Abstract: A method for implementing an AF multipath policy. The method may be performed by a PCF and may include a step of transmitting a request message comprising a UE ID identifying a UE. The method also includes receiving a response message transmitted as a response to the request message, the response message comprising: the AF multipath policy, an application ID (App-ID) identifying an application, and an application protocol ID (App-ID-Protocol), identifying a protocol used by the application. The method further includes generating a multipath policy using at least: i) the AF multipath policy and ii) the App-ID-Protocol. The method further includes providing the generated multipath policy to a management function (e.g., SMF).

Abstract: Method for operating a policy control entity (260) in a wireless communications network (200). In the wireless communications network (200) a multipath transmission with at least two data packet sessions can be provided between a content provider (300) and a user equipment (100), where a first data packet session of the at least two data packet sessions is transmitted through the wireless communications network (200) over a cellular access node (210) and a second data packet sessions of the at least two data packet sessions is transmitted through the wireless communications network (200) over a non-cellular access node (220). The method comprises the following steps. First an establishment request is received (SS) from a network exposure entity (270) to set up the multipath transmission.

Abstract: A technique for enabling exposure of information related to encrypted communication between a User Equipment, UE, and an application server in a mobile communication system is disclosed. A method implementation of the technique is performed by the UE and comprises establishing (S302) a communication channel with a network node of the mobile communication system, the communication channel being established as part of an application layer communication channel between the UE and the application server, wherein the network node acts as application layer proxy in the communication between the UE and the application server, and sending (S304) encrypted traffic through the communication channel to the network node for further delivery to the application server, wherein the communication channel is used to exchange supplemental information related to the encrypted traffic between the UE and the network node.

Abstract: A device manager (200; 300; 400) and associated method for controlling one or more devices (203a-c; 403a-c). The device manager comprises a receiver (304) configured to receive sensor data from one or more sensors (202a-d; 402a-d). The device manager comprises a device controller (314) configured to determine device control data for controlling the operation of one or more devices based on the received sensor data and one or more policy rules stored in a memory (306). The device manager comprises a transmitter (302) configured to transmit the device control data to the one or more devices. The receiver is further configured to receive, from a network node (212, 214; 412) of a telecommunications network, user equipment, UE, data relating to one or more UEs (426a-c) associated with the one or more devices. The device controller is further configured to determine the device control data based on the received UE data.

Abstract: Embodiments include methods for a policy control function (PCF) of a communication network. Such methods include, during establishment of a packet data unit, PDU, session for a user equipment, UE, determining one or more UE application descriptors that correspond to a network application identifier (AppId) of a service data flow (SDF) template for the PDU session. Each UE application descriptor includes a first identifier (OSId) of a UE-supported operating system (OS) and a second identifier (OSAppId) of an application for the UE-supported OS identified by the first identifier. Such methods include sending policy rules for the PDU session to a session management function (SMF) of the communication network. The policy rules include the UE application descriptors. Other embodiments include complementary methods for an SMF, as well as PCFs and SMFs configured to perform such methods.

Abstract: A method of detecting Quick User Datagram Protocol Internet Connections, QUIC, traffic in a telecommunication network between a User Equipment, UE, and a Content Provider, CP, wherein said UE has an established application session with said CP, for a particular application, using QUIC as transport protocol, wherein said method comprises the steps of receiving, by a User Plane Function, UPF, comprised by said telecommunication network, from said CP, a list of connection identifiers that identify said established application session between said UE and said CP, receiving, by said UPF, a QUIC packet comprising a connection identifier, detecting, by said UPF, said QUIC traffic by determining that said connection identifier of said received QUIC packet is comprised by said list of connection identifiers.

Abstract: Methods and apparatus for traffic enhancement to apply to an application, to be delivered using a QUIC session, between a wireless device and a server. A request to activate a policy for the application between the wireless device and the server is received from the wireless device, the request including an application identifier and an indication to request an enhancement function. In response to the request to activate the policy, an authorization of traffic enhancement with information of a proxy node is transmitted to the wireless device to provide the enhancement function upon the network node identifying the proxy node.

Abstract: A Policy Control Function, PCF, for use in a 5G core network, is configured to allow a consumer to retrieve from the PCF subscriber session information and Application Detection and Control rules relating to a subscriber session. Specifically, the PCF is configured to: receive (303) a request from a Session Management Function, SMF, for session management policies applying to the subscriber session; retrieve (305) policy data from a Unified Data Repository, UDR; and, based on the retrieved policy data, generate said Application Detection and Control rules relating to the subscriber session, and send (307) said Application Detection and Control rules to the TDF, thereby allowing the TDF to act as the consumer.

Abstract: Systems and methods for providing Network Address Translation (NAT) are provided. In some embodiments, a method of operating a function entity configured to support NAT includes enabling a Control Plane (CP) function to instruct a User Plane (UP) function to apply a NAT function for at least one specific service data flow. In this way, one or more benefits result such as: introducing a mechanism allowing CP function to instruct UP function to perform NAT function for one or more service data flow(s); when CP and UP function are separated, using NAT function can protect a private network from potential unlawful incursion, and delaying NAT IP address and port allocation and withdrawal at the service initiation and termination can save the public IP address space. Also, one or more improvements such as allowing the network operator to support NAT policies in the context of 4G/5G networks supporting CUPS are disclosed.

Abstract: A method of enabling the core network to determine the RAT type in a dual connection non-standalone configuration. The RAT type is either embedded in the GTP-U header by the RAN which is then extracted by the PGW-U or it is derived by the PGW-U by using a Reinforcement Language Agent activated by the SPR, through the PCRF and the PGW-C.

Abstract: A technique for handling data traffic in a core network domain of a communication network is described. An apparatus comprised by the technique is configured to be located in the core network domain and to receive data traffic sent under control of a transport layer protocol that is configured to apply a congestion control algorithm, CCA. The apparatus is further configured to analyze the data traffic to obtain a data traffic analyzation result, to obtain, based on the analyzation result, CCA information about the CCA that can be or is applied by the transport layer protocol, and to perform a traffic handling action for the data traffic taking into account the obtained CCA information.

Abstract: A method of reporting traffic metrics by a User Plane Function, UPF, to a Session Management Function, SMF, in a telecommunication network, wherein said method comprises the steps of receiving, by said UPF, a session creation/modification message for creating/modifying a session between said UPF and said SMF, wherein said message comprises a Reporting Rule thereby defining which traffic metric is to be reported by said UPF to said SMF, measuring, by said UPF, said traffic metric based on said received Reporting Rule, transmitting, by said UPF, to said SMF, a reporting message, wherein said reporting message comprises said measured traffic metric.

Abstract: A method for operating a session control entity configured to control a data packet session for a mobile subscriber in a network, wherein at least one service is applied to the data packet session by a service application entity, the method includes at the session control entity receiving a first request from a requestor requesting application of the at least one service, in which it is requested that the requestor be informed of a current status of at least one session related parameter of the data packet session, and transmitting a notification to the requestor, the notification having the current status of the at least one session related parameter.

Abstract: A method of detecting Quick User Datagram Protocol Internet Connections, QUIC, traffic in a telecommunication network between a User Equipment, UE, and a Content Provider, CP, wherein said UE has an established application session with said CP, for a particular application, using QUIC as transport protocol, wherein said method comprises the steps of receiving, by a User Plane Function, UPF, comprised by said telecommunication network, from said CP, a list of connection identifiers that identify said established application session between said UE and said CP, receiving, by said UPF, a QUIC packet comprising a connection identifier, detecting, by said UPF, said QUIC traffic by determining that said connection identifier of said received QUIC packet is comprised by said list of connection identifiers.

Abstract: A method of reporting traffic metrics by a User Plane Function, UPF, to a Session Management Function, SMF, in a telecommunication network, wherein said method comprises the steps of receiving, by said UPF, a session creation/modification message for creating/modifying a session between said UPF and said SMF, wherein said message comprises a Reporting Rule thereby defining which traffic metric is to be reported by said UPF to said SMF, measuring, by said UPF, said traffic metric based on said received Reporting Rule, transmitting, by said UPF, to said SMF, a reporting message, wherein said reporting message comprises said measured traffic metric.

Abstract: PCC control of HTTP adaptive bit rate video streaming protocols. This PCC control is enforced in a network node that is in communication interaction with a user terminal, UE, and a media server, and is configured to: perform a deep packet inspection, DPI, on IP packets sent from the media server to the UE to detect an association between a plurality of identifiers and corresponding characteristics of respective different media streams representing the same media information; perform a DPI on IP packets sent from the UE to the media server to detect a media stream identifier selected by the UE from said association, the IP packets corresponding to a request to obtain one of the different media streams of the association; and modify the request by replacing the detected media stream identifier selected by the UE with any other of the media stream identifiers of the association.

Abstract: Exemplary methods for marking packets include in response to receiving a packet, determining whether the packet has been classified, and in response to determining the packet has not been classified, classifying the packet to determine a class to which the packet belongs, wherein the class identifies a set of zero or more markers that are to be included as part of packets belonging to the class. The methods include marking the packet with a first marker selected from the set of one or more markers, and forwarding the marked packet. Exemplary methods for processing markers include in response to receiving a packet, determining whether the packet has been marked with a marker, and in response to determining the packet has been marked with the first marker, performing a set of one or more operations required by the first marker.

Abstract: PCC control of HTTP adaptive bit rate video streaming protocols. This PCC control is enforced in a network node that is in communication interaction with a user terminal, UE, and a media server, and is configured to: perform a deep packet inspection, DPI, on IP packets sent from the media server to the UE to detect an association between a plurality of identifiers and corresponding characteristics of respective different media streams representing the same media information; perform a DPI on IP packets sent from the UE to the media server to detect a media stream identifier selected by the UE from said association, the IP packets corresponding to a request to obtain one of the different media streams of the association; and modify the request by replacing the detected media stream identifier selected by the UE with any other of the media stream identifiers of the association.

Abstract: Methods and apparatus for detecting fraudulent traffic associated with a user of a telecommunications system. A system comprises a monitoring network node comprising a traffic monitor configured to monitor traffic transmitted to or from a user in the telecommunications system, a fraud detector configured to apply to the monitored traffic a fraud profile associated with the user to determine whether the monitored traffic comprises fraudulent traffic, a transmitter configured to transmit data to a receiver of a profiling network node notifying whether the monitored traffic comprises fraudulent traffic. The profiling network node further comprises a fraud profiler configured to determine an updated fraud profile associated with the user based at least on the received data and a transmitter configured to transmit data identifying the updated fraud profile to one or both of a receiver of a subscription profile repository and a receiver of the monitoring network node.

Abstract: A method is implemented by a network device to classify encrypted data traffic. The method identifies characteristics of the encrypted data traffic that have been modeled where network anomalies have been injected into the encrypted data traffic to provide additional traffic characteristics that enable categorization. The method receives the encrypted data traffic, applies an encrypted traffic categorization model to the received encrypted data traffic to determine a first categorization identification, injects an anomaly into the encrypted data traffic where the first categorization identification is not within a precision threshold, applies the encrypted traffic categorization model to monitored encrypted traffic after injection of the anomaly to determine a second categorization identification, and applies the second categorization identification where the second categorization identification is within the precision threshold.