US2018070261A1PendingUtilityA1

Network traffic event management at the client terminal level

44
Assignee: SHINE SECURITY LTDPriority: Jan 30, 2014Filed: Oct 30, 2017Published: Mar 8, 2018
Est. expiryJan 30, 2034(~7.6 yrs left)· nominal 20-yr term from priority
H04L 47/6295H04L 41/142H04L 41/5022H04L 47/625H04W 28/02H04L 47/803H04W 24/08
44
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method of queuing network traffic events on a client terminal. The method comprises monitoring, in run time, a plurality of network traffic events triggered by a plurality of applications executed on a client terminal, extracting a plurality of network traffic event characteristics of each of the plurality of network traffic events, classifying each one of the plurality of network traffic events according to a respective the plurality of network traffic event characteristics, clustering the plurality of network traffic events in a plurality of clusters according to the classifying, and managing an opening a plurality data connections between the client terminal and a network such that the content of each cluster of the plurality of clusters is transmitted in another of the plurality data connections.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method of queuing network traffic events on a client terminal, comprising:
 using at least one hardware processor to execute code instructions for:
 monitoring, in run time, a plurality of network traffic events triggered by a plurality of applications executed on a client terminal, each of the plurality of network traffic events requiring an opening of a data connection session between the client terminal and a network; 
 extracting, in run time, a plurality of network traffic event characteristics of each of the plurality of network traffic events; 
 classifying each one of the plurality of network traffic events according to a respective the plurality of network traffic event characteristics; 
 queuing the plurality of network traffic events in a plurality of queues according to the classifying, each one of the plurality of queues having a different Quality of Service (QoS) policy; 
 for each one of the plurality of queues managing a frequency of opening a networking connection for a data connection session between the client terminal and the network according a respective the QoS policy. 
   
     
     
         2 . The method of  claim 1 , wherein the plurality of network traffic events are messages for opening the data connection session. 
     
     
         3 . The method of  claim 1 , wherein the managing comprises jointly transmitting some of the plurality of network traffic events during the data connection session. 
     
     
         4 . The method of  claim 1 , wherein the plurality of network traffic event characteristics comprise characterizing application data about one of the plurality of applications. 
     
     
         5 . The method of  claim 4 , wherein the characterizing application data is deduced from an analysis of application marketing page. 
     
     
         6 . The method of  claim 1 , wherein the plurality of network traffic event characteristics comprise an outcome of statistical analysis of historical network traffic events. 
     
     
         7 . The method of  claim 1 , wherein the plurality of network traffic events are data messages; wherein the plurality of network traffic event characteristics comprise a target address specified in a respective the network traffic event. 
     
     
         8 . The method of  claim 7 , wherein the plurality of network traffic event characteristics comprise a battery usage of an application from the plurality of applications. 
     
     
         9 . The method of  claim 7 , wherein the plurality of network traffic event characteristics comprise a data consumption pattern of an application from the plurality of applications. 
     
     
         10 . The method of  claim 1 , wherein the client terminal is a cellular device and the network is a cellular network. 
     
     
         11 . The method of  claim 1 , wherein the extracting comprises generating a plurality of feature vectors each describing respective the plurality of network traffic event characteristics of another of the plurality of network traffic events; wherein the classifying is performed by an analysis of the plurality of feature vectors. 
     
     
         12 . The method of  claim 1 , wherein the classifying is performed by at applying at least one classifier calculated according to a statistical analysis of network traffic event characteristics of a plurality of historical network traffic events. 
     
     
         13 . The method of  claim 1 , wherein the classifying comprises identifying a quality of service level for each of the plurality of network traffic events; wherein the queuing of each one of the plurality of network traffic events is performed according to a respective the quality of service level. 
     
     
         14 . The method of  claim 1 , wherein the queuing comprises managing a plurality of queues each associated with a different quality of services; selecting per network traffic event of the plurality of network traffic events one of the plurality of queues according to a respective the quality of service level. 
     
     
         15 . The method of  claim 1 , wherein the QoS policy of at least some of the plurality of queues defines a frequency transmission rate which is different from the frequency transmission rate of other of the plurality of queues. 
     
     
         16 . The method of  claim 1 , wherein the classification comprises assigning priority to each of the plurality of queues. 
     
     
         17 . A device of queuing network traffic events on a client terminal, comprising:
 A hardware processor executing a code comprising:
 code instructions for monitoring, in run time, a plurality of network traffic events triggered by a plurality of applications executed on a client terminal, each of the plurality of network traffic events requiring an opening of a data connection session between the client terminal and a network; 
 code instructions for extracting, in run time, a plurality of network traffic event characteristics of each of the plurality of network traffic events; 
 code instructions for classifying each one of the plurality of network traffic events according to a respective the plurality of network traffic event characteristics; 
 code instructions for queuing the plurality of network traffic events in a plurality of queues according to the classifying, each one of the plurality of queues having a different Quality of Service (QoS) policy; 
 code instructions for, opening a networking connection for a data connection session between the client terminal and the network for each one of the plurality of queues managing a frequency of according a respective the QoS policy. 
   
     
     
         18 . A system of identifying one or more malicious threats, comprising:
 at least one hardware processor executing a code comprising code instructions for:
 monitoring, in run time, a plurality of network traffic events triggered by a plurality of applications executed on a client terminal, each of the plurality of network traffic events requiring an opening of a data connection session between the client terminal and a network; 
 extracting, in run time, a plurality of network traffic event characteristics of each of the plurality of network traffic events; 
 classifying each one of the plurality of network traffic events according to a respective the plurality of network traffic event characteristics; 
 queuing the plurality of network traffic events in a plurality of queues according to the classifying, each one of the plurality of queues having a different Quality of Service (QoS) policy; 
   for each one of the plurality of queues managing a frequency of opening a networking connection for a data connection session between the client terminal and the network according a respective the QoS policy.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.