Multi-tenant cloud-based firewall systems and methods are described. The firewall systems and methods can operate overlaid with existing branch office firewalls or routers as well as eliminate the need for physical firewalls. The firewall systems and methods can protect users at user level control, regardless of location, device, etc., over all ports and protocols (not only ports 80/443) while providing administrators a single unified policy for Internet access and integrated reporting and visibility. The firewall systems and methods can eliminate dedicated hardware at user locations, providing a software-based cloud solution. The firewall systems and methods support application awareness to identify application; user awareness to identify users, groups, and locations regardless of physical address; visibility and policy management providing unified administration, policy management, and reporting; threat protection and compliance to block threats and data leaks in real-time; high performance through an in-line cloud-based, scalable system; etc.

A method for scalable event driven auto-diagnosis systems includes obtaining a data packet configured for transmission across a network from a source address to a destination address. The method includes obtaining a list of changes to the network. The method also includes analyzing, based on a network model, the data packet using a plurality of analyzers. The method includes correlating the list of changes to the network and the analysis of the data packet. The method further includes determining, based on the correlation between the list of changes to the network and the analysis of the data packet, a configuration status of the network. The method also includes reporting the configuration status to a user.

A system for efficiently parsing semi-structured deep packet inspection traffic data tied to a telecommunications entity. The system is capable of parsing such records at million-records-per-second scale through use of a numerical data model, leverage on proven fundamental algebraic techniques, and shortcuts to label streaming traffic on the fly. In some embodiments, the system may perform parallel accumulation of data traffic into business grade counters using elementary techniques and subsequently identify subscribers exhibiting specific data patterns in real time for contextual targeting of promotional offers. A method of efficiently parsing the traffic data via the system of the disclosure.

A system for efficiently parsing semi-structured deep packet inspection traffic data tied to a telecommunications entity. The system is capable of parsing such records at million-records-per-second scale through use of a numerical data model, leverage on proven fundamental algebraic techniques, and shortcuts to label streaming traffic on the fly. In some embodiments, the system may perform parallel accumulation of data traffic into business grade counters using elementary techniques and subsequently identify subscribers exhibiting specific data patterns in real time for contextual targeting of promotional offers. A method of efficiently parsing the traffic data via the system of the disclosure.

Methods, apparatus, systems, and articles of manufacture to monitor mobile Internet usage are disclosed. Example apparatus disclosed herein to monitor application usage associated with a device means for differentiating between foreground requests and background requests included in a burst of logged requests. Disclosed example apparatus further include means for calculating a presentation duration for a first application executed by the device based on at least a subset of the foreground requests identified in the burst of logged requests.

Methods, apparatus, systems, and articles of manufacture to monitor mobile Internet usage are disclosed. Example apparatus disclosed herein to monitor application usage associated with a device means for differentiating between foreground requests and background requests included in a burst of logged requests. Disclosed example apparatus further include means for calculating a presentation duration for a first application executed by the device based on at least a subset of the foreground requests identified in the burst of logged requests.

A semiconductor device capable of performing filter processing while suppressing an increase in processing time is provided. The semiconductor device includes a microcontroller. The microcontroller comprises a CPU, a memory and a CAN-controller. The memory stores software. The CPU executes the software stored in the memory. The CAN controller is configured to add label information to the message information. The CAN routing software stored in the memory implements a filtering function for performing a filter processing for determining whether or not to route the message information by using the label information.

Methods and systems for tracking image senders using client devices are described herein. A computing system may receive an image containing a first watermark vector corresponding to a user account of an image sender. The computing system may convert the image to a frequency domain image that contains the first watermark vector. From the frequency domain image, the computing system may identify the first watermark vector. The computing system may compare the first watermark vector to each of a plurality of stored watermark vectors, each corresponding to a known user account, to determine a probability of a match. The computing system may determine the user account of the sender of the image by determining which of the plurality of stored watermark vectors has a highest probability of a match, and may send, to a workplace administrator platform, an indication of the user account.

In a grant based system, a user equipment (UE) sends data in an uplink in a request-grant process. The UE first sending a scheduling request, a gNodeB processing the request and scheduling a grant sometime in future, then UE then either sending data if the grant is sufficient or requesting for another grant with more capacity to accommodate data sending. Such a proceeding could cause serious latency in network access. Described in the present patent disclosure are embodiments to reduce the access time by giving proactive grants through inspecting downlink (DL) data sent to the UE or uplink data being transmitted from the UE. The uplink data may be predictive since it maybe in lieu of requirement for sending a TCP acknowledgement for the DL TCP data scheduled earlier. For voice calls, a ML system for system may be deployed to predict when proactive UL grants may be given.

Systems, devices, and methods of classifying encrypted network communications. A Traffic Monitoring Unit operates to monitor network traffic, and to capture HTTPS-encrypted packets that are exchanged over an HTTPS connection between an end-user device and a web server. An HTTPS Traffic Classification Unit operates to detect discrete HTTPS-encrypted objects within that HTTPS connection, and to classify those discrete HTTPS-encrypted objects based on at least one of: a first Analysis Model that classifies HTTPS-encrypted objects based on a type of content that is represented in the HTTPS-encrypted object; a second Analysis Model that classifies HTTPS-encrypted objects based on a type of server-side application that is associated with the HTTPS-encrypted object. Each Analysis Model utilizes Machine Learning (ML), Deep Learning (DL), Artificial Intelligence (AI), or Statistical and Mathematical Analysis (SMA).