Abstract: System, device, and method of adaptive network protection for managed Internet-of-Things (IoT) services. A network traffic monitoring unit monitors data traffic, operations-and-management traffic, and control messages, that relate to cellular communication between an IoT device and a core cellular network. An IoT grouping unit groups multiple IoT devices into a particular IoT group. A baseline behavior determination unit determines a Regular Baseline Cellular Communication Behavior (RBCCB) profile that characterizes the cellular communications that are outgoing from and incoming to each member of the particular IoT group. An outlier detector subsequently detects that a particular IoT device of that particular IoT group, exhibits cellular traffic characteristics that are abnormal relative to the RBCCB profile that was characterized for that particular IoT group.

Abstract: A system monitors network activity of an end-user device that communicates with servers over a communications network. The performs analysis of packets of data that are transported via the network. The system detects a first set of communications in which a first server infects the end-user device with a cryptocurrency mining malware; a second set of communications, in which a second server activates the end-user device as an activated cryptocurrency mining bot; and a third set of communications, in which the second server allocates a cryptocurrency mining task to the end-user device and later receives a cryptocurrency mining output from the end-user device. The system determines that the first server is a malicious infecting web-server; that the second server is a malicious Command and Control server of a distributed bot-net of cryptocurrency mining bots; and that the end-user device is an infected and activated and operational cryptocurrency mining bot.

Abstract: System, device, and method of adaptive network protection for managed Internet-of-Things (IoT) services. A network traffic monitoring unit monitors data traffic, operations-and-management traffic, and control messages, that relate to cellular communication between an IoT device and a core cellular network. An IoT grouping unit groups multiple IoT devices into a particular IoT group. A baseline behavior determination unit determines a Regular Baseline Cellular Communication Behavior (RBCCB) profile that characterizes the cellular communications that are outgoing from and incoming to each member of the particular IoT group. An outlier detector subsequently detects that a particular IoT device of that particular IoT group, exhibits cellular traffic characteristics that are abnormal relative to the RBCCB profile that was characterized for that particular IoT group.

Abstract: System, device, and method of adaptive network protection for managed Internet-of-Things (IoT) services. A network traffic monitoring unit monitors data traffic, operations-and-management traffic, and control messages, that relate to cellular communication between an IoT device and a core cellular network. An IoT grouping unit groups multiple IoT devices into a particular IoT group. A baseline behavior determination unit determines a Regular Baseline Cellular Communication Behavior (RBCCB) profile that characterizes the cellular communications that are outgoing from and incoming to each member of the particular IoT group. An outlier detector subsequently detects that a particular IoT device of that particular IoT group, exhibits cellular traffic characteristics that are abnormal relative to the RBCCB profile that was characterized for that particular IoT group.

Abstract: System, device, and method of deploying layer-3 transparent cloud-based proxy network element. A virtual network function is defined between a west-side router and an east-side router. A west-side interface receives east-bound traffic from a west-side Virtual LAN. East-bound queries from the west-bound router, are intercepted and responded to by the west-side interface, the response indicating the MAC address of the west-side router instead of the east-side router. The system enables the virtual network function to transparently intercept network traffic, and to selectively apply to such traffic one or more network functions or operations, prior to forwarding the traffic or a modified version thereof to the east-side router, in a Layer-3 transparent manner.

Abstract: System, device, and method of deploying layer-3 transparent cloud-based proxy network element. A virtual network function is defined between a west-side router and an east-side router. A west-side interface receives east-bound traffic from a west-side Virtual LAN. East-bound queries from the west-bound router, are intercepted and responded to by the west-side interface, the response indicating the MAC address of the west-side router instead of the east-side router. The system enables the virtual network function to transparently intercept network traffic, and to selectively apply to such traffic one or more network functions or operations, prior to forwarding the traffic or a modified version thereof to the east-side router, in a Layer-3 transparent manner.

Abstract: A system monitors network activity of an end-user device that communicates with servers over a communications network. The performs analysis of packets of data that are transported via the network. The system detects a first set of communications in which a first server infects the end-user device with a cryptocurrency mining malware; a second set of communications, in which a second server activates the end-user device as an activated cryptocurrency mining bot; and a third set of communications, in which the second server allocates a cryptocurrency mining task to the end-user device and later receives a cryptocurrency mining output from the end-user device. The system determines that the first server is a malicious infecting web-server; that the second server is a malicious Command and Control server of a distributed bot-net of cryptocurrency mining bots; and that the end-user device is an infected and activated and operational cryptocurrency mining bot.

Abstract: System, device, and method of adaptive network protection for managed Internet-of-Things (IoT) services. A network traffic monitoring unit monitors data traffic, operations-and-management traffic, and control messages, that relate to cellular communication between an IoT device and a core cellular network. An IoT grouping unit groups multiple IoT devices into a particular IoT group. A baseline behavior determination unit determines a Regular Baseline Cellular Communication Behavior (RBCCB) profile that characterizes the cellular communications that are outgoing from and incoming to each member of the particular IoT group. An outlier detector subsequently detects that a particular IoT device of that particular IoT group, exhibits cellular traffic characteristics that are abnormal relative to the RBCCB profile that was characterized for that particular IoT group.

Abstract: A method for alleviation of congestion in a mobile communications network includes detecting congested cells in the mobile communications network, identifying subscribers with active data sessions in the congested cells; and optimizing bandwidth usage for at least one of the identified subscribers. A bandwidth optimization system includes a network sampling interface to receive at least subscriber, cell and data session identifiers from a network data packet sampler, where the sampler identifies the identifiers from internal data traffic within a mobile communications network, and a network awareness engine (NAE) to at least cross reference the identifiers with external data traffic output by the mobile communications network to at least detect congested cells and associated subscriber data sessions emanating from the mobile communications network.

Abstract: System and method of predictive Internet traffic steering. An Internet steering gateway decouples between traffic classification and traffic steering, and includes: a deep packet inspection (DPI) utility to ascertain an indication of a destination remote application server (RAS) from an initial packet of a data session in a network; a RAS database to store an optimization profile for each RAS; and a steering utility to look-up, based on the RAS addressing information that was determined by the DPI utility inspection of the initial packet of the data session, an indicated RAS in the RAS database. The steering utility steers the data session to an external optimization platform (EOP) based on the associated profile in the RAS database.

Abstract: A cellular traffic monitoring system includes: a traffic detection function (TDF) module to monitor cellular traffic associated with a cellular subscriber device, and to generate detection output which includes at least one of: a type of an application associated with the cellular traffic of the cellular subscriber device, and a type of the cellular traffic of the cellular subscriber device. The cellular traffic monitoring system further includes a policy charging and enforcement function (PCEF) module to enforce one or more charging rules to the cellular subscriber device, based on the detection output.

Abstract: System and method of predictive Internet traffic steering. An Internet steering gateway decouples between traffic classification and traffic steering, and includes: a deep packet inspection (DPI) utility to ascertain an indication of a destination remote application server (RAS) from an initial packet of a data session in a network; a RAS database to store an optimization profile for each RAS; and a steering utility to look-up, based on the RAS addressing information that was determined by the DPI utility inspection of the initial packet of the data session, an indicated RAS in the RAS database. The steering utility steers the data session to an external optimization platform (EOP) based on the associated profile in the RAS database.

Abstract: A cellular traffic monitoring system includes: a traffic detection function (TDF) module to monitor cellular traffic associated with a cellular subscriber device, and to generate detection output which includes at least one of: a type of an application associated with the cellular traffic of the cellular subscriber device, and a type of the cellular traffic of the cellular subscriber device. The cellular traffic monitoring system further includes a policy charging and enforcement function (PCEF) module to enforce one or more charging rules to the cellular subscriber device, based on the detection output.

Abstract: A method for alleviation of congestion in a mobile communications network includes detecting congested cells in the mobile communications network, identifying subscribers with active data sessions in the congested cells; and optimizing bandwidth usage for at least one of the identified subscribers. A bandwidth optimization system includes a network sampling interface to receive at least subscriber, cell and data session identifiers from a network data packet sampler, where the sampler identifies the identifiers from internal data traffic within a mobile communications network, and a network awareness engine (NAE) to at least cross reference the identifiers with external data traffic output by the mobile communications network to at least detect congested cells and associated subscriber data sessions emanating from the mobile communications network.

Abstract: An Internet steering gateway includes a deep packet inspection (DPI) utility for ascertaining an indication of a destination remote application server (RAS) from a first packet of a data session, an RAS database to at least store an optimization profile for each of a multiplicity of the RASs, and a steering utility to steer the data session to one of at least one external optimization platform (EOP) and a RAS as per the optimization profile associated with the indication. A method for optimizing network service delivery, includes inspecting a first packet of a data session with a deep packet inspection (DPI) utility, identifying a destination address for an RAS from the first packet, looking up the RAS in a RAS database as per the destination address; and for a the RAS found in the RAS database, steering the data session in accordance with a profile associated with the RAS.

Abstract: A cellular traffic monitoring system includes: a traffic detection function (TDF) module to monitor cellular traffic associated with a cellular subscriber device, and to generate detection output which includes at least one of: a type of an application associated with the cellular traffic of the cellular subscriber device, and a type of the cellular traffic of the cellular subscriber device. The cellular traffic monitoring system further includes a policy charging and enforcement function (PCEF) module to enforce one or more charging rules to the cellular subscriber device, based on the detection output.

Abstract: A method for alleviation of congestion in a mobile communications network includes detecting congested cells in the mobile communications network, identifying subscribers with active data sessions in the congested cells; and optimizing bandwidth usage for at least one of the identified subscribers. A bandwidth optimization system includes a network sampling interface to receive at least subscriber, cell and data session identifiers from a network data packet sampler, where the sampler identifies the identifiers from internal data traffic within a mobile communications network, and a network awareness engine (NAE) to at least cross reference the identifiers with external data traffic output by the mobile communications network to at least detect congested cells and associated subscriber data sessions emanating from the mobile communications network.

Abstract: System and method of predictive Internet traffic steering. An Internet steering gateway decouples between traffic classification and traffic steering, and includes: a deep packet inspection (DPI) utility to ascertain an indication of a destination remote application server (RAS) from an initial packet of a data session in a network; a RAS database to store an optimization profile for each RAS; and a steering utility to look-up, based on the RAS addressing information that was determined by the DPI utility inspection of the initial packet of the data session, an indicated RAS in the RAS database. The steering utility steers the data session to an external optimization platform (EOP) based on the associated profile in the RAS database.

Abstract: A cellular traffic monitoring system includes: a Traffic Detection Function (TDF) module to monitor cellular traffic associated with a cellular subscriber device, and to generate application detection output indicative of an application used by the cellular subscriber device; an application-based charging module to generate, based on the application detection output of said TDF module, application-based charging data related to said cellular subscriber device; a Policy Charging and Enforcement Function (PCEF) module to enforce one or more charging rules that are Service Data Flow (SDF) based and are related to said cellular subscriber device; an SDF-based charging module to generate SDF-based charging data related to said cellular subscriber device; and a charging correlator module to identify a potential over-charging due to an overlap between the application-based charging data and the SDF-based charging data.

Abstract: A method for alleviation of congestion in a mobile communications network includes detecting congested cells in the mobile communications network, identifying subscribers with active data sessions in the congested cells; and optimizing bandwidth usage for at least one of the identified subscribers. A bandwidth optimization system includes a network sampling interface to receive at least subscriber, cell and data session identifiers from a network data packet sampler, where the sampler identifies the identifiers from internal data traffic within a mobile communications network, and a network awareness engine (NAE) to at least cross reference the identifiers with external data traffic output by the mobile communications network to at least detect congested cells and associated subscriber data sessions emanating from the mobile communications network.