1. Field of the Invention
The present invention relates in general to the field of telecommunications, more particularly to data networks. Specifically, the present invention deals with the aspects of data traffic monitoring, particularly, albeit not exclusively, in IP (Internet Protocol) data networks, for the purpose of profiling users.
2. Discussion of the Related Art
Profiling of data traffic is useful in order to be able to offer customized services to users. For example, by observing the network data traffic corresponding to a certain user, a profile thereof can be created, based on which it is for example possible to send to the user personalized advertisement, that may be included in banners of the web pages displayed through a web browser, or in pop-up windows; this allows exploiting the enormous potentialities of the Internet surfing as an extremely powerful advertisement means.
Through the years, content providers have developed several solutions to achieve this goal, based on the technical capabilities from time to time made available by the end systems (clients and servers).
Some known solutions are particularly invasive, as they require the installation of specific application programs on the user terminal. These solutions have had scarce success, mainly due to the renitence of the users to install on their terminals software which may be regarded, although it is not, as malware or spyware.
Other known solutions exploit, for collecting information useful to build a user profile, the interactions of the user with one or more federated content provider servers. These solutions are generally better accepted by the users, but the amount of information they can provide is limited, and only a part of the user's behaviors can be tracked.
Telecommunications network (telecom) operators and Internet connectivity Service Providers (ISPs) are in a privileged position compared to content providers, because all the data traffic of a certain user passes there through.
Recently, techniques have been developed that allow a network operator to monitor the users' activities at an application level. These techniques make use of “Internet appliances” that analyze the traffic passing over a telecommunications network and are capable of producing statistical reports with detailed analysis at the application level, even for every single user. Nevertheless, these techniques have not been fully deployed, in view of the legal restrictions posed on telecom operators, particularly in connection with privacy issues, which in many countries forbid a telecom operator to associate to users respective logs of their activities, like the exchanged data traffic. For these reasons, this operator-side data traffic profiling is often not exploitable.
An example of this type of profiling techniques is given in WO 2007/033097, which discloses communication traffic monitoring and controlling systems and methods that allow for controlling communication traffic over the Internet based on the identity of particular users using potentially volatile information, such as a dynamically assigned IP address. The system and method allow a controller to personalize services for users without the need for the user to supply personal information, such as his/her name, address, and the like, and without the need to have computer programs or code installed on the user's computer. An “IP appliance” needs to be introduced in the network, which monitors the application-level traffic in respect of single users. A traffic analysis module analyzes the traffic directed from the users' clients to the network servers of the ISP, and the related responses. In particular, the analysis is made on the protocols (e.g., RADIUS, DHCP—Dynamic Host Configuration Protocol) used by the ISP to authorize the user's access to the network and to dynamically configure the user's terminal IP address; based on the protocols analysis, every IP address is associated with a specific customer of the ISP based on the access credentials. The IP appliance is thus capable of establishing an association between every IP packet flowing over the network and a specific user, and thus to update the user profile.
U.S. Pat. No. 5,948,061 discloses methods and apparatuses for targeting the delivery of advertisements over a network such as the Internet. Statistics are compiled on individual users and networks and the use of the advertisements is tracked to permit targeting of the advertisements of individual users. In response to requests from affiliated sites, an advertising server transmits to people accessing the page of a site an appropriate advertisement based upon profiling of users and networks. An “Advertising Server Process” provides user profiling services. When a user exploiting a browser accesses an “Affiliate Web Site”, the addressed web page contains a reference to an advertisement banner provided by the Advertising Server Process. The advertisement banner contains in turn a link to an advertisement web page on an Advertiser's Web Site, to be displayed if and when the user selects the advertisement banner. When the browser downloads the advertisement banner, it provides to the Advertising Server Process information including the IP address, a cookie (if the browser is enabled), the browser type and version, the operating system etc.; the Advertising Server Process analyzes this data to profile the user, and personalizes the advertisement banners.
US 2008/0098220 discloses a method and system for monitoring users on one or more computer networks, disassociating personally identifiable information from the collected data, and storing it in a database so that the privacy of the users is protected. The system includes monitoring transactions at both a client and a server, collecting network transaction data, and aggregating the data collected at the client and at the server. The system receives a user identifier and uses it to create an anonymized identifier. The anonymized identifier is then associated with one or more users' computer network transactions. The data is stored by a collection engine and then aggregated to a central database server across a computer network.