隨著LTE的普及，有越來越多的行動裝置連接上行動通訊網路，然而根據Cisco的研究報告指出，行動通訊網路頻寬難以在尖峰時刻，提供令大量使用者滿意的連線品質，例如:上下班時間或是人群集中的地方...等。因此，對於電信商來說，如何在有限的網路頻寬下提高使用者體驗，是目前最為重要的議題之一。
根據研究顯示，除了一般的使用者會使用頻寬外，還有非常大量的頻寬是被惡意程式和殭屍網路所佔用。為了解決這樣的問題，3GPP提出使用流量偵測功能模組（Traffic Detection Function ;TDF）來執行深度封包檢測(Deep Packet Inspection; DPI)。然而，若針對每一個封包都執行深度封包檢測，所需付出的成本是非常高的，而且會大幅降低網路傳輸效能。因此，在本論文中，我們提出了隨機封包深度檢測的演算法，以期能夠在成本與效能間找到平衡點。根據我們所提出的隨機封包深度檢測演算法，流量偵測功能模組僅會針對隨機的封包進行深度封包檢測，以判斷每一個會話(Sessions)是屬於何種網路應用服務。對於隨機封包深度檢測來說，最基本檢測的單位是一個會話，策略和計費執行元件 (Policy Control Enforced Function; PCEF) 會決定是否讓會話的封包通過或是丟棄。根據我們的實驗結果顯示，我們所提出的隨機封包深度檢測演算法，確實可以有效提高策略和計費執行元件執行封包深度檢測的效能。
在清除被惡意程式所佔領的頻寬後，如何分配頻寬給使用者是另外一個重要的議題。如何有效的將頻寬分配給使用者以滿足使用者所需要的服務品質 (Quality of Service; QoS)? 服務品質是一個用來衡量網路服務是否穩定的重要參數，如果具有時效性的應用程式能夠在時間到期前完成服務的話，那對於提升QoS是非常有幫助的。因此，在分配頻寬時，應該要考慮到具有時效性的應用程式是否能夠在時間到期前完成服務。在論文中，我們提出了分析模型和模擬程式來驗證我們所提出的演算法能夠確實的提高QoS。
在本論文的第二部分，我們提出了三種動態頻寬分配演算法。我們介紹了多路徑TCP (Multiple TCP; MPTCP)如何應用在行動通訊網路，多路徑TCP允許行動裝置同時利用兩種以上的網路連線與網際網路連接。因此，如果行動裝置能夠同時利用行動網路和WiFi連線到網際網路，將可以減少使用行動通訊網路的頻寬。如此，便可以把減少使用的行動網路頻寬分配給其他的行動裝置，以提高整體網路使用者的使用者體驗。
首先，我們所提出第一種動態頻寬分配演算法(Dynamic Bandwidth Reallocation; DBR)，將閒置的頻寬平均分配給所有的使用者，並經由實驗證明，動態頻寬分配演算法比起不使用任何分配演算法的系統來說，使用者能夠完成傳輸的機率提高了，並且頻寬的使用率也確實提高了。而在之後，我們又提出了兩種考量服務品質之動態頻寬分配演算法(QoS-awareDynamic Bandwidth Reallocation)來提升動態頻寬分配演算法的效能，分別是最短截止時間優先(Earliest Deadline First, QEDF)以及最小傳輸檔案優先(Smallest download Size First, QSSF)演算法。最短截止時間優先和最小傳輸檔案優演算法會先計算每一個會話所需要的頻寬，然後在基於最短時間優先或是最小傳輸檔案優先來分配頻寬給會話。根據我們的實驗結果顯示，相較於動態頻寬分配演算法，這兩種演算法的網路效能以及服務品質都有所提升。
基於我們的研究，電信商能夠透過清除惡意程式所占用的頻寬以及動態調整網路頻寬的分配來提高系統中的服務品質。

Along with the deployment of LTE network, there are more and more mobile connect to the LTE network directly. According to the Cisco's network report, the bandwidth in mobile network is lack for serving so many subscribers, especially, in the peak hours. The urgent priority of mobile operators are increasing the quality of service (QoS) of users.
According to the previous research, there is much bandwidth occupied by the malicious application and botnets. For solving this problem, the 3GPP had introduced the Traffic Detection Function (TDF) for performing the deep packet inspection (DPI). However, if the TDF performs DPI on every packets, the cost is very high and the transmission performance is downgrade. Therefore, we had proposed a random deep packet inspection scheme for operators to find the balance between cost and performance. By random deep packet inspection scheme, the TDF can only perform DPI on some of packets and verify the application types of sessions. The basic unit in the random deep packet inspection scheme is a session, the policy control enforced function (PCEF) controls the bandwidth by passing or dropping sessions. The random deep packet inspection can improve the performance of DPI in TDF.
After vacating the bandwidth, the bandwidth allocation is another issue for operators. How to allocate the bandwidth to users for getting the best QoS? The QoS of users is an import index for measuring the satisfaction of network services. And if the deadline assurance service can be done before deadline, the QoS will be improved. Therefore, the bandwidth allocation should consider the service time of deadline assurance services. We also develop analytic models and simulations experiments to evaluate the performance of the proposed algorithms.
In the second part of this dissertation, we proposed the dynamic bandwidth reallocation algorithms. We introduced how to deploy multiple TCP (MPTCP) in the mobile networks. MPTCP allows a mobile equipment connect to Internet by more than two network interfaces simultaneously. The demand cellular bandwidth may decrease when a mobile equipment connect to cellular network and WiFi simultaneously. Therefore, the mobile operators can reallocate the idle bandwidth to other mobile equipment for improving the QoE.
The Dynamic Bandwidth Reallocation (DBR) algorithm, we proposed, will allocate the idle bandwidth to mobile equipment equally. By the DBR algorithm, the miss rate of deadline assurance service had improving than static algorithm. And we proposed the QoS-Aware Dynamic Bandwidth Reallocation algorithms, Earliest Deadline First (QEDF) allocation algorithm and Smallest download Size First (QSSF) allocation algorithm, for improving the performance of DBR. The QEDF and QSSF will calculate the demand bandwidth of devices, first. And then the QEDF will allocate the idle bandwidth to the session with least deadline period. And the QSSF will allocate the idle bandwidth to the session with smallest download file size. These two algorithms had better performance than the DBR algorithm.
Based on our study, the mobile operators can achieve high QoS in data transmission by vacating the bandwidth from malicious applications and reallocating the bandwidth to real need mobile equipment.

[1] Cisco, “Cisco visual networking index: global mobile data traffic forecast update, 2016–2021,” White Paper, 2017.
[2] A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner, “A survey of mobile malware in the wild,” in Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, 2011, pp. 3–14.
[3] M. La Polla, F. Martinelli, and D. Sgandurra, “A survey on security for mobile devices,” IEEE communications surveys & tutorials, vol. 15, no. 1, pp. 446–471, 2013.
[4] P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger, P. McDaniel, and T. La Porta, “On cellular botnets: measuring the impact of malicious devices on a cellular network core,” in Proceedings of the 16th ACM conference on Computer and communications security, 2009, pp. 223–234.
[5] X. Peng, Y. Wen, and H. Zhao, “Security issues and solutions in 3g core network.”Journal of Networks, vol. 6, no. 5, pp. 823–830, 2011.
[6] S.-I. Sou and C.-S. Lin, “Random packet inspection scheme for network intrusion prevention in lte core networks,” IEEE Transactions on Vehicular Technology, vol. 66, no. 9, pp. 8385–8397, 2017.
[7] Y.-T. Peng, S.-I. Sou, M.-H. Tsai, and C.-S. Lin, “Multipath mobile data offloading of deadline assurance with policy and charging control in cellular/wifi networks,”Computer Networks, vol. 129, pp. 17–27, 2017.
[8] C.-S. Lin and S.-I. Sou, “Deadline assurance through dynamic bandwidth reallocation in multipath mobile data offloading,” in IEEE Wireless Communications and Networking Conference (WCNC), April, 2018, 2018.
[9] S.-I. Sou and H.-Y. Hsieh, “Modeling application-based charging management with traffic detection function in 3gpp,” Computer Networks, vol. 91, pp. 625–637, 2015.
[10] 3GPP, “Policy and charging control architecture,” 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 23.203, 2018, version 15.2.0.
[11] G. Gómez, Q. Pérez, J. Lorca, and R. García, “Quality of service drivers in lte and lte-a networks,” Wireless personal communications, vol. 75, no. 2, pp. 1079–1097, 2014.
[12] 3GPP, “Policy and charging control (PCC); Reference points,” 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 29.212, 2018, version 15.2.0.
[13] 3GPP, “Policy and charging control signalling flows and Quality of Service (QoS) parameter mapping,” 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 29.213, 2018, version 15.2.0.
[14] 3GPP, “Architecture enhancements for control and user plane separation of EPC nodes,” 3rd Generation Partnership Project (3GPP), Technical Specification (TS) 29.214, 2018, version 15.2.0.
[15] A. Goldner, “3gpp traffic detection functionality,” in 2012 IEEE International Conference on Communications (ICC), 2012, pp. 6993–6998.
[16] Allot Communications, “Digging deeper into deep packet inspection(dpi),” 2007.
[17] C. Parsons(2013,Feb.). Deep packet inspection and its predecessors. [Online]. Available: https://www.christopher-parsons.com/Main/wp-content/uploads/2013/02/DPI-and-Its-Predecessors-3.5.pdf
[18] M. Finsterbusch, C. Richter, E. Rocha, J.-A. Muller, and K. Hanssgen, “A survey of payload-based traffic classification approaches,” IEEE Communications Surveys & Tutorials, vol. 16, no. 2, pp. 1135–1156, 2014.
[19] R. T. El-Maghraby, N. M. A. Elazim, and A. M. Bahaa-Eldin, “A survey on deep packet inspection,” in Computer Engineering and Systems (ICCES), 2017 12th International Conference on, 2017, pp. 188–197.
[20] C. Xu, S. Chen, J. Su, S.-M. Yiu, and L. C. Hui, “A survey on regular expression matching for deep packet inspection: Applications, algorithms, and hardware platforms,” IEEE Communications Surveys & Tutorials, vol. 18, no. 4, pp. 2991–3029, 2016.
[21] A. J. Alzahrani and A. A. Ghorbani, “Time signature-based detection approach for sms botnet,” in 2015 13th Annual Conference on Privacy, Security and Trust (PST), 2015, pp. 157–164.
[22] M. L. Mueller and H. Asghari, “Deep packet inspection and bandwidth management: Battles over bittorrent in canada and the united states,” Telecommunications Policy, vol. 36, no. 6, pp. 462–475, 2012.
[23] F. Rebecchi, M. D. De Amorim, V. Conan, A. Passarella, R. Bruno, and M. Conti, Data offloading techniques in cellular networks: A survey,” IEEE Communications Surveys & Tutorials, vol. 17, no. 2, pp. 580–603, 2015.
[24] R. Maallawi, N. Agoulmine, B. Radier, and T. B. Meriem, “A comprehensive survey on offload techniques and management in wireless access and core networks,”IEEE Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1582–1604, 2015.
[25] S. Landstrom, A. Furuskãr, K. Johansson, L. Falconetti, and F. Kronestedt, “Heterogeneous networks–increasing cellular capacity,” Ericsson review, vol. 1, pp. 4–9, 2011.
[26] S. Dimatteo, P. Hui, B. Han, and V. O. Li, “Cellular traffic offloading through wifi networks,” in 2011 IEEE 8th International Conference on Mobile Adhoc and Sensor Systems (MASS), 2011, pp. 192–201.
[27] F. Mehmeti and T. Spyropoulos, “Performance analysis of mobile data offloading in heterogeneous networks,” IEEE Transactions on Mobile Computing, vol. 16, no. 2, pp. 482–497, 2017.
[28] H. Wu, X. Wen, Z. Lu, and Q. Pan, “Mobile data offloading under attractor selection in heterogeneous networks,” in 2017 International Symposium on Wireless Communication Systems (ISWCS), Aug 2017, pp. 164–169.
[29] K. Lee, J. Lee, Y. Yi, I. Rhee, and S. Chong, “Mobile data offloading: How much can wifi deliver?” IEEE/ACM Transactions on Networking (ToN), vol. 21, no. 2, pp. 536–550, 2013.
[30] P. Fuxjager, I. Gojmerac, H. R. Fischer, and P. Reichl, “Measurement-based smallcell coverage analysis for urban macro-offload scenarios,” in 2011 IEEE 73rd Vehicular Technology Conference (VTC Spring), 2011, pp. 1–5.
[31] J. Korhonen, T. Savolainen, A. Y. Ding, and M. Kojo, “Toward network controlled ip traffic offloading,” IEEE Communications Magazine, vol. 51, no. 3, pp. 96–102, 2013.
[32] S.-I. Sou, “Mobile data offloading with policy and charging control in 3gpp core network,” IEEE Transactions on Vehicular Technology, vol. 62, no. 7, pp. 3481–3486, 2013.
[33] A. De la Oliva, C. J. Bernardos, M. Calderon, T. Melia, and J. C. Zuniga, “Ip flow mobility: smart traffic offload for future wireless networks,” IEEE Communications Magazine, vol. 49, no. 10, 2011.
[34] F. Mehmeti and T. Spyropoulos, “Is it worth to be patient? analysis and optimization of delayed mobile data offloading,” in 2014 Proceedings IEEE INFOCOM, 2014, pp. 2364–2372.
[35] L. Gao, G. Iosifidis, J. Huang, and L. Tassiulas, “Economics of mobile data offloading,”in 2013 Proceedings IEEE INFOCOM, 2013, pp. 3303–3308.
[36] H. Ko, J. Lee, and S. Pack, “Performance optimization of delayed wifi offloading in heterogeneous networks,” IEEE Transactions on Vehicular Technology, vol. 66, no. 10, pp. 9436–9447, 2017.
[37] J. A. Stankovic, T. Abdelzaher, C. Lu, L. Sha, and J. C. Hou, “Real-time communication and coordination in embedded sensor networks,” Proceedings of the IEEE, vol. 91, no. 7, pp. 1002–1022, 2003.
[38] P. T. Shiva, K. Raja, K. Venugopal, S. Iyengar, and L. M. Patnaik, “Linkreliability based two-hop routing for qos guarantee in wireless sensor networks,”
in 2013 16th International Symposium on Wireless Personal Multimedia Communications (WPMC), 2013, pp. 1–6.
[39] Y.-C. Wang and S.-Y. Hsieh, “Service-differentiated downlink flow scheduling to support qos in long term evolution,” Computer Networks, vol. 94, pp. 344–359, 2016.
[40] A. Ford, C. Raiciu, M. Handley, S. Barre, and J. Iyengar, “Architectural guidelines for multipath tcp development,” IETF RFC 6182, Mar. 2011.
[41] A. Ford, C. Raiciu, M. Handley, and O. Bonaventure, “Tcp extensions for multipath operation with multiple addresses,” IETF RFC 6824, Jan. 2013.
[42] C. Paasch, G. Detal, F. Duchene, C. Raiciu, and O. Bonaventure, “Exploring mobile/wifi handover with multipath tcp,” in Proceedings of the 2012 ACM SIGCOMM workshop on Cellular networks: operations, challenges, and future design, 2012, pp. 31–36.
[43] A. Rahmati, C. Shepard, C. C. Tossell, L. Zhong, P. Kortum, A. Nicoara, and J. Singh, “Seamless tcp migration on smartphones without network support,”IEEE Transactions on Mobile Computing, vol. 13, no. 3, pp. 678–692, 2014.
[44] M. A. P. Gonzalez, T. Higashino, and M. Okada, “Radio access considerations for data offloading with multipath tcp in cellular/wifi networks,” in 2013 International Conference on Information Networking (ICOIN), 2013, pp. 680–685.
[45] G. Gao, M. Xiao, J. Wu, K. Han, L. Huang, and Z. Zhao, “Opportunistic mobile data offloading with deadline constraints,” IEEE Transactions on Parallel and Distributed Systems, vol. 28, no. 12, pp. 3584–3599, 2017.
[46] C.-S. Lin and S.-I. Sou, “Deadline assurance through dynamic bandwidth reallocation in multipath mobile data offloading,” in IEEE Wireless Communications and Networking Conference (WCNC), April, 2018, 2018.
[47] S.-I. Sou and Y.-T. Peng, “Performance modeling for multipath mobile data offloading in cellular/wi-fi networks,” IEEE Transactions
[48] 3GPP, “User equipment (ue) radio transmission and reception,” 3rd Generation Partnership Project (3GPP), Tech. Rep. 36.101, version 14.1.0.
[49] P. Nuggehalli, “Lte-wlan aggregation [industry perspectives],” IEEE Wireless Communications, vol. 23, no. 4, pp. 4–6, 2016.
[50] 3GPP, “Evolved universal terrestrial radio access (e-utra) and evolved universal terrestrial radio access network (e-utran); overall description; stage 2,” 3rd Generation Partnership Project (3GPP), Tech. Rep. 36.300, version 13.4.0.
[51] Y.-B. Lin, Y.-J. Shih, and P.-W. Chao, “Design and implementation of lte rrm with switched lwa policies,” IEEE Transactions on Vehicular Technology, 2017.
[52] A. Papadogiannakis, M. Polychronakis, and E. P. Markatos, “Improving the accuracy of network intrusion detection systems under load using selective packet discarding,” in Proceedings of the Third European Workshop on System Security, 2010, pp. 15–21.
[53] V. C. Valgenti, H. Sun, and M. S. Kim, “Protecting run-time filters for network intrusion detection systems,” in 2014 IEEE 28th International Conference on Advanced Information Networking and Applications (AINA), 2014, pp. 116–122.
[54] S.-I. Sou, Y.-B. Lin, and C.-L. Luo, “Cost analysis of short message retransmissions,”IEEE Transactions on Mobile Computing, vol. 9, no. 2, pp. 215–225, 2010.
[55] S. M. Ross, Introduction to probability models. Academic press, 2014.
[56] L. Kleinrock, “Queueing system volume 1: Theory,” John Wiley&Sons, pp. 137–139, 1975.
[57] Hoßfeld, Tobias and Seufert, Michael and Hirth, Matthias and Zinner, Thomas and Tran-Gia, Phuoc and Schatz, Raimund, “Quantification of youtube qoe via crowdsourcing,” in 2011 IEEE International Symposium on Multimedia (ISM), 2011, pp. 494–499.
[58] T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein, Introduction to algorithms. MIT press, 2009.
[59] J. Shi, C. Qiao, D. Koutsonikolas, and G. Challen, “CRAWDAD dataset buffalo/phonelab-wifi (v. 2016-03-09),” Downloaded from https://crawdad.org/buffalo/phonelab-wifi/20160309, Mar. 2016.
[60] M. E. Crovella and A. Bestavros, “Self-similarity in world wide web traffic: evidence and possible causes,” IEEE/ACM Transactions on networking, vol. 5, no. 6, pp. 835–846, 1997.