Abstract: A method includes: receiving protocol event data from a plurality of probes within the telecommunication system; determining a most probable cause of a call event from the protocol event data; applying the most probable cause to a trained machine learning algorithm that includes the most probable cause as its input and a telecommunication system score as its output; and in response to an output score from the trained machine learning algorithm, performing a corrective action for a plurality of network users that are expected to be affected by the most probable cause.

Abstract: A method includes, receiving protocol event data from a plurality of probes within the telecommunication system, associating the protocol event data into a call, wherein the protocol event data comprises processes in a plurality of protocols, mapping the protocol event data into a per-call finite state machine, wherein the finite state machine represents possible call states in multiple protocols between call setup and termination, wherein the mapping is performed at least in part within a duration of the call, and after termination of the call, creating a call data record that includes information from the per-call finite state machine and Key Performance Indicator (KPI) information of the call.

Abstract: System and methods of brokering trust across multiple Authentication and Authorization methods in a multi-domain, multi-operator, private and public cloud networks are identified. A Digital Trust Broker (DTB) is disclosed that brokers trust between infrastructure authentication methods that use digital certificates (PKI) and operator/enterprise Authentication/Authorization methods through interaction with multiple operator/service provider control and management platforms. The Digital Trust Broker interacts with vendor management and security platforms for associating device manufacturing, assembly, supply-chain, and logistics attributes for assuring trust of compute, network, storage and other system components that a high security enterprise or service provider acquires and installs in their networks. Additionally, methods of generating enhanced certificates for secure network slices and other Cloud and SDN hosted virtual network functions as trust assured services are also disclosed.

Abstract: System and methods of brokering trust across multiple Authentication and Authorization methods in a multi-domain, multi-operator, private and public cloud networks are identified. A Digital Trust Broker (DTB) is disclosed that brokers trust between infrastructure authentication methods that use digital certificates (PKI) and operator/enterprise Authentication/Authorization methods through interaction with multiple operator/service provider control and management platforms. The Digital Trust Broker interacts with vendor management and security platforms for associating device manufacturing, assembly, supply-chain, and logistics attributes for assuring trust of compute, network, storage and other system components that a high security enterprise or service provider acquires and installs in their networks. Additionally, methods of generating enhanced certificates for secure network slices and other Cloud and SDN hosted virtual network functions as trust assured services are also disclosed.

Abstract: System and methods of brokering trust across multiple Authentication and Authorization methods in a multi-domain, multi-operator, private and public cloud networks are identified. A Digital Trust Broker (DTB) is disclosed that brokers trust between infrastructure authentication methods that use digital certificates (PKI) and operator/enterprise Authentication/Authorization methods through interaction with multiple operator/service provider control and management platforms. The Digital Trust Broker interacts with vendor management and security platforms for associating device manufacturing, assembly, supply-chain, and logistics attributes for assuring trust of compute, network, storage and other system components that a high security enterprise or service provider acquires and installs in their networks. Additionally, methods of generating enhanced certificates for secure network slices and other Cloud and SDN hosted virtual network functions as trust assured services are also disclosed.

Abstract: A method includes: receiving protocol event data from a plurality of probes within the telecommunication system; determining a most probable cause of a call event from the protocol event data; applying the most probable cause to a trained machine learning algorithm that includes the most probable cause as its input and a telecommunication system score as its output; and in response to an output score from the trained machine learning algorithm, performing a corrective action for a plurality of network users that are expected to be affected by the most probable cause.

Abstract: Methods of configuring path-aware point to point secure network private lines over multi-domain, multi-operator virtual and physical networks through network elements that are compliant with PKI Digital Certificates (eDC) with metadata enhancements are disclosed. Secure Network Slices (SNS) may then be constructed by interconnecting SVPLs through a network aggregation device such as switch/bridge/router which allows different network policies on different segments of the network. A Digital Trust Broker is disclosed that bridges between multiple Authentication/Authorization frameworks of an enterprise and the security frameworks of multiple operators and service providers that provide Secure Virtual Private lines and Secure Network Slices. Additionally, the methods that identify that any traffic exchange with internet or between differing levels of SNS or SVPLs go through enhanced security bridge that enforces policies of high security enterprise are also disclosed.

Abstract: A method includes: receiving protocol event data from a plurality of probes within the telecommunication system; determining a most probable cause of a call event from the protocol event data; applying the most probable cause to a trained machine learning algorithm that includes the most probable cause as its input and a telecommunication system score as its output; and in response to an output score from the trained machine learning algorithm, performing a corrective action for a plurality of network users that are expected to be affected by the most probable cause.

Abstract: A method includes, receiving protocol event data from a plurality of probes within the telecommunication system, associating the protocol event data into a call, wherein the protocol event data comprises processes in a plurality of protocols, mapping the protocol event data into a per-call finite state machine, wherein the finite state machine represents possible call states in multiple protocols between call setup and termination, wherein the mapping is performed at least in part within a duration of the call, and after termination of the call, creating a call data record that includes information from the per-call finite state machine and Key Performance Indicator (KPI) information of the call.

Abstract: Data collection system that receives plurality of user network data access flows that include HTTP/HTTPS URLs from network probes or network elements such as CDNs, Proxies, control plane logs (S11, SlAP etc.) that include permanent subscriber identifier (IMSI, IMEI) or obfuscated subscriber identifiers, or obtains such identifiers corresponding to user IP addresses in access flows from operator network elements, extracts plurality of unique identifiers (UUIDs), plurality of tags, or contextual identifiers that appear in URL strings, determines domain names from HTTP/HTTPS header fields or temporally close DNS flows and generates a mapping table that includes subscriber identifiers, domain names, HTTP tags, and associates subset of UUIDs as potential Advertisement Identifier (Ad-Id) for each subscriber-id based on the usage counts of that UUID across multiple domains.

Abstract: Methods for estimating Subscriber quality of experience (QOE) for mobile users accessing networks for different services from observed data in control and user planes in mobile wireless networks and then summarizing inferences per user, per service, per sector, group of sectors and other aggregate points, and exporting this information for reducing user churn, network planning and network tuning, application adaptation to improve QOE are disclosed. Methods for improving subscriber QOE metrics for certain applications, services and web-sites for improved monetization methods are also presented. The methods facilitate quantifying network goodness from the user application point of view, and exporting triggers to other network elements, such as SON Server, OSS and PCRF, when QOE anomalies are detected. Additionally, this exported information could also trigger content adaptation, delivery optimizations and other actions.

Abstract: Control Plane and User plane packet data are collected within the Radio Access Network using a plurality of network devices. Consolidation and summarization of this information is then performed to present a unified picture of RAN through abstract APIs to management and analytics applications. The invention identifies methods of retaining the collected network data, such as control and application protocol headers at the collection points, and consolidation and exporting this network data to management/reporting/analytics application using application driven rules for consolidation and summarization. Real-time statistical analysis tools, which may be used to predict failure and degradation trends and proactively control the underlying causes, are also disclosed.

Abstract: Control Plane and User plane packet data are collected within the Radio Access Network using a plurality of network devices. Consolidation and summarization of this information is then performed to present a unified picture of RAN through abstract APIs to management and analytics applications. The invention identifies methods of retaining the collected network data, such as control and application protocol headers at the collection points, and consolidation and exporting this network data to management/reporting/analytics application using application driven rules for consolidation and summarization. Real-time statistical analysis tools, which may be used to predict failure and degradation trends and proactively control the underlying causes, are also disclosed.

Abstract: A method of learning and identifying two unidirectional GTP-U tunnels corresponding to a user equipment (UE) in a device placed in a LTE network, where the device acts as a transparent proxy intercepting user plane and control plane protocols on the S1 interface, is disclosed. Methods of pairing the two unidirectional tunnels that belong to same UE, when there is no control plane information or when there is Control Plane information, but the NAS portions of the S1 Control that contain bearer IP addresses are encrypted, are disclosed. Control plane and user plane methods for associating GTP-U tunnels and the corresponding bearer plane IP addresses are identified. Additionally, methods for detecting mobility of a UE, as it moves from the coverage area of one E-NodeB to another, are disclosed. Methods for constructing an eNodeB topology map are also disclosed.

Abstract: A network device, capable of understanding communications between an end user and the core network on a RAN network is disclosed. In some embodiments, the device is able to decode the control plane and the user plane. As such, it is able to determine when the end user has requested multimedia content. Once this is known, the device can optimize the delivery of that content in several ways. In one embodiment, the device requests the content from the content server (located in the core network) and transmits this content in a just-in-time manner to the end user. In another embodiment, the device automatically changes the encoding and resolution of the content, based on overall monitored network traffic. In another embodiment, the device automatically selects or modifies the format and resolution options based on overall bandwidth limitations, independent of the end user.

Abstract: An apparatus and method for steering and load-balancing mobile network traffic with user session awareness from multiple control and user plane protocols while understanding the load on the corresponding physical or virtual servers in cloud and virtual deployments is disclosed. This traffic could be monitored traffic, such as from optical taps, or network probes of mobile network interfaces, or port mirrors from network devices, or inline traffic when the load-balancer is logically placed inline in the network before the Virtual Network Functions, such as Virtual SGW (vSGW), Virtual SGSN (vSGSN), Virtual PGW (vPGW), Virtual MME (vMME), or Virtual Performance Enhancing proxy(vPEP). The apparatus and methods identified herein allow additional capabilities, such as ensuring that both directions of a protocol flow target the same physical or virtual server, or both control plane and user plane protocols of a flow are forwarded to the same server.

Abstract: A system and method to intercept traffic at standard interface points as defined by Cellular/Wireless networks (GSM/GPRS, 3G/UMTS/HSDPA/HSUPA, CDMA, WIMAX, LTE), emulate the respective protocols on either side of the interception point, extract user/application payloads within the intercepted packets, perform optimizations, and re-encapsulate with the same protocol, and deliver the content transparently is disclosed. The optimizations include but are not limited to Content Caching, prediction & pre-fetching of frequently used content, performance of content-aware transport optimizations (TCP, UDP, RTP etc.) for reducing back-haul bandwidth, and improvement of user experience. An additional embodiment of the current invention includes injecting opportunistic content (location based, profile based or advertisement content) based on the information derived while monitoring control plane protocols.

Abstract: Methods for steering the access technology selection by a mobile device in an overlay Small-Cell and Macro Network, such as UMTS, LTE, CDMA, or WIFI are disclosed. This selection determination is based on the observed, real-time correlated and estimated network congestion, content-awareness, application/service expectations, and other criteria. Methods and procedures to influence network selection or control currently selected networks by propagating real-time correlated and consolidated information on a plurality of Radio Access Technologies to Access Points, or modifying the list of alternative Radio Access Technologies available at a location using standards defined mechanisms and parameters are identified.

Abstract: The present invention identifies methods and procedures for correlating control plane and user plane data, consolidating and abstracting the learned and correlated data in a form convenient for minimizing and exporting to other network devices, such as those in the Core Network and the Access Network, or the origin server, CDN devices or client device. These correlation methods may use Control Plane information from a plurality of interfaces in the RAN, and User plane information from other interfaces in the RAN or CN. IF the device is deployed as an inline proxy, this information may be exported using in-band communication, such as HTTP extension headers in HTTP Request or Response packets, or another protocol header, such as the IP or GTP-U header field. Alternatively, this information can be exported out-of-band using a separate protocol between the RAN Transit Network Device (RTND) and the receiving device.

Abstract: Methods for estimating Subscriber quality of experience (QOE) for mobile users accessing networks for different services from observed data in control and user planes in mobile wireless networks and then summarizing inferences per user, per service, per sector, group of sectors and other aggregate points, and exporting this information for reducing user churn, network planning and network tuning, application adaptation to improve QOE are disclosed. Methods for improving subscriber QOE metrics for certain applications, services and web-sites for improved monetization methods are also presented. The methods facilitate quantifying network goodness from the user application point of view, and exporting triggers to other network elements, such as SON Server, OSS and PCRF, when QOE anomalies are detected. Additionally, this exported information could also trigger content adaptation, delivery optimizations and other actions.