44 ,  G06F21/32 ,  G06F21/79 ,  H04L63/0876 ,  H04L63/102 ,  H04W12/06 ,  H04W12/08 ,  H04W52/0261 ,  H04W88/02 ,  Y02D70/00 ,  Y02D70/1224 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/162 ,  Y02D70/164 ,  Y02D70/166 ,  Y02D70/23

Abstract: Portable storage devices and methods for remotely managing such portable storage devices are disclosed. For example, a method receives a request from an endpoint device to send a command to a portable storage device. The method then authenticates the endpoint device that has sent the request. The method then transmits the command wirelessly to the portable storage device. Similarly, a portable storage device includes a processor and a computer-readable medium in communication with the processor, the computer-readable medium to store instructions. The instructions, when executed by the processor, cause the processor to perform operations that include: wirelessly receiving a command related to an access of a memory of the portable storage device, verifying an authenticity of the command and executing the command when the authenticity of the command is verified.

Abstract translation: 公开了用于远程管理这种便携式存储设备的便携式存储设备和方法。 例如，一种方法从端点设备接收到向便携式存储设备发送命令的请求。 该方法然后验证发送请求的端点设备。 该方法然后将无线命令发送到便携式存储设备。 类似地，便携式存储设备包括处理器和与处理器通信的计算机可读介质，该计算机可读介质存储指令。 所述指令在由所述处理器执行时使得所述处理器执行以下操作：所述操作包括：无线地接收与所述便携式存储设备的存储器的访问相关的命令，验证所述命令的真实性并在执行所述命令的真实性时执行所述命令 命令被验证。

公开(公告)号：US20250069283A1

公开(公告)日：2025-02-27

申请号：US18945146

申请日：2024-11-12

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Adrianne Luu ,  Robert Moton, JR. ,  Ryan Schaub ,  Timothy Knezevich ,  Barrett Kreiner ,  Wei Wang ,  Ari Craine ,  Robert Koch

IPC: G06T11/00 ,  H04W4/90

Abstract: The disclosed technology is directed towards presenting communications data to a responding entity that are relevant to an emergency situation at an emergency location. The communications data can be obtained from communications (e.g., text messages, transmitted video, voice calls and the like) that involve at least one user device at the situation, including communications that do not involve the responding entity. Users may opt in to such an emergency service to allow access to their communications, whereby their device locations are tracked and known in the event of an emergency. Upon obtaining the communications data, a responder can receive a view of the scene augmented with the communications data. The view can include a three-dimensional and/or two-dimensional representation of the zone/area of the emergency situation. Filtering can be used to eliminate irrelevant communications, and summarization can be used to combine generally redundant communications.

公开(公告)号：US20250014446A1

公开(公告)日：2025-01-09

申请号：US18892695

申请日：2024-09-23

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Adrianne Luu ,  Robert Moton, JR. ,  Ryan Schaub ,  Timothy Knezevich ,  Barrett Kreiner ,  Wei Wang ,  Ari Craine ,  Robert Koch

IPC: G08B21/18 ,  G06T19/00 ,  G08B21/02 ,  H04W4/029 ,  H04W4/90

Abstract: The disclosed technology is directed towards associating a rescue tag with a victim in need of rescue, in which the rescue tag collects condition (biological state) data associated with the victim and provides a location of the rescue tag. The location data is maintained in association with the condition data. A responder makes a request to output the condition data, and in response, the responder's device is presented with an augmented reality display that shows the victim condition data relative to the location data. Multiple victims can be efficiently triaged, with more urgent victims highlighted via augmented reality for more urgent treatment. Filtering as requested by a responder can present augmented reality display for only a subset of the victims. Also described is the use of an aerial vehicle to assist the responders and/or a command center; the aerial vehicle can act as an edge node for efficient communication.