WO2010022777A1 - Gestion de grands utilisateurs suspects - Google Patents
Gestion de grands utilisateurs suspects Download PDFInfo
- Publication number
- WO2010022777A1 WO2010022777A1 PCT/EP2008/061296 EP2008061296W WO2010022777A1 WO 2010022777 A1 WO2010022777 A1 WO 2010022777A1 EP 2008061296 W EP2008061296 W EP 2008061296W WO 2010022777 A1 WO2010022777 A1 WO 2010022777A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- network connection
- service
- quality
- threshold
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/50—Network service management, e.g. ensuring proper service fulfilment according to agreements
- H04L41/5061—Network service management, e.g. ensuring proper service fulfilment according to agreements characterised by the interaction between service providers and their network customers, e.g. customer relationship management
- H04L41/5067—Customer-centric QoS measurements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/11—Identifying congestion
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2458—Modification of priorities while in transit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2475—Traffic characterised by specific attributes, e.g. priority or QoS for supporting traffic characterised by the type of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/0205—Traffic management, e.g. flow control or congestion control at the air interface
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/0252—Traffic management, e.g. flow control or congestion control per individual bearer or channel
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/0284—Traffic management, e.g. flow control or congestion control detecting congestion or overload during communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/16—Central resource management; Negotiation of resources or communication parameters, e.g. negotiating bandwidth or QoS [Quality of Service]
- H04W28/24—Negotiating SLA [Service Level Agreement]; Negotiating QoS [Quality of Service]
Definitions
- the present invention relates to an apparatus, system and method for controlling network usage by detecting use of unwanted bandwidth-hungry applications.
- P2P peer-to-peer
- Another method is to perform a bandwidth management where it is given less capacity for certain users or services, but at present it is possible to do that only on network level, not on radio cell level.
- GGSN gateway GPRS support nodes
- an apparatus comprising identification means configured to identify a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold; quality of service modification means configured to downgrade a quality of service for a network connection of said user below an initially negotiated quality of service; and deep packet inspection means configured to be activated to a network connection of said user and to detect a service on said network connection which is actively set to represent a threshold exceeding application.
- Certain modifications of the apparatus according to the first aspect may include the following.
- the apparatus may be suitable for providing bandwidth management .
- the identification means can be further configured to user-specifically count transmitted data volume and the actively set threshold can define a maximum data transfer volume per time period.
- the identification means can be further configured to user-specifically count transmitted data volume for a fixed time period and in fixed intervals.
- the identification means can be further configured to receive and refer to a record listing user corresponding to a bandwidth consumption of a network connection which exceeds the actively set threshold.
- the quality of service modification means can be further configured to restore the initially negotiated quality of service to a network connection of the user if no threshold exceeding application is detected by the deep packet inspection means.
- the deep packet inspection means can be further configured to periodically check a network connection of the user where a threshold exceeding application is detected if the threshold exceeding application is still present, and to have a checking period actively set.
- an apparatus comprising an identification processor configured to identify a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold; a quality of service modification controller configured to downgrade a quality of service for a network connection of said user below an initially negotiated quality of service; and a deep packet inspection processor configured to be activated to a network connection of said user and to detect a service on said network connection which is actively set to represent a threshold exceeding application .
- a system comprising identification means configured to identify a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold; quality of service modification means configured to downgrade a quality of service for a network connection of said user below an initially negotiated quality of service; and deep packet inspection means configured to be activated to a network connection of said user and to detect a service on said network connection which is actively set to represent a threshold exceeding application.
- Certain modifications of the system according to the third aspect may include the following.
- the system may be suitable for providing bandwidth management .
- the identification means can be further configured to user-specifically count transmitted data volume and the actively set threshold can define a maximum data transfer volume per time period.
- the identification means can be further configured to user-specifically count transmitted data volume for a fixed time period and in fixed intervals.
- the identification means can be further configured to receive and refer to a record listing user corresponding to a bandwidth consumption of a network connection which exceeds the actively set threshold.
- the quality of service modification means can be further configured to restore the initially negotiated quality of service to a network connection of the user if no threshold exceeding application is detected by the deep packet inspection means.
- the deep packet inspection means can be further configured to periodically check a network connection of the user where a threshold exceeding application is detected if the threshold exceeding application is still present, and to have a checking period actively set.
- the system can further comprise provisioning means configured to monitor a data volume of a user and to include the user to the record if an actively set threshold is exceeded which is defined by a maximum data transfer volume per time period, and to provide the record to the identification means.
- the threshold can be set in relation to an average data transfer volume per time period of monitored user.
- a system comprising an identification processor configured to identify a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold; a quality of service modification controller configured to downgrade a quality of service for a network connection of said user below an initially negotiated quality of service; and a deep packet inspection processor configured to be activated to a network connection of said user and to detect a service on said network connection which is actively set to represent a threshold exceeding application.
- system can further comprise a provisioning tool configured to monitor a data volume of a user and to include the user to the record if an actively set threshold is exceeded which is defined by a maximum data transfer volume per time period, and to provide the record to the identification means.
- the threshold can be set in relation to an average data transfer volume per time period of monitored user.
- a method comprising identifying a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold; downgrading a quality of service for a network connection of said user below an initially negotiated quality of service; and activating deep packet inspection to a network connection of said user and detecting by deep packet inspection a service on said network connection which is actively set to represent a threshold exceeding application .
- Certain modifications of the method according to the fifth aspect may include the following.
- the method may be capable of providing bandwidth management .
- the method can further comprise user-specifically counting transmitted data volume, wherein the actively set threshold defines a maximum data transfer volume per time period.
- the transmitted data volume can be user-specifically counted for a fixed time period and in fixed intervals.
- the method can further comprise restoring the initially negotiated quality of service to a network connection of the user if no threshold exceeding application is detected by the deep packet inspection means.
- the method can further comprise periodically checking a network connection of the user where a threshold exceeding application is detected if the threshold exceeding application is still present, and actively setting a checking period.
- the method can further comprise monitoring a data volume of a user and including the user to the record if an actively set threshold is exceeded which is defined by a maximum data transfer volume per time period, and providing the record.
- the method can further comprise setting the threshold in relation to an average data transfer volume per time period of monitored user.
- a computer program product embodied as a computer readable medium storing instructions which comprise identifying a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold; downgrading a quality of service for a network connection of said user below an initially negotiated quality of service; and activating deep packet inspection to a network connection of said user and detecting by deep packet inspection a service with said network connection which is actively set to represent a threshold exceeding application.
- Fig. 1 shows an implementation example for certain embodiments of the present invention.
- embodiments of the present invention are presently considered to be particularly useful in 3 rd generation partnership project (3GPP) radio access networks such as GSM EDGE radio access networks (GERAN) and UMTS terrestrial radio access networks (UTRAN) as well as in long term evolution (LTE) and system architecture evolution (SAE) networks, where EDGE refers to enhanced data rates for GSM evolution, GSM refers to global system for mobile communications, and UMTS refers to universal mobile .
- 3GPP 3 rd generation partnership project
- 3GPP 3 rd generation partnership project
- GERAN GSM EDGE radio access networks
- UTRAN UMTS terrestrial radio access networks
- SAE system architecture evolution
- EDGE refers to enhanced data rates for GSM evolution
- GSM refers to global system for mobile communications
- UMTS refers to universal mobile .
- certain embodiments of the present invention are also applicable to any other network where bandwidth management and/or network usage control is used like in fixed broadband networks (e.g. with respect to a broadband remote access server - BRAS - and/or a broadband network gateway - BNG) , in WiMAX (worldwide interoperability for microwave access) networks (e.g. with respect to an access service network gateway/home agent) etc or any internet protocol edge/border gateway product that analyzes user data .
- fixed broadband networks e.g. with respect to a broadband remote access server - BRAS - and/or a broadband network gateway - BNG
- WiMAX worldwide interoperability for microwave access
- implementation examples comprise the following functionalities :
- those users which generate most of the network load are identified and subjected to a by-default downgraded quality of service at the session start-up.
- DPI deep packet inspection
- the identification of heavy users can be based on charging data record (CDR) data volumes, statistics or for example some internal counters in a gateway node such as a GGSN.
- CDR charging data record
- a list of suspicious user could be provided which can take place using existing provisioning tools of the operator.
- the identification of TOP heavy users can include an offline analysis of collected statistics. This can be done based on collected data of charging data records (CDR) or gateway node internal statistical data.
- CDR charging data records
- Embodiment 1 gateway node internal alternative
- the gateway node can count and compare users internally based on the currently existing subscriber specific data volume counters which are e.g. used in generating charging data records (CDR) .
- CDR charging data records
- the operator could define thresholds which the gateway node should check before it resets this internal counter and increments the charging data record (CDR) data volume.
- CDR charging data record
- GGSN statistical data collection As follows:
- the sample collection period is defined.
- the statistics time period parameter is determined as the time during which samples are collected. The time is given in minutes. Allowed values are 15, 30, 45, and 60. The default value is 15.
- the sample collection interval is defined.
- the statistics time interval parameter is determined as how often samples are collected. The value is given in minutes. Allowed values are 1, 5, 15, 30, 45, and 60. The default value is 1.
- the operator could define e.g. if the user data volume during the last 1/15 minutes (last measurement collection period) exceeds 30 Mbits/300 Mbits, then the user (packet data protocol (PDP) context) shall be marked internally in the GGSN.
- PDP packet data protocol
- Embodiment 2 post processing and provisioning alternative
- the operator has (automatic) charging data record post-processing tool (i.e. apparatus) that identifies TOP heavy users based on the transmitted data volumes in a given time.
- automatically charging data record post-processing tool i.e. apparatus
- the tool monitors user activity based on thresholds and the transferred user data volume exceeds the defined threshold, the tool marks the user to the list of suspicious user.
- the threshold is a limit for data transfer per hour or day etc.
- the tool may alternatively mark the users e.g. if the transmitted data volumes are considerably higher than other users in average where thresholds may be used as well. In such cases simply the heaviest users are marked.
- the tool After the tool marks the user, it provides the information to a user profile database that may be any profile server/lightweight database access protocol (LDAP) /remote authentication dial in user service (RADIUS) or policy server or even the home location register (HLR) .
- LDAP profile server/lightweight database access protocol
- RADIUS remote authentication dial in user service
- HLR home location register
- the most practical way to update the profile database would be to use existing provisioning tools which the operator has. Hence, this tool may be somehow integrated to the operator's existing provisioning system.
- the downgrade of the quality of service and activation of deep packet inspection to the users identified as TOP heavy users can involve the following.
- the gateway node receives an indication of a suspicious user at session start-up or knows it internally when it receives user information from a user profile database. If the user or the PDP context is marked to be suspicious, the gateway node immediately downgrades the quality of service by e.g. decreasing the maximum bit rate (MBR) and downgrading the traffic class for these users internally. That is, no PDP update over the Gn interface is performed. Further, also the differentiated services codepoint (DSCP) marking in the Gn interface may be based on this temporary gateway node internal quality of service.
- MLR maximum bit rate
- DSCP differentiated services codepoint
- the session is continued with the downgraded quality of service. It is to be understood that also at this point the user will be marked in the subscription profile to be able to continue with reduced quality of service immediately after PDP context re-establishment.
- a PDP context with downgraded quality of service is checked again after a period determined by the operator. If a misuse in the sense of using an "unwanted” application has ended, the original quality of service which is negotiated for the PDP context shall be allowed.
- an implementation in a gateway node such as (but not limited to) a gateway GPRS (general packet radio service) support node is considered advantageous.
- a gateway GPRS general packet radio service
- an implementation is considered to be useful in all 3 rd generation partnership project (3GPP) networks and others. Accordingly, benefits can be achieved for e.g. mobile data networks, radio and core networks, deep packet inspection and bandwidth management functionalities, provisioning and subscriber database manufacturers.
- embodiments of the present invention may also be implemented in accordance with performing bandwidth management network usage control in the Gi interface (between the access network and the Internet) , and corresponding servers would also benefit a lot if user data volume information would be available. In this case deep user data inspection could focus only to most likely misuses (i.e. to respective users) and network capacity would be saved.
- An implementation of embodiments of the present invention may be achieved by providing a computer program product embodied as a computer readable medium which stores instructions according to the above described embodiments.
- a gateway GPRS support node detects the used quota per subscriber during a definable time period. Counters for the used data can be tracked either internally by the GGSN or the used quota can be reported in the form of charging data records to a system involving e.g. servers providing the functions of post-processing, policy enforcement, balance holding and provisioning.
- Fig. 1 shows an online service controller as a post-processing tool for the charging data records (CDR) that identifies heavy users based on the transmitted data volume in a given time.
- CDR charging data records
- the online service controller marks the user as "heavy user” and provides the information to a subscriber profile database .
- the quality of service After a heavy user is detected, the quality of service will be downgraded so that less bandwidth is given. The quality of service is upgraded back to an original value if unwanted service usage is not identified by performing deep packet inspection in the GGSN or in any other node.
- a marking as heavy user can be removed from the subscriber profile at this point.
- the operator has the option to double check the subscriber service usage once in a while.
- the marked heavy user begins a session, lower quality of service will be given based on the user information stored in the subscriber profile data base, since the GGSN can query the subscriber profile database upon session initiation and find out about the marking as heavy user.
- identification means configured to identify a user corresponding to a bandwidth consumption of a network connection which exceeds an actively set threshold
- quality of service modification means configured to downgrade a quality of service for a network connection of said user below an initially negotiated quality of service
- deep packet inspection means configured to be activated to a network connection of said user and to detect a service on said network connection which is actively set to represent a threshold exceeding application.
Abstract
L'invention concerne un appareil comprenant un moyen d'identification configuré pour identifier un utilisateur correspondant à une consommation de bande passante d'une connexion de réseau qui dépasse un seuil défini de manière active. L'appareil comprend en outre un moyen de modification de qualité de service configuré pour rétrograder une qualité de service d'une connexion de réseau dudit utilisateur en dessous d'une qualité de service négociée au départ. De plus, l'appareil comprend un moyen d'inspection profonde de paquets configuré pour être activé sur une connexion de réseau dudit utilisateur et détecter un service sur ladite connexion de réseau qui est défini de manière active pour représenter une application dépassant un seuil.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2008/061296 WO2010022777A1 (fr) | 2008-08-28 | 2008-08-28 | Gestion de grands utilisateurs suspects |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2008/061296 WO2010022777A1 (fr) | 2008-08-28 | 2008-08-28 | Gestion de grands utilisateurs suspects |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010022777A1 true WO2010022777A1 (fr) | 2010-03-04 |
Family
ID=40545771
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2008/061296 WO2010022777A1 (fr) | 2008-08-28 | 2008-08-28 | Gestion de grands utilisateurs suspects |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2010022777A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102811204A (zh) * | 2011-06-01 | 2012-12-05 | 普天信息技术研究院有限公司 | 分组核心演进中基于深度包检测的承载控制系统及方法 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006108282A1 (fr) * | 2005-04-13 | 2006-10-19 | Zeugma Systems Canada, Inc. | Noeud de service de lissage du trafic informe de l'application positionne entre le reseau d'acces et le reseau central |
EP1798914A1 (fr) * | 2005-12-13 | 2007-06-20 | Alcatel Lucent | Contrôle de la congestion |
WO2008061171A2 (fr) * | 2006-11-16 | 2008-05-22 | Comcast Cable Holdings, Llc | Procédé permettant de limiter les abus |
-
2008
- 2008-08-28 WO PCT/EP2008/061296 patent/WO2010022777A1/fr active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006108282A1 (fr) * | 2005-04-13 | 2006-10-19 | Zeugma Systems Canada, Inc. | Noeud de service de lissage du trafic informe de l'application positionne entre le reseau d'acces et le reseau central |
EP1798914A1 (fr) * | 2005-12-13 | 2007-06-20 | Alcatel Lucent | Contrôle de la congestion |
WO2008061171A2 (fr) * | 2006-11-16 | 2008-05-22 | Comcast Cable Holdings, Llc | Procédé permettant de limiter les abus |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102811204A (zh) * | 2011-06-01 | 2012-12-05 | 普天信息技术研究院有限公司 | 分组核心演进中基于深度包检测的承载控制系统及方法 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102823197B (zh) | 用于增强的服务检测和策略规则确定的方法、系统和计算机可读介质 | |
US8694619B2 (en) | Packet classification method and apparatus | |
EP3909204B1 (fr) | Technique de corrélation d'informations d'analyse de données réseau | |
US8773981B2 (en) | Systems and methods for dynamic congestion management in communications networks | |
JP5855268B2 (ja) | ポリシー制御装置を使用するネットワーク統計の生成 | |
US9860752B2 (en) | Handling of authorization requests for a packet-based service in a mobile network | |
US8917600B2 (en) | Technique for introducing a real-time congestion status in a policy decision for a cellular network | |
US9787484B2 (en) | Adapting PCC rules to user experience | |
CN106332183B (zh) | 流量的控制、控制处理方法及装置、终端 | |
US9137843B2 (en) | Method and node for controlling bearer related resources as well as a corresponding system and computer program | |
EP2587737B1 (fr) | Procédé et dispositif de surveillance de trafic de service | |
KR101884048B1 (ko) | 네트워크 자원들을 관리하기 위한 방법들과 노드들, 및 상응하는 시스템과 컴퓨터 프로그램 | |
US20140233432A1 (en) | Pcrf and pcc rule setting method in a mobile communication network | |
US9397908B2 (en) | Method, apparatus, and system for acquiring quality of service QoS control information | |
WO2014146502A1 (fr) | Procédé et appareil de gestion de congestion de réseau d'accès radio, et procédé et système de gestion de stratégie de congestion | |
CN109428781B (zh) | 会话用量监测控制方法、服务器及存储介质 | |
AU2020270237A1 (en) | Terminal information processing method and apparatus, and system | |
US20160173390A1 (en) | Confidence degree of data packet flow classification | |
WO2010022777A1 (fr) | Gestion de grands utilisateurs suspects | |
WO2016091294A1 (fr) | Estimation de composition de trafic de données d'un réseau de communication par extrapolation | |
EP4315777A1 (fr) | Commande de charge de fonction de plan utilisateur (upf) | |
FR3043515A1 (fr) | Procede de gestion du trafic reseau relatif a un mecanisme de signalisation de presence d'un terminal | |
US20240137276A1 (en) | Controlling User Plane Function (UPF) Load | |
WO2013174416A1 (fr) | Gestion de fichiers de données d'événements relatifs à l'utilisation de réseau |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 08787539 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 08787539 Country of ref document: EP Kind code of ref document: A1 |