公开(公告)号：WO2022260743A1

公开(公告)日：2022-12-15

申请号：PCT/US2022/022531

申请日：2022-03-30

Applicant: QUALCOMM INCORPORATED

Inventor： ELSHAFIE, Ahmed ,  MANOLAKOS, Alexandros ,  OPSHAUG, Guttorm Ringstad

IPC: H04L9/40 ,  H04W12/122 ,  H04W12/63

Abstract: A user equipment (UE) detects signals transmitted by one or more attacking devices that interfere with downlink signals from base stations. The UE measures the angle of arrival (AoA) and power information of the interfering signals and sends an interference report to a serving base station. The base station may receive interference reports for the interfering signals from multiple UEs. One or more base stations may determine the identity of the attacking device based on the position of the attacking device determined using the information from the interference report and known positions of devices connected to the network. The one or more base stations may bar access to the network by the attacking device once the attacking device is identified and/or may report the attacking device.

公开(公告)号：WO2022259111A1

公开(公告)日：2022-12-15

申请号：PCT/IB2022/055209

申请日：2022-06-03

Applicant: ARMIS SECURITY LTD.

Inventor： SHOHAM, Ron ,  FRIEDLANDER, Yuval ,  BEN ZVI, Gil ,  HANETZ, Tom

IPC: H04W12/122 ,  G06N20/00 ,  G06N20/20

Abstract: A system and method for identifying device attributes based on string field conventions. A method includes applying at least one machine learning model to an application data set extracted based on a string indicated in a field of device data corresponding to a device, wherein each of the at least one machine learning model is trained based on a training data set including a plurality of second strings and a plurality of device attribute labels, wherein each device attribute label corresponds to a respective second string of the plurality of second strings, wherein each of the at least one machine learning model is configured to output a predicted device attribute for the device based on the first string; and identifying, based on the output of the at least one machine learning model, a device attribute of the device.

公开(公告)号：WO2022250807A1

公开(公告)日：2022-12-01

申请号：PCT/US2022/025135

申请日：2022-04-15

Applicant: QUALCOMM INCORPORATED

Inventor： MANOLAKOS, Alexandros ,  DUAN, Weimin ,  MUKKAVILLI, Krishna Kiran

IPC: H04L9/40 ,  H04W12/12 ,  H04W12/122 ,  H04W12/104 ,  H04W4/029 ,  H04W12/79

Abstract: Disclosed are systems, methods, and non-transitory media for detecting a positioning attack based on wireless position signaling. For example, a location server can determine a positioning reference signal having at least a first signal portion and at least a second signal portion. An indication of a positioning attack associated with the positioning reference signal can be obtained. The location server can provide, to a base station, a message of transmission preemption of the second signal portion of the positioning reference signal based on the indication of the positioning attack.

公开(公告)号：WO2022238644A1

公开(公告)日：2022-11-17

申请号：PCT/FR2022/050877

申请日：2022-05-09

Applicant: ORANGE

Inventor： FONTAINE, Fabrice ,  ARMAND, David

IPC: H04L9/40 ,  H04W12/122 ,  H04W84/12 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466

Abstract: L'invention concerne un procédé de défense contre une tentative de déconnexion entre deux entités correspondant à un point d'accès réseau (120) et un dispositif client (110), ledit procédé comportant, après l'établissement d'une connexion initiale entre lesdites deux entités, un ensemble d'étapes mises en œuvre par une ou bien chacune desdites deux entités : une réception (E10, E20) d'un ensemble de requêtes de déconnexion (ENS_1, ENS_2), une évaluation (E30, E40) d'au moins un critère (CRIT1_i, CRIT2_i) défini à partir d'une métrique basée sur ledit ensemble de requêtes ou bien sur au moins une autre requête de déconnexion reçue après la réception dudit ensemble de requêtes, de sorte à permettre la détection d'une tentative de déconnexion malveillante. Ledit procédé comporte en outre, si au moins un critère est satisfait pour au moins une desdites deux entités, une étape d'exécution (E50, E60), par au moins une desdites deux entités, d'un processus de protection contre ladite tentative de déconnexion malveillante.

公开(公告)号：WO2022191745A1

公开(公告)日：2022-09-15

申请号：PCT/SE2021/050205

申请日：2021-03-09

Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)

Inventor： SKÄRBY, Christian ,  NAKARMI, Prajwol Kumar ,  OLSSON, Jonathan ,  ABDELRAZEK, Loay ,  MÜLLER, Walter

IPC: H04W12/122

Abstract: A method is disclosed for handling a radio communication of a malicious user equipment, UE (102), in a wireless communication network (100). The method is performed by at least one network node in the wireless communication network (100).The method comprises obtaining (302) information identifying the malicious UE (102) attached to the wireless communication network (100). The method comprises performing (304) at least one action to deter or delay serving the malicious UE (102) without terminating the radio communication of the malicious UE (102) with the wireless communication network (100). Further, the method comprises controlling (306) allocation of resources to the malicious UE (102) to allow the malicious UE (102) to retain the radio communication with the wireless communication network (100).Corresponding network node, and computer program products are also disclosed.

公开(公告)号：WO2022185095A1

公开(公告)日：2022-09-09

申请号：PCT/IB2021/051738

申请日：2021-03-02

Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)

Inventor： ALAMEDDINE, Hyame ,  MADI, Taous ,  BOUKHTOUTA, Amine ,  MIGAULT, Daniel

IPC: H04W12/122 ,  H04L29/06 ,  H04W12/06

Abstract: The solutions and methods are directed to spoofing detection approaches and post-spoofing attack prevention schemes. When a first network node such as a Mobility Management Entity, MME, receives a request from an attacker, the first network node sends a modified copy of the request to a second network node such as Home Subscriber Server, HSS, for verification of the request. When the first network node receives a response from the second node and finds that the request is a spoofed request, the first network may disregard the request. This example of the spoofing detection approaches may help the second network node to avoid disruptions of services such as Denial-of-Service, DoS, attacks that could have been caused by multiple Update Location Requests, ULRs, sent by multiple User Equipment, UE, after the spoofing attempted by the attacker becomes successful.

公开(公告)号：WO2022173526A1

公开(公告)日：2022-08-18

申请号：PCT/US2021/072634

申请日：2021-11-30

Applicant: QUALCOMM INCORPORATED

Inventor： PETIT, Jonathan ,  CHEN, Cong ,  ANSARI, Mohammad Raashid

IPC: H04W12/122 ,  H04W12/65 ,  H04L9/40 ,  H04W4/40

Abstract: Methods, apparatuses, systems, and non-transitory computer-readable media are disclosed for V2X misbehavior detection at a device. A disclosed method comprises performing context detection to generate a determined context for the device. The method further comprises performing a plurality of plausibility checks to generate a plurality of plausibility outputs. At least one plausibility check of the plurality of plausibility checks is performed based on inputs including (1) a reported value obtained from a received V2X message and (2) the determined context for the device. The method further comprises weighing and combining the plurality of plausibility outputs, by applying at least one set of weights based on the determined context for the device, to generate at least one combined, weighted plausibility indicator value. The method further comprises performing at least one misbehavior detection based on the at least one combined, weighted plausibility indicator value, to generate at least one misbehavior detection result.

公开(公告)号：WO2022169617A1

公开(公告)日：2022-08-11

申请号：PCT/US2022/013367

申请日：2022-01-21

Applicant: ORACLE INTERNATIONAL CORPORATION

Inventor： RAJPUT, Jay ,  SINGH, Virendra ,  JAYARAMACHAR, Amarnath

IPC: H04W12/08 ,  H04W12/122

Abstract: A method for DoS attacks at an NF includes maintaining, at a first NF, an NF subscription database containing rules that specify maximum numbers of allowed subscriptions and corresponding rule criteria. The method further includes receiving, at the first NF and from a second NF, a subscription request for establishing a subscription. The method further includes determining, by the first NF, that the subscription request matches criteria for at least one rule in the NF subscription database and incrementing, by the first NF, at least one count of a number of subscriptions for the at least one rule. The method further includes determining, by the first NF, that the at least one count of the number of subscriptions exceeds a maximum number of allowed subscriptions for the at least one rule. The method further includes, in response to determining that the at least one count of the number of subscriptions exceeds the maximum number of allowed subscriptions for the at least one rule, preventing establishment of the subscription.

公开(公告)号：WO2022118219A1

公开(公告)日：2022-06-09

申请号：PCT/IB2021/061189

申请日：2021-12-01

Applicant: NOKIA TECHNOLOGIES OY

Inventor： WIACEK, Fabian ,  BECHTA, Kamil

IPC: H04W12/122 ,  H04W48/08 ,  H04W4/50 ,  H04W60/04 ,  H04W76/27 ,  H04W74/08

Abstract: Systems, methods, apparatuses, and computer program products for providing cell configuration parameters in a secure manner are provided. A method may include providing, from a network node, cell configuration or other cell sensitive data to the internal memory of an authorized user equipment. For example, the providing may include providing the cell configuration or other cell sensitive data to the memory of the authorized user equipment as coded cell configuration package (CCCP) tracking area update (TAU) data during the configuration of the authorized user equipment or while the authorized user equipment is in radio resource control (RRC) connected state with the network node.

公开(公告)号：WO2022116147A1

公开(公告)日：2022-06-09

申请号：PCT/CN2020/133884

申请日：2020-12-04

Applicant: 华为技术有限公司

Inventor： 那键

IPC: H04W12/122

Abstract: 本申请公开了一种检测蓝牙漏洞攻击的方法及装置，可以实现针对蓝牙协议中涉及到的不同通信阶段的中间人攻击检测，解决了现有技术中针对蓝牙的中间人攻击的有效防范措施稀少的问题。该方法包括：识别预设范围内的待检测的蓝牙设备，根据待检测的蓝牙设备进行两两配对的结果，确定待检测的蓝牙设备对；从第一蓝牙设备对中的通信数据发送设备处采集并解析出第一通信数据，从第一蓝牙设备对中的通信数据接收设备处采集并解析出第二通信数据；判断第一通信数据与第二通信数据是否相同，若不相同，则确定第一蓝牙设备对存在中间人攻击。