A first correspondence table in a terminal device stores a correspondence between an identifier of a process running on the terminal device and an identifier of a data stream created by the process, a second correspondence table stores a second correspondence between an identifier of an application and an identifier of a process created by the application. The terminal device receives an identifier, sent by a network security device, of a first data stream. The terminal device can find, in the first correspondence table, a first record storing the identifier of the first data stream to obtain an identifier of a process. The terminal device can find in the second correspondence table, a second record storing the identifier of the process in the first record to obtain an identifier of an application from the second record. The identifier of the application is then sent to the network security device.

A first correspondence table in a terminal device stores a correspondence between an identifier of a process running on the terminal device and an identifier of a data stream created by the process, a second correspondence table stores a second correspondence between an identifier of an application and an identifier of a process created by the application. The terminal device receives an identifier, sent by a network security device, of a first data stream. The terminal device can find, in the first correspondence table, a first record storing the identifier of the first data stream to obtain an identifier of a process. The terminal device can find in the second correspondence table, a second record storing the identifier of the process in the first record to obtain an identifier of an application from the second record. The identifier of the application is then sent to the network security device.

Certain aspects of the present disclosure provide techniques for wireless communication. The method generally includes determining one or more target metrics associated with a file having a plurality of packets, the plurality of packets comprising at least one of a plurality of uplink packets or a plurality of downlink packets, determining one or more communication parameters for communicating the plurality of packets according to the one or more target metrics associated with the file, and communicating the plurality of packets with a second network entity in accordance with the determined one or more communication parameters.

A first device may receive information that assigns a function related to network traffic associated with a content delivery network. The first device may implement the function based on the information that assigns the function. The first device may receive the network traffic from the content delivery network and may provide the network traffic to a subscriber device. The first device may provide, to a second device, information associated with the network traffic based on implementing the function. The second device may manage a subscriber session associated with the subscriber device based on the information associated with the network traffic.

Certain aspects of the present disclosure provide techniques for implementing reflective quality of service (RQoS) in wireless communication systems. A method for implementing RQoS that may be performed by a user equipment (UE) generally includes receiving a plurality of downlink user data packets from a first base station (BS), determining at least one reflective quality of service (RQoS) mapping rule for one or more uplink packet transmissions based on a subset of the plurality of downlink user data packets, filtering the plurality of downlink user data packets based on the at least one RQoS mapping rule, and forwarding the plurality of downlink user data packets to a corresponding application entity of the UE based on the filtering.

Certain aspects of the present disclosure provide techniques for implementing reflective quality of service (RQoS) in wireless communication systems. A method for implementing RQoS that may be performed by a user equipment (UE) generally includes receiving a plurality of downlink user data packets from a first base station (BS), determining at least one reflective quality of service (RQoS) mapping rule for one or more uplink packet transmissions based on a subset of the plurality of downlink user data packets, filtering the plurality of downlink user data packets based on the at least one RQoS mapping rule, and forwarding the plurality of downlink user data packets to a corresponding application entity of the UE based on the filtering.

Implementation of an application rule for an application to be accessed by a User Equipment, UE, in a user session in a Service Based Architecture, SBA, domain in a core network of a telecommunications system is disclosed. The SBA, among others, comprises a Policy Control Function, PCF (6), an Application Function, AF (5), and a Session Management Function, SMF (9). The method comprising the steps of receiving, by the PCF (6), an application rule comprising an AF Identifier, AF-ID, identifying the application rule, an Application Identifier, App-ID, identifying the application, and at least one service requirement for processing the application in the SBA domain. The PCF (6) instructing the SMF (9) to execute the at least one service requirement to all present and future user sessions pertaining to the respective application. Complementary methods of supporting the execution of the application rule and devices are also presented.

In one embodiment, a networking device in a network detects an traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.

In one embodiment, a networking device in a network detects an traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.

A method includes intercepting a first data packet being transmitted from a domain name system (DNS) server to a first client device, the first data packet being a DNS response, extracting a first internet protocol (IP) address and a first hostname from the first data packet, and storing the first IP address and the first hostname in a first entry of an identification table.