FORM 2
THE PATENTS ACT, 1970 (39 OF 1970)
& THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
“METHOD AND SYSTEM FOR IDENTIFICATION OF ONE OR MORE SERVICE DEGRADATION EVENTS”
We, Jio Platforms Limited, an Indian National, of Office - 101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad - 380006, Gujarat, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

METHOD AND SYSTEM FOR IDENTIFICATION OF ONE OR MORE SERVICE
DEGRADATION EVENTS
FIELD OF THE DISCLOSURE
[0001] The present disclosure relates generally to the field of wireless
communication systems. More particularly, the present disclosure relates to methods and systems for identification of one or more service degradation events and one or more anomalies in a wireless communication network using one or more Artificial Intelligence (AI) techniques.
BACKGROUND
[0002] The following description of related art is intended to provide
background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section be used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of prior art.
[0003] Wireless communication technology has rapidly evolved over the past
few decades, with each generation bringing significant improvements and advancements. The first generation of wireless communication technology was based on analog technology and offered only voice services. However, with the advent of the second-generation (2G) technology, digital communication and data services became possible, and text messaging was introduced. The third-generation (3G) technology marked the introduction of high-speed internet

access, mobile video calling, and location-based services. The fourth generation (4G) technology revolutionized wireless communication with faster data speeds, better network coverage, and improved security. Currently, the fifth generation (5G) technology is being deployed, promising even faster data speeds, low latency, and the ability to connect multiple devices simultaneously. With each generation, wireless communication technology has become more advanced, sophisticated, and capable of delivering more services to its users.
[0004] With the rapid growth of 5G services and the exponential increase in
the number of users accessing them, the complexity of network management has escalated significantly. This surge in user activity has led to a corresponding rise in anomalies at various critical nodes within the network, such as at the Service Communication Proxy (SCP) level. These anomalies pose a serious threat to the seamless operation of the radio communication network and must be diligently monitored to prevent any adverse impact on user experience. These anomalies have the potential to degrade the quality of services offered to users across the network. Furthermore, the anomalies in network traffic patterns could serve as indicators for potential security breaches or cyberattacks, making it imperative to address them swiftly and effectively. For instance, anomalies may manifest as sudden spikes or drops in traffic at specific nodes, unusual errors cropping up within the network infrastructure, or deviations from established patterns of operation.
[0005] Further, over the period of time various solutions have been
developed to improve the performance of communication devices or devices / modules configured at a network end and to prevent affecting the experience of the user in the communication network due the occurrence of such abnormalities in the network. However, still there are certain challenges with existing solutions.

The conventional approach for network monitoring and management fails to operate proactively and also fails to cope with a volume and diversity of data traffic traversing the network. As a result, anomalies go undetected or inadequately addressed, leading to service disruptions and degradation of user experience.
[0006] Thus, in order to improve the radio access network capacity and
performance of network node(s), there exists an imperative need in the art to reliably monitor the occurrence of various abnormalities or anomalies and service degradation events at the network level and then alert various network managing entities about such events, which the present disclosure aims to address.
OBJECTS OF THE DISCLOSURE
[0007] Some of the objects of the present disclosure, which at least one
implementation disclosed herein satisfies are listed herein below.
[0008] It is an object of the present disclosure to provide a system and a
method to identify service degradation event(s) at the network in real-time, periodically or near real-time.
[0009] It is another object of the present disclosure to provide a solution that
monitor the occurrence of service degradation events at the network and more particularly at the SCP level of the 5G core network.
[00010] It is another object of the present disclosure to provide a method
which proactively monitors one or more 5G core Network Function services for detecting one or more anomalies effectively.

[00011] It is another object of the present disclosure to provide easy
troubleshooting by automatically tracking one or more affected nodes in a network, thereby reducing manual effort involved in troubleshooting.
[00012] It is yet another object of the present disclosure to provide a solution
to alert the network managing entities (such as network management system or network management users) about the occurrence of various service degradation events.
SUMMARY OF THE PRESENT DISCLOSURE
[00013] This section is provided to introduce certain implementations of the
present disclosure in a simplified form that are further described below in the detailed description. This summary is not intended to identify the key features or the scope of the claimed subject matter.
[00014] An aspect of the present disclosure is related to a method for
identification of one or more service degradation events. The method encompasses receiving, by a transceiver unit of a network node, a set of data from a plurality of sources. Further, according to an aspect of the present disclosure, the network node is a Service Communication Proxy (SCP) of the 5G network. Furthermore, the method encompasses analysing, by an analysis unit of the network node, the set of data using a trained model. Furthermore, the method encompasses identifying, by an identification unit of the network node, the one or more service degradation events based on the analysis of the set of data. Lastly, the method encompasses alerting, by an alert unit of the network node, a Network

Management System (NMS) based on the identification of the one or more service degradation events.
[00015] Further according to an aspect of the present disclosure, the one or
more service degradation events correspond to at least one from among an overloading situation at a 5th generation (5G) network, an increase of traffic at the 5G network, and an occurrence of one or more service impacting errors at the 5G network.
[00016] Also, according to an aspect of the present disclosure, the method
further encompasses determining, by a determination unit associated with the Service Communication Proxy (SCP) of the 5G network, a system and performance statistics at a time interval that is at least one of regular, on-demand, and configurable. The method further encompasses fetching, by a fetching unit via the trained model, the determined system and performance statistics from the SCP, wherein the time interval for fetching is set based on a policy defined by an operator, thereby enabling the trained model to monitor and analyse health and performance of a set of 5G network services in a dynamic and adaptable manner.
[00017] Further, according to an aspect of the present disclosure, the plurality
of sources comprises at least one of connected network nodes, client-based network functions, local servers and cloud-based servers.
[00018] Also, according to an aspect of the present disclosure, the set of data
comprises at least one of a traffic-based data, a signal data, a user data, a data associated with pattern of traffic at the network node, a historical data, an occurrence of events that impact performance of network, and a data associated with resolution of the one or more service degradation events.

[00019] Further, according to an aspect of the present disclosure, the one or
more service degradation events are identified when severity of one or more events passes a threshold value, wherein the threshold value is defined based on the analysis of the set of data using the trained model.
[00020] Also, according to an aspect of the present disclosure, the trained
model is a machine learning (ML) based model.
[00021] Another aspect of the present disclosure relates to a network node for
identification of one or more service degradation events comprising a transceiver unit, an analysis unit, an identification unit and an alert unit. The transceiver unit is configured to receive a set of data from a plurality of sources. Further, the analysis unit is connected at least with the transceiver unit and the analysis unit is configured to analyse the set of data using a trained model. Furthermore, the identification unit is connected at least with the analysis unit and the identification unit is configured to identify one or more service degradation events based on the analysis of the set of data. Furthermore, the alert unit is connected at least with the identification unit and the alert unit is configured to alert a Network Management System (NMS) based on the identification of the one or more service degradation events.
[00022] Further, an aspect of the present disclosure relates to a non-transitory
computer readable storage medium storing instructions for identification of one or more service degradation events. The instructions include an executable code which when executed by one or more units of a network node, causes: a transceiver unit of the network node to receive a set of data from a plurality of sources; an analysis unit of the network node to analyse the set of data using a

trained model; an identification unit of the network node to identify the one or more service degradation events based on the analysis of the set of data; and an alert unit of the network node to alert a Network Management System (NMS) based on the identification of the one or more service degradation events.
BRIEF DESCRIPTION OF DRAWINGS
[00023] The accompanying drawings, which are incorporated herein, and
constitute a part of this disclosure, illustrate exemplary implementations of the disclosed methods and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Some drawings may indicate the components using block diagrams and may not represent the internal circuitry of each component. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components, electronic components or circuitry commonly used to implement such components.
[00024] FIG. 1A illustrates an exemplary block diagram representation of 5th
generation core (5GC) network architecture.
[00025] FIG. 1B illustrates an exemplary block diagram of a network node [100]
for identification of one or more service degradation events, in accordance with exemplary implementations of the present disclosure.
[00026] FIG. 2 illustrates an exemplary method [200] flow diagram indicating
the process for identification of one or more service degradation events, in accordance with exemplary implementations of the present disclosure.

5
[00027] Fig. 3 illustrates an exemplary 5G network architecture with
implementation of method for identification of one or more service degradation events, in accordance with exemplary implementations of the present disclosure.
10 [00028] Fig. 4 illustrates an exemplary block diagram of a computing device
upon which an embodiment of the present disclosure may be implemented.
[00029] The foregoing shall be more apparent from the following more
detailed description of the disclosure. 15
DETAILED DESCRIPTION
[00030] In the following description, for the purposes of explanation, various
specific details are set forth in order to provide a thorough understanding of
20 implementations of the present disclosure. It will be apparent, however, that
implementations of the present disclosure may be practiced without these specific details. Several features described hereafter can each be used independently of one another or with any combination of other features. An individual feature may not address any of the problems discussed above or might address only some of
25 the problems discussed above. Some of the problems discussed above might not
be fully addressed by any of the features described herein. Example implementations of the present disclosure are described below, as illustrated in various drawings in which like reference numerals refer to the same parts throughout the different drawings.
30
[00031] The ensuing description provides exemplary implementations only,
and is not intended to limit the scope, applicability, or configuration of the
9

5 disclosure. Rather, the ensuing description of the exemplary implementations will
provide those skilled in the art with an enabling description for implementing an exemplary implementation. It should be understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope of the disclosure as set forth.
10
[00032] It should be noted that the terms "mobile device", "user equipment",
"user device", “communication device”, “device” and similar terms are used interchangeably for the purpose of describing the disclosure. These terms are not intended to limit the scope of the disclosure or imply any specific functionality or
15 limitations on the described implementations. The use of these terms is solely for
convenience and clarity of description. The disclosure is not limited to any particular type of device or equipment, and it should be understood that other equivalent terms or variations thereof may be used interchangeably without departing from the scope of the disclosure as defined herein.
20
[00033] Specific details are given in the following description to provide a
thorough understanding of the implementations. However, it will be understood by one of ordinary skill in the art that the implementations may be practiced without these specific details. For example, circuits, systems, networks, processes,
25 and other components may be shown as components in block diagram form in
order not to obscure the implementations in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail in order to avoid obscuring the implementations.
30
[00034] Also, it is noted that individual implementations may be described as
a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a
10

5 structure diagram, or a block diagram. Although a flowchart may describe the
operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed but could have additional steps not included in a figure.
10
[00035] In addition, each block may indicate some of modules, segments, or
codes including one or more executable instructions for executing a specific logical function(s). Further, functions mentioned in the blocks occur regardless of a sequence in some alternative embodiments. For example, two blocks that are
15 contiguously illustrated may be simultaneously performed in fact or be performed
in a reverse sequence depending on corresponding functions.
[00036] One or more modules, units, components (including but not limited to
analysis unit, identification unit, alert unit, determination unit and fetching unit)
20 used herein may be software modules configured via hardware
modules/processor, or hardware processors, the processors being a general-purpose processor, a special purpose processor, a conventional processor, a digital signal processor, a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific
25 Integrated Circuits, Field Programmable Gate Array circuits, any other type of
integrated circuits, etc.
[00037] The word “exemplary” and/or “demonstrative” is used herein to mean
serving as an example, instance, or illustration. For the avoidance of doubt, the
30 subject matter disclosed herein is not limited by such examples. In addition, any
aspect or design described herein as “exemplary” and/or “demonstrative” is not necessarily to be construed as preferred or advantageous over other aspects or
11

5 designs, nor is it meant to preclude equivalent exemplary structures and
techniques known to those of ordinary skill in the art. Furthermore, to the extent
that the terms “includes,” “has,” “contains,” and other similar words are used in
either the detailed description or the claims, such terms are intended to be
inclusive—in a manner similar to the term “comprising” as an open transition
10 word—without precluding any additional or other elements.
[00038] As used herein, an “electronic device”, or “portable electronic device”,
or “user device” or “communication device” or “user equipment” or “device” refers to any electrical, electronic, electromechanical and computing
15 device. The user device is capable of receiving and/or transmitting one or
parameters, performing function/s, communicating with other user devices and/or systems, transmitting data to the other user devices and/or systems. The user equipment may have a processor, a display, a memory, a battery and an input-means such as a hard keypad and/or a soft keypad. The user equipment may
20 be capable of operating on any radio access technology including but not limited
to IP-enabled communication, Zig Bee, Bluetooth, Bluetooth Low Energy, Near Field Communication, Z-Wave, Wi-Fi, Wi-Fi direct, etc. For instance, the user equipment may include, but not limited to, a mobile phone, smartphone, virtual reality (VR) devices, augmented reality (AR) devices, laptop, a general-purpose
25 computer, desktop, personal digital assistant, tablet computer, mainframe
computer, or any other device as may be obvious to a person skilled in the art for implementation of the features of the present disclosure.
[00039] Further, the user device may also comprise a “processor”
30 or “processing unit” includes processing unit, wherein processor refers to any logic
circuitry for processing instructions. The processor may be a general-purpose
processor, a special purpose processor, a conventional processor, a digital signal
12

5 processor, a plurality of microprocessors, one or more microprocessors in
association with a DSP core, a controller, a microcontroller, Application Specific
Integrated Circuits, Field Programmable Gate Array circuits, any other type of
integrated circuits, etc. The processor may perform signal coding data processing,
input/output processing, and/or any other functionality that enables the working
10 of the system according to the present disclosure. More specifically, the
processor is a hardware processor.
[00040] As portable electronic devices and wireless technologies continue to
improve and grow in popularity, the advancing wireless technologies for data
15 transfer are also expected to evolve and replace the older generations of
technologies. In the field of wireless data communications, the dynamic advancement of various generations of cellular technology are also seen. The development, in this respect, has been incremental in the order of second generation (2G), third generation (3G), fourth generation (4G), and now fifth
20 generation (5G), and more such generations are expected to continue in the
forthcoming time.
[00041] Radio Access Technology (RAT) refers to the technology used by
mobile devices/ user equipment (UE) to connect to a cellular network. It refers to
25 the specific protocol and standards that govern the way devices communicate
with base stations, which are responsible for providing the wireless connection. Further, each RAT has its own set of protocols and standards for communication, which define the frequency bands, modulation techniques, and other parameters used for transmitting and receiving data. Examples of RATs include GSM (Global
30 System for Mobile Communications), CDMA (Code Division Multiple Access),
UMTS (Universal Mobile Telecommunications System), LTE (Long-Term Evolution), and 5G. The choice of RAT depends on a variety of factors, including the network
13

5 infrastructure, the available spectrum, and the mobile device's/device's
capabilities. Mobile devices often support multiple RATs, allowing them to connect to different types of networks and provide optimal performance based on the available network resources.
10 [00042] As used herein, Network Interfaces refer to the mechanisms or
interfaces within a system or application that facilitate at least the configuration and display of notifications to the user. These interfaces serve as the conduits through which notifications are transmitted and presented to the user, providing a means for interaction and communication.
15
[00043] As discussed in the background section, that with the increase in the
number of users accessing 5G services, the number of anomalies also increase. The anomalies are required to be monitored to prevent an adverse impact on overall experience of the radio communication network. These abnormalities
20 further affect or degrade various services provided to the users through the
network. Further the anomalies in network traffic patterns may signify potential security breaches or cyberattacks. The current known solutions for monitoring abnormalities have several shortcomings such as failure to identify root cause of the abnormality, and failure to alert the user about the abnormality. Additionally,
25 the current known solutions for network monitoring and management fail to
operate proactively and fail to cope with a volume and diversity of data traffic traversing the network. As a result, anomalies may go undetected or inadequately addressed, leading to service disruptions and degradation of user experience. The present disclosure aims to overcome the above-mentioned and other existing
30 problems in this field of technology by providing a method for identification of one
or more service degradation events, wherein the method is implemented by a network node. The method encompasses receiving, a set of data from a plurality
14

5 of sources. This set of data is then analysed using a trained model resulting in
identification of one or more service degradation events based on the analysis of the set of data. When the one or more service degradation events are identified, alerts are generated and provided to a Network Management System (NMS) for further processing.
10
[00044] In an example, the node associated with the Service Communication
Proxy (SCP), such as SCP proxy or virtual machine, shows overload conditions. This overload condition may be monitored in real-time and accordingly a notification may be sent to the Network Management System (NMS) for the rectification of
15 the abnormalities or service impact events.
[00045] Hereinafter, exemplary implementations of the present disclosure will
be described with reference to the accompanying drawings.
20 [00046] Referring to FIG. 1A, an exemplary block diagram representation of 5th
generation core (5GC) network architecture is shown. As shown in FIG. 1A, the 5GC network architecture [101] includes a user equipment (UE) [101a], a radio access network (RAN) [101b], a 5G Core Network and a Data Network (DN) [101p]. The 5G Core Network includes an access and mobility management function (AMF)
25 [101c], a Session Management Function (SMF) [101d], a Service Communication
Proxy (SCP) [101e], an Authentication Server Function (AUSF) [101f], a Network Slice Specific Authentication and Authorization Function (NSSAAF) [101g], a Network Slice Selection Function (NSSF) [101h], a Network Exposure Function (NEF) [101i], a Network Repository Function (NRF) [101j], a Policy Control Function
30 (PCF) [101k], a Unified Data Management (UDM) [101l], an application function
(AF) [101m], and a User Plane Function (UPF) [101n].
15

5 [00047] The User Equipment (UE) [101a] interfaces with the network via the
Radio Access Network (RAN) [101b]. The RAN [101b] in the 5G architecture is also
called as New Radio or nG-RAN, and these terms may be interchangeably used
herein. Radio Access Network (RAN) [101b] is the part of a mobile
telecommunications system that connects user equipment (UE) [101a] to the core
10 network (CN) and provides access to different types of networks (e.g., 5G, LTE). It
consists of radio base stations and the radio access technologies that enable wireless communication.
[00048] The Access and Mobility Management Function (AMF) [101c] manages
15 connectivity and mobility. When a UE [101a] is active, i.e. it is interacting with the
5G network, e.g., by using data/ call functionalities, the AMF [101c] knows and
maintains the location of the UE [101a] within the network. The AMF [101c] is
configured to maintain the tracking area or registration area of the UE [101a], in
case the UE is inactive. The AMF [101c]is configured to communicate with other
20 network functions/ elements such as the Session Management Function (SMF)
[101d], etc. to ensure that the UE [101a] is allowed and is able to avail the services by the network.
[00049] Particularly, the Access and Mobility Management Function (AMF)
25 [101c] is a 5G core network function responsible for managing access and mobility
aspects, such as UE registration, connection, and reachability etc. It also handles mobility management procedures like handovers and paging.
[00050] The Session Management Function (SMF) [101d] is a 5G core network
30 function responsible for managing session-related aspects, such as establishing,
modifying, and releasing sessions. It coordinates with the User Plane Function
(UPF) for data forwarding and handles IP address allocation and QoS enforcement.
16

5
[00051] The Service Communication Proxy (SCP) [101e] is a network function
in the 5G core that facilitates communication between other network functions by providing a secure and efficient messaging service. It acts as a mediator for service-based interfaces. 10
[00052] The Authentication Server Function (AUSF) [101f] is a network function
in the 5G core responsible for authenticating UEs during registration and providing security services. It generates and verifies authentication vectors and tokens.
15 [00053] The Network Slice Specific Authentication and Authorization Function
(NSSAAF) [101g] is a network function that provides authentication and authorization services specific to network slices. It ensures that UEs can access only the slices for which they are authorized.
20 [00054] The Network Slice Selection Function (NSSF) [101h] is a network
function responsible for selecting the appropriate network slice for a UE based on factors such as subscription, requested services, and network policies.
[00055] The Network Exposure Function (NEF) [101i] is a network function that
25 exposes capabilities and services of the 5G network to external applications,
enabling integration with third-party services and applications.
[00056] The Network Repository Function (NRF) [101j] is a network function
that acts as a central repository for information about available network functions
30 and services. It facilitates the discovery and dynamic registration of network
functions.
17

5 [00057] The Policy Control Function (PCF) [101k] is a network function
responsible for policy control decisions, such as QoS, charging, and access control, based on subscriber information and network policies.
[00058] The Unified Data Management (UDM) [101l] is a network function that
10 centralizes the management of subscriber data, including authentication,
authorization, and subscription information.
[00059] The Application Function (AF) [101m] is a network function that
represents external applications interfacing with the 5G core network to access
15 network capabilities and services.
[00060] The User Plane Function (UPF) [101n] is a network function
responsible for handling user data traffic, including packet routing, forwarding, and QoS enforcement. 20
[00061] The Data Network (DN) [101p] represents external networks or
services that users connect to through the mobile network, such as the internet or enterprise networks.
25 [00062] Referring to FIG.1B, an exemplary block diagram of a network node
[100] for identification of one or more service degradation events is shown, in accordance with the exemplary implementations of the present disclosure. The present disclosure discloses that a network node [100] comprises a transceiver unit [102], an analysis unit [104], an identification unit [106], an alert unit [108], a
30 determination unit [110] and a fetching unit [112]. Also, all of the components/
units of the network node [100] are assumed to be connected to each other unless otherwise indicated below. Also, in Fig. 1 only a few units are shown, however, the network node [100] may comprise multiple such units or the network node [100]
18

5 may comprise any such numbers of said units, as required to implement the
features of the present disclosure. Further, in an implementation, the network node [100] may be present at a network level to implement the features of the present disclosure. For ease of reference, FIG. 1B depicts units/components of the network node [100] by way of representation of blocks and FIG. 1B do not
10 represent the internal circuitry or connections of each component/unit of the
network node [100]. It will be appreciated by those skilled in the art that disclosure of such drawings/block diagrams includes disclosure of electrical components and connections between said electronic components, and electronic components or circuitry commonly used to implement such components.
15
[00063] Further, in accordance with the present disclosure, it is to be
acknowledged that the functionality described for the various the components/units can be implemented interchangeably. While specific embodiments may disclose a particular functionality of these units for clarity, it is
20 recognized that various configurations and combinations thereof are within the
scope of the disclosure. The functionality of specific units as disclosed in the disclosure should not be construed as limiting the scope of the present disclosure. Consequently, alternative arrangements and substitutions of units, provided they achieve the intended functionality described herein, are considered to be
25 encompassed within the scope of the present disclosure.
[00064] The network node may be a Service Communication Proxy (SCP) of the
5G network. Further, the network node refers to a connection point in a
communications network. Each node may be an endpoint for data transmissions
30 or redistribution. The nodes have either a programmed or engineered capability
to recognize, process and forward data and/or signal transmissions to other network nodes.
19

5
[00065] The transceiver unit [102] of the network node [100], is configured to
receive a set of data from a plurality of sources. The present disclosure
encompasses that the transceiver unit [102] is configured to receive a set of data
periodically or continuously from the plurality of sources. In addition, an operator
10 of the network node [100] may pre-set the periodic time interval for receiving the
set of data from the plurality of sources.
[00066] The transceiver unit [102] is a combination of a transmitter and a
receiver which may transmit as well as receive one or more signals. The present
15 disclosure encompasses that the plurality of sources comprises at least one of
connected network nodes, client-based network functions, local servers, and cloud-based servers. The present disclosure encompasses that the set of data include but not limited to at least one of a traffic-based data, a signal data, a user data, a data associated with pattern of traffic at the network node, (for example:
20 Transaction Per Second (TPS)), an error occurrence data (for e.g., data indicating a
frequency of an occurrence of an error), a historical data (for e.g., a data indicating details of historical actions performed at a network node etc.), an occurrence of events that impact performance of network, and data associated with resolution of the one or more service degradation events (for e.g. failure to meet SLA (Service
25 Level Agreement) targets for metrics such as latency/frame delay etc.).
[00067] For example, the transceiver unit [102] is configured to receive the set
of data such as traffic-based data, signal data, user data, data delineating patterns
of traffic at network nodes, historical data archives, and records of events
30 impacting network performance from the plurality of source such as base stations,
end-user devices like smartphones and IoT devices. Hence, the transceiver unit
20

5 [102] ensures a robust data acquisition across a dynamic and interconnected
network landscape.
[00068] Further, the analysis unit [104] is connected at least with the
transceiver unit [102] and receives the set of data collected by the transceiver unit
10 [102]. The analysis unit [104] is configured to analyse the set of data using the
trained model. For instance, the analysis of the set of data may include identifying one or more patterns, one or more trends. Additionally, the present disclosure encompasses that the trained model is a machine learning (ML) based model.
15 [00069] For instance, the ML based model may be trained a set of data
associated with an induvial Service Communication Proxy (SCP) and one or more Network Function (NF) producers that may be connected to the Service Communication Proxy (SCP). The set of data include a number of requests which are received at said SCP, a number of requests which are forwarded from said SCP,
20 a number of responses which are received at said SCP, and a number of responses
which are forwarded from said SCP. The set of data may also include latency of requests and latency of corresponding responses. The set of data may further sub-categorize response into a response type such as 2xx response type, 3xx response type, 4xx response type. Said response type in accordance with the
25 implementation of the present solution, may be utilised to identify a successful
response from the NF producer while other response type (i.e., other than the sub-categorized responses) indicates failure from the NF producer. Further, it is to be noted that the information provided herein is intended solely for exemplary purposes and should not be construed in any way to limit the scope of the present
30 disclosure. Any examples, scenarios, or illustrations presented are exemplary and
should not be interpreted in a manner to constitute a limitation on the scope or applicability of the disclosure. The ML based model may use any technique and
21

5 utilises one or more network attributes/counters that maybe obvious to the
person skilled in the art to implement the solution of the present disclosure.
[00070] Particularly, the trained model refers to a machine learning model that
has undergone a training process using a dataset to learn patterns, relationships,
10 or features from the data. For example, the ML based model may include but not
limited to a trained convolutional neural networks (CNNs), a trained recurrent neural networks (RNNs) or other trained deep learning models. The trained model used in the present solution is trained based on historical data such as historical traffic-based data, historical signal data, historical user data, historical data
15 associated with pattern of traffic at the network node, (for example: Transaction
Per Second (TPS)), an error occurrence data (for e.g., data indicating a frequency of an occurrence of an error), historical event related data that impacts performance of network, and data associated with resolution of the one or more service degradation events (for e.g. failure to meet SLA (Service Level Agreement)
20 targets for metrics such as latency/frame delay etc.).
[00071] Furthermore, the identification unit [106] is connected at least with
the analysis unit [104]. The identification unit [106] is configured to identify one or more service degradation events based on the analysis of the set of data.
25
[00072] Furthermore, the service degradation events refer to instances where
there is a decline in service quality that does not constitute a complete service disruption or result from an Excluded Disruption such as failure to meet SLA (Service Level Agreement) targets for metrics such as Latency/Frame Delay,
30 Jitter/Frame Delay Variation, or Packet/Frame Loss etc.
22

5 [00073] The present disclosure encompasses that the one or more service
degradation events correspond to at least one from among an overloading
situation at a 5th generation (5G) network, an increase of traffic at the 5G network
and an occurrence of one or more service impacting errors at the 5G network. The
one or more service impacting errors refers to situations where errors or
10 malfunctions arise within the 5G network infrastructure that directly affect the
services provided over that network for example dropped connections, slow data speeds, or complete service outages.
[00074] The overloading situation refers to a scenario where the network
15 experiences a surge or excessive load of traffic or data beyond its capacity to
handle efficiently. This overload can occur due to various factors such as sudden spikes in user demand, unexpected events, or failures in network elements.
[00075] The present disclosure encompasses that the one or more service
20 degradation events are identified when severity of one or more events passes a
threshold value. The one or more events may include but not limited to at least
one of a data transmission event, and a network load handling capacity
measurement, etc. Considering an example where a threshold related to a data
transmission at a node N1 is “X” mbps and the data transmission requirement at
25 the node N1 exceeds the value “X” mbps then a service degradation event (i.e., an
event indicating a requirement to enhance the data transmission capability at the
node N1) is identified as per the present disclosure. Further, the threshold value
is defined based on the analysis of the set of data using the trained model.
Furthermore, the present disclosure encompasses that the threshold may be a
30 pre-defined threshold at the initial level and may vary depending on the training
of the trained model on the degradation event related historical data.
23

5 [00076] For example, the identification unit [106] may process the analysed
data received from the analysis unit [104] to extract various indicators within the
data to pinpoint instances where network performance falls below or exceeds the
threshold values to identify the one or more service degradation events. The
identification unit [106] proactively identifies and responds to such events,
10 thereby safeguarding the integrity and reliability of the 5G network and ensuring
optimal user experiences.
[00077] Furthermore, the alert unit [108] is connected at least with the
identification unit [106] and receives information relating to the one or more
15 service degradation events from the identification unit [106]. The alert unit [108]
is configured to alert a Network Management System (NMS) based on the identification of the one or more service degradation events. This ensures that the events which could be responsible for affecting the service may be diagnosed at the earliest and thus overall saves time, resources and computation power. The
20 present disclosure further allows the overall monitoring of the service degradation
event and thus prevents manual computation at various proxy level which indirectly saves time to respond to the event.
[00078] The Network Management System (NMS) refers to a centralized
25 platform or suite of tools designed to monitor, control, configure, and optimize
the network infrastructure. The primary goal of an NMS in a 5G environment is to
ensure the efficient operation and performance of the network, as well as to
enable proactive management and troubleshooting of network issues. Preferably,
the NMS is designed to efficiently deploy, monitor, optimize, and troubleshoot 5G
30 networks. It encompasses various aspects, including resource allocation, network
slicing, Quality of Service (QoS) management, security, and automation.
24

5 [00079] Additionally, the determination unit [110] of the network node [100]
is configured to determine a system and performance statistics at a time interval
that is at least one of regular, on-demand, and configurable. The fetching unit
[112] of the network node [100] is configured to use the trained model for fetching
the determined system and performance statistics from the SCP, wherein the time
10 interval for fetching is set based on a policy defined by an operator. The operator
of the system pre-defines the policy which also includes a pre-defined time interval, hereby enabling the trained model to monitor and analyse health and performance of a set of 5G network services in a dynamic and adaptable manner.
15 [00080] For instance, the network node [100] of the present disclosure may be
implemented by any telecommunication provider. The telecommunication provider may have deployed a large-scale 5G network and within this network, numerous network nodes are strategically positioned to ensure optimal coverage and connectivity for users across urban, suburban, and rural areas.
20
[00081] The network node [100] comprises the transceiver unit [102], which
serves as the data intake mechanism, gathering a set of data from various sources. These sources include connected network nodes such as base stations and routers, client-based network functions running on end-user devices, local servers hosting
25 applications and services, and cloud-based servers providing scalable computing
and storage resources.
[00082] The set of data includes traffic-based data, signal data, user data, data
associated with pattern of traffic at the network node [100], historical data,
30 occurrence of events that impact performance of network, data associated with
resolution of the one or more service degradation events. Once the data is collected, it undergoes rigorous analysis by the analysis unit [104], which employs
25

5 the trained model to examine the set of data. This analysis encompasses
identification of one or more traffic patterns, one or more signal quality metrics, user behaviour, historical data, and more specifically, providing deep insights into the network’s performance.
10 [00083] Further, based on the analysis, the identification unit [106] identifies
one or more action, flagging any anomalies or service degradation events detected within the network. These events could range from sudden spikes in traffic, congestion at specific network nodes, to errors impacting service delivery. Upon identification of such events, the alert unit [108] immediately notifies the Network
15 Management System (NMS) operated by the telecommunications provider. The
NMS receives real-time alerts, enabling one or more network operators to swiftly respond to the detected anomalies.
[00084] The present disclosure encompasses that the network node also
20 comprises of a storage unit [114] that is configured to store data associated with
implementation of the features of the present disclosure, such as the set of data received by the transceiver unit [102], the analysed data generated by the analysis unit [104], the one or more service degradation events identified by the identification unit [106], the alerts generated by the alert unit [108], etc. 25
[00085] Referring to FIG. 2 an exemplary method [200] flow diagram, for
identification of one or more degradation events, in accordance with exemplary
implementations of the present disclosure is shown. In an implementation the
method [200] is performed by the network node [100]. In another
30 implementation, the method [200] may be implemented on a 5G network
architecture [300] as depicted in FIG. 3.
26

5 [00086] As shown in FIG.2, the method [200] starts at step [202]. The present
disclosure encompasses that the method [200] is a continuous process and thus is not initiated based on any trigger. Instead, the present disclosure provides a proactive solution and thus initiation of the method [200] is not dependent on any trigger. 10
[00087] At step [204], the method [200] as disclosed by the present disclosure
comprises receiving, by the transceiver unit [102] of a network node [100], a set
of data from a plurality of sources. The present disclosure encompasses that the
plurality of sources comprises at least one of connected network nodes, client-
15 based network functions, local servers and cloud-based servers. The present
disclosure encompasses that the set of data include but not limited to at least one
of a traffic-based data, a signal data, a user data, a data associated with pattern of
traffic at the network node (for example: Transaction Per Second (TPS)), an error
occurrence data (for e.g., data indicating a frequency of an occurrence of an error),
20 a historical data (for e.g., a data indicating details of historical actions performed
at a network node etc.), an occurrence of events that impact performance of
network, and data associated with resolution of the one or more service
degradation events (for e.g. failure to meet SLA (Service Level Agreement) targets
for metrics such as latency/frame delay etc.).
25
[00088] For example, the transceiver unit [102] receives a set of data such as
traffic-based data, signal data, user data, data delineating patterns of traffic at
network nodes, historical data archives, and records of events impacting network
performance from the plurality of source such as base stations, end-user devices
30 like smartphones and IoT devices. Hence, the transceiver unit [102] ensures a
robust data acquisition across a dynamic and interconnected network landscape.
27

5 [00089] Next, at step [206], the method [200] as disclosed by the present
disclosure comprises analysing, by an analysis unit [104] of the network node [100], the set of data using the trained model. The present disclosure encompasses that the trained model is a machine learning (ML) based model.
10 [00090] Particularly, the trained model refers to a machine learning model that
has undergone a training process using a dataset to learn patterns, relationships, or features from the data. For example, the ML based model may include but not limited to a trained convolutional neural networks (CNNs), a trained recurrent neural networks (RNNs) or other trained deep learning models.
15
[00091] For instance, in another example, the set of data may be analysed
using the trained model to identify the degradation events at the network level and more particularly at the SCP level. For instance, the data may be analysed in real-time to identify occurrence of errors such as (4XX error) code, (5XX error)
20 code at the Network.
[00092] Next, at step [208], the method [200] as disclosed by the present
disclosure comprises identifying, by an identification unit [106] of the network
node [100], the one or more service degradation events based on the analysis of
25 the set of data. The trained model may process the set of data to identify the one
or more service degradation events at the network level and more particularly at the SCP level.
[00093] Furthermore, the service degradation events refer to instances where
30 there is a decline in service quality that does not constitute a complete service
disruption or result from an Excluded Disruption. Examples include failure to meet
28

5 SLA (Service Level Agreement) targets for metrics such as Latency/Frame Delay,
Jitter/Frame Delay Variation, or Packet/Frame Loss etc.
[00094] The present disclosure encompasses that the one or more service
degradation events correspond to at least one from among an overloading
10 situation at a 5th generation (5G) network, an increase of traffic at the 5G network,
and an occurrence of one or more service impacting errors at the 5G network.
[00095] The present disclosure encompasses that the one or more service
degradation events are identified when severity of one or more events passes a
15 threshold value, wherein the threshold value is defined based on the analysis of
the set of data using the trained model. Further, the present disclosure encompasses that the threshold may be a pre-defined threshold at the initial level and may vary depending on the training of the trained model on the degradation event related historical data.
20
[00096] For example, the identification unit [106] processes the analysed data
received from the analysis unit [104] to extract various indicators and patterns within the data to pinpoint instances where network performance falls below or exceeds above the threshold values to identify the one or more service
25 degradation events. The identification unit [106] proactively identify and respond
to such events, thereby safeguarding the integrity and reliability of the 5G network and ensuring optimal user experiences.
[00097] Next, at step [210], the method [200] as disclosed by the present
30 disclosure comprises alerting, by an alert unit [108] of the network node [100], the
Network Management System (NMS) based on the identification of the one or
more service degradation events. This ensures that the events which could be
29

5 responsible for affecting the service may be diagnosed at the earliest and thus
overall saves time, resources and computation power. The present disclosure
further allows the overall monitoring of the service degradation event and thus
prevent manual computation at various proxy level which indirectly save time to
respond to the event, eliminate complexity of the system. In an example, the NMS
10 may include entities associated with the management of the network issues such
as network managing users, issue handling teams, platforms and the like. The alert may be at least one of text-based alert, voice-based alert, visual based alert.
[00098] The present disclosure also encompasses that the method further
15 comprises determining, by a determination unit [110] associated with the Service
Communication Proxy (SCP) of the 5G network, a system and performance
statistics at a time interval that is at least one of regular, on-demand, and
configurable. The method further comprises fetching, by a fetching unit [112] via
the trained model, the determined system and performance statistics from the
20 SCP, wherein the time interval for fetching is set based on a policy defined by an
operator, thereby enabling the trained model to monitor and analyse health and performance of a set of 5G network services in a dynamic and adaptable manner.
[00099] For example, a network operator may define a time interval such as 5
25 seconds or 30 seconds, at which a performance statistics is fetched. Further, the
time interval may form a part of a configuration file.
[000100] Thereafter, the method terminates at step [212].
30 [000101] For example, the method of the present disclosure may be
implemented by any telecommunication provider. The telecommunication provider may have deployed a large-scale 5G network and within this network,
30

5 numerous network nodes are strategically positioned to ensure optimal coverage
and connectivity for users across urban, suburban, and rural areas. The method initiates by receiving a set of data from various sources. These sources include connected network nodes such as base stations and routers, client-based network functions running on end-user devices, local servers hosting applications and
10 services, and cloud-based servers providing scalable computing and storage
resources. The set of data includes traffic-based data, signal data, user data, data associated with pattern of traffic at the network node, historical data, occurrence of events that impact performance of network, data associated with resolution of the one or more service degradation events. Once the data is received, it
15 undergoes rigorous analysis by the analysis unit [104], which employs the trained
model to examine the set of data. This analysis encompasses identification of one or more traffic patterns, one or more signal quality metrics, user behaviour, historical data, and more specifically, providing deep insights into the network’s performance. Further, based on the analysis, the method include identification by
20 the identification unit [106], one or more action, flagging any anomalies or service
degradation events detected within the network. These events could range from sudden spikes in traffic, congestion at specific network nodes, to errors impacting service delivery. Upon identification of such events, the alert unit [108] immediately notifies the Network Management System (NMS) operated by the
25 telecommunications provider. The NMS receives real-time alerts, enabling one or
more network operators to swiftly respond to the detected anomalies.
[000102] Referring to FIG. 3, an exemplary 5G network architecture [300] that
illustrates the implementation of a method for identifying service degradation
30 events in accordance with exemplary embodiments of the present disclosure is
shown. The architecture comprises a network function (NF) of the 5G core network (5GCN) such as Policy Control Function (PCF) [302], a Session
31

5 Management Function (SMF) [304], an Access Management Function (AMF) [306],
a Service Communication Proxy (SCP) [308], a SCP-Controller [310], a Service Communication Proxy Performance AI (SCP-pAI) [312], and one or more notification interfaces [314].
10 [000103] The SCP Controller has information of all 5G SCP Proxies available in
the 5GCN. The SCP Proxy registers with SCP Controller on a dynamic addition. Also, the SCP-pAI may synchronize with SCP Controller to get a list of SCP Proxies deployed in 5GCN.
15 [000104] Further, the SCP-pAI is an artificial intelligence (AI) module which
processes the performance statistics fetched from all SCP Proxies and decide a performance degrade event and generate an alternate routing path in case required.
20 [000105] The one or more notification interfaces [314] are interfaces of a
notification application programming interface that is used to configure and display one or more notifications to the one or more user.
[000106] Based on the implementation of features as disclosed in the present
25 disclosure, at the SCP Proxy [308], plurality of system and performance statistics
are determined at regular intervals. Subsequently, the SCP-pAI [312] fetches the
determined data from the SCP Proxy [308] at regular intervals, with the interval
dependent on operator policy. The SCP-pAI [312] then stores the data in the
storage unit [114]. Further by using artificial intelligence (AI), the SCP-pAI [312]
30 predicts the threshold for a set of Key Performance Indicators (KPIs), which may
include but are not limited to Error code percentage KPI, Load Information KPI, Request Timeout KPI, and Request Failure KPI. The SCP-pAI [312] compares the
32

5 current value of KPIs with the predicted values and raises an alert in case of breach
via one or more notification interfaces. Thus, the present disclosure ensures the robust functioning of the 5G network.
[000107] Fig. 4 illustrates an exemplary block diagram of a computing device
10 [1000] upon which an embodiment of the present disclosure may be
implemented. In an implementation, the computing device [1000] implements the
method [200] for identification of one or more service degradation events using
the network node [100]. In another implementation, the computing device [1000]
itself implements the method [200] for identification of one or more service
15 degradation events using one or more units configured within the computing
device [1000], wherein said one or more units are capable of implementing the features as disclosed in the present disclosure.
[000108] The computing device [1000] may include a bus [1002] or other
20 communication mechanism for communicating information, and a hardware
processor [1004] coupled with bus [1002] for processing information. The
hardware processor [1004] may be, for example, a general purpose
microprocessor. The computer system [1000] may also include a main memory
[1006], such as a random access memory (RAM), or other dynamic storage device,
25 coupled to the bus [1002] for storing information and instructions to be executed
by the processor [1004]. The main memory [1006] also may be used for storing
temporary variables or other intermediate information during execution of the
instructions to be executed by the processor [1004]. Such instructions, when
stored in non-transitory storage media accessible to the processor [1004], render
30 the computer system [1000] into a special-purpose machine that is customized to
perform the operations specified in the instructions. The computer system [1000]
further includes a read only memory (ROM) [1008] or other static storage device
33

5 coupled to the bus [1002] for storing static information and instructions for the
processor [1004].
[000109] A storage device [1010], such as a magnetic disk, optical disk, or solid-
state drive is provided and coupled to the bus [1002] for storing information and
10 instructions. The computer system [1000] may be coupled via the bus [1002] to a
display [1012], such as a cathode ray tube (CRT), for displaying information to a computer user. An input device [1014], including alphanumeric and other keys, may be coupled to the bus [1002] for communicating information and command selections to the processor [1004]. Another type of user input device may be a
15 cursor control [1016], such as a mouse, a trackball, or cursor direction keys, for
communicating direction information and command selections to the processor [1004], and for controlling cursor movement on the display [1012]. This input device typically has two degrees of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allow the device to specify positions in a plane.
20
[000110] The computer system [1000] may implement the techniques described herein using customized hard-wired logic, one or more ASICs or FPGAs, firmware and/or program logic which in combination with the computer system [1000] causes or programs the computer system [1000] to be a special-purpose machine.
25 According to one embodiment, the techniques herein are performed by the
computer system [1000] in response to the processor [1004] executing one or more sequences of one or more instructions contained in the main memory [1006]. Such instructions may be read into the main memory [1006] from another storage medium, such as the storage device [1010]. Execution of the sequences of
30 instructions contained in the main memory [1006] causes the processor [1004] to
perform the process steps described herein. In alternative embodiments, hard-
34

5 wired circuitry may be used in place of or in combination with software
instructions.
[000111] The computer system [1000] also may include a communication interface [1018] coupled to the bus [1002]. The communication interface [1018]
10 provides a two-way data communication coupling to a network link [1020] that is
connected to a local network [1022]. For example, the communication interface [1018] may be an integrated services digital network (ISDN) card, cable modem, satellite modem, or a modem to provide a data communication connection to a corresponding type of telephone line. As another example, the communication
15 interface [1018] may be a local area network (LAN) card to provide a data
communication connection to a compatible LAN. Wireless links may also be implemented. In any such implementation, the communication interface [1018] sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information.
20
[000112] The computer system [1000] can send messages and receive data, including program code, through the network(s), the network link [1020] and the communication interface 1018. In the Internet example, a server [1030] might transmit a requested code for an application program through the Internet [1028],
25 the ISP [1026], the Host [1024], the local network [1022] and the communication
interface [1018]. The received code may be executed by the processor [1004] as it is received, and/or stored in the storage device 1010, or other non-volatile storage for later execution.
30 [000113] Further, an aspect of the present disclosure relates to a non-transitory
computer readable storage medium storing instructions for identification of one or more service degradation events. The instructions include an executable code
35

which when executed by one or more units of a network node, causes: a transceiver unit of the network node to receive a set of data from a plurality of sources; an analysis unit of the network node to analyse the set of data using a trained model; an identification unit of the network node to identify the one or more service degradation events based on the analysis of the set of data; and an alert unit of the network node to alert a Network Management System (NMS) based on the identification of the one or more service degradation events.
[000114] As it is evident from the above, that the present disclosure offers a technologically advanced solution for proactive monitoring of 5G core network functions, aimed at detecting real-time or near real-time anomalies by computing various system and performance statistics. Utilizing SCP Proxy instances, the solution employs SCP-pAI to fetch system and performance statistics, predict thresholds for various Key Performance Indicators (KPIs) using artificial intelligence (AI) and historical data, and notify any anomalies to the Network Management System (NMS) through various means such as including but not limited to social platforms such as SMS or email. This technically advanced approach not only saves time in resolving or diagnosing errors but also identifies root causes using AI-based solutions, reducing complexity at the network level. By providing a homogeneous bird's-eye view of 5G core services from a single system, the system minimizes the need for complex integration with other Network Function types, except SCP, for service level and other analyses. Overall, the present disclosure represents a significant technical advancement in network management by offering enhanced efficiency, proactive anomaly detection, and streamlined troubleshooting processes.
[000115] While considerable emphasis has been placed herein on the disclosed implementations, it will be appreciated that many implementations can be made

and that many changes can be made to the implementations without departing from the principles of the present disclosure. These and other changes in the implementations of the present disclosure will be apparent to those skilled in the art, whereby it is to be understood that the foregoing descriptive matter to be implemented is illustrative and non-limiting.

We Claim:
1. A method [200] for identification of one or more service degradation
events, the method [200] comprising:
receiving, by a transceiver unit [102] of a network node [100], a set of data from a plurality of sources;
analysing, by an analysis unit [104] of the network node [100], the set of data using a trained model;
identifying, by an identification unit [106] of the network node [100], the one or more service degradation events based on the analysis of the set of data; and
alerting, by an alert unit [108] of the network node [100], a Network Management System (NMS) based on the identification of the one or more service degradation events.
2. The method [200] as claimed in claim 1, wherein the one or more service degradation events correspond to at least one from among an overloading situation at a 5th generation (5G) network, an increase of traffic at the 5G network, and an occurrence of one or more service impacting errors at the 5G network.
3. The method [200] as claimed in claim 2, wherein the network node [100] is a Service Communication Proxy (SCP) of the 5G network.
4. The method [200] as claimed in claim 3, further comprising:
determining, by a determination unit [110] associated with the Service Communication Proxy (SCP) of the 5G network, a system and performance statistics at a time interval that is at least one of regular, on-demand, and configurable; and

fetching, by a fetching unit [112] via the trained model, the determined system and performance statistics from the SCP, wherein the time interval for fetching is set based on a policy defined by an operator, thereby enabling the trained model to monitor and analyse health and performance of a set of 5G network services in a dynamic and adaptable manner.
5. The method [200] as claimed in claim 1, wherein the plurality of sources comprises at least one of connected network nodes, client-based network functions, local servers and cloud-based servers.
6. The method [200] as claimed in claim 1, wherein the set of data comprises at least one of a traffic-based data, a signal data, a user data, a data associated with pattern of traffic at the network node, a historical data, an occurrence of events that impact performance of network, and a data associated with resolution of the one or more service degradation events.
7. The method [200] as claimed in claim 1, wherein the one or more service degradation events are identified when severity of one or more events passes a threshold value, wherein the threshold value is defined based on the analysis of the set of data using the trained model.
8. The method [200] as claimed in claim 1, wherein the trained model is a machine learning (ML) based model.
9. A network node [100] for identification of one or more service degradation events, the network node [100] comprising:

a transceiver unit [102] configured to receive a set of data from a plurality of sources;
an analysis unit [104] connected at least with the transceiver unit [102], the analysis unit [104] is configured to analyse the set of data using a trained model;
an identification unit [106] connected at least with the analysis unit [104], the identification unit [106] is configured to identify the one or more service degradation events based on the analysis of the set of data; and
an alert unit [108] connected at least with the identification unit [106], the alert unit is configured to alert a Network Management System (NMS) based on the identification of the one or more service degradation events.
10. The network node [100] as claimed in claim 9, wherein the one or more service degradation events correspond to at least one from among an overloading situation at a 5th generation (5G) network, an increase of traffic at the 5G network, and an occurrence of one or more service impacting errors at the 5G network.
11. The network node [100] as claimed in claim 10, wherein the network node [100] is a Service Communication Proxy (SCP) of the 5G network.
12. The network node [100] as claimed in claim 11, further comprising:
a determination unit [110] configured to determine a system and performance statistics at a time interval that is at least one of regular, on-demand, and configurable; and
a fetching unit [112] configured to fetch via the trained model, the determined system and performance statistics from the SCP, wherein the time interval for fetching is set based on a policy defined by an operator,

thereby enabling the trained model to monitor and analyse health and performance of a set of 5G network services in a dynamic and adaptable manner.
13. The network node [100] as claimed in claim 9, wherein the plurality of sources comprises at least one of connected network nodes, client-based network functions, local servers, and cloud-based servers.
14. The network node [100] as claimed in claim 9, wherein the set of data comprises at least one of a traffic-based data, a signal data, a user data, a data associated with pattern of traffic at the network node, a historical data, an occurrence of events that impact performance of network, and a data associated with resolution of the one or more service degradation events.
15. The network node [100] as claimed in claim 9, wherein the one or more service degradation events are identified when severity of one or more events passes a threshold value, wherein the threshold value is defined based on the analysis of the set of data using the trained model.
16. The network node [100] as claimed in claim 9, wherein the trained model is a machine learning (ML) based model.