WO2000044174A1 - Detection of duplicate participants in a two-way modem environment - Google Patents
Detection of duplicate participants in a two-way modem environment Download PDFInfo
- Publication number
- WO2000044174A1 WO2000044174A1 PCT/US2000/001021 US0001021W WO0044174A1 WO 2000044174 A1 WO2000044174 A1 WO 2000044174A1 US 0001021 W US0001021 W US 0001021W WO 0044174 A1 WO0044174 A1 WO 0044174A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- subscriber unit
- network
- transmission characteristic
- adjustment data
- clone
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N17/00—Diagnosis, testing or measuring for television systems or their details
- H04N17/004—Diagnosis, testing or measuring for television systems or their details for digital television systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
- H04N7/17309—Transmission or handling of upstream communications
Definitions
- CM - Cable Modem CM - Cable Modem
- CMTS Cable Modem Termination System
- CPE Customer Premises Equipment
- the present invention relates to subscriber networks, such as HFC cable television networks, and more particularly to controlling access to services provided over the network.
- the invention is particularly suitable for use with networks with subscriber terminals/set-top boxes that use two-way modems, such as CMs, that are connected to the network.
- Such modems are increasingly being used to allow network users to send and receive data, such as from the Internet data, at relatively high speeds.
- the modems may also provide telephony capabilities.
- the invention also is useful generally for terminals that have any upstream signaling capability via the network, e.g., to a network headend.
- terminal "set-top box”, “cable modem” and the like are used interchangeably.
- Unauthorized persons (“pirates” or “attackers”) have been successful in gaining access to networks using various attack techniques .
- One possible attack on a network of the type described above is to move the permanent identity of a first subscriber unit (e.g., a CM or other CPE) , for which a subscriber has paid for the services provided by the network, to a second "clone" subscriber unit in the network.
- the first subscriber unit is known as the "clone master.” This cloning can be performed if the security information or unit ID of the first subscriber unit is not protected from theft.
- Such cloning allows a single individual to purchase programming or other data services legitimately from the network, and then sell to others for a profit, without authorization, the ability (along with possibly modified terminals) to access the services .
- An alternative motivation is the theft of the identity of a unit, then selling that identity to persons wishing to illegally use other network services and not pay. For example, current networks users who pay for a basic level of services can obtain enhanced services without paying. The network operator can incur significant revenue losses if the identity of the compromised unit were used, for example, to access long distance telephone services or gain free unlimited Internet access, e.g., via a CM. To remain undetected in the network, the cloned unit must possess all of the characteristics of the clone master.
- the clone will merely use the bandwidth and ID of the clone master. Moreover, if a clone unit has multiple (N) clone IDs, any of these identities can be used to gain access to the network.
- a concentration ratio of N:l allows the cloned units to operate in the network with little chance of collision, if N is large enough .
- the cloned units can continue to operate undetected if the network operator (e.g., the CMTS and associated servers operated by or for the service provider) does not detect any noticeable anomalies in the network's traffic, such as multiple IP addresses, increased traffic flows, etc.
- the clones can continue to operate undetected even though the network operator verifies the identity of the unit that sends an upstream message. This is achieved because the verification of an ID of the subscriber unit (e.g., a CM or other CPE) is performed before the modem is registered with the network.
- the ID may specify a manufacturer's serial number, IEEE MAC address, and so forth.
- a cloned network element will remain undetected as long as there are no discernable differences between any of the master and cloned units, and they operate within the network in a logical and physically possible manner.
- one method for detecting cloned analog cell phones is to identify telephone calls that originate from physically distant parts of the network within a short time window.
- such methods of clone detection are marginally effective at identifying cloned phones since unauthorized calls within the same general vicinity (e.g., same city) as unauthorized calls cannot be flagged.
- data indicating the location, such as which network cell is used must be communicated upstream to a central processing facility.
- this technique is not easily used in a subscriber network such as an HFC cable television network since there is no provision to identify the network path (e.g., branch or hub) that is traveled by an upstream message from a clone terminal .
- CMs cloned units
- the system should be implementable with relatively low cost and complexity, and without significant disruptions in service.
- CM service or telephony service e.g., HFC cable television and the like
- subscriber units e.g., modems
- the system should be compatible with the "Data Over Cable Service Interface Specification RF Interface” (DOCSIS RFI) standard.
- DOCSIS RFI Data Over Cable Service Interface Specification RF Interface
- the present invention provides a system having the above and other advantages .
- the present invention provides for the detection of duplicate participants in a network having a terminal population with two-way communication capabilities by analyzing transmission differences in the physical layer of the network.
- the physical layer is concerned with transmitting raw bits over a communication channel.
- Examples of physical layer attributes that can be used in accordance with the invention to identify a subscriber unit are unit timing offset, unit frequency offset, unit power offset, and unit spectral characteristics.
- the pirate unit can continue to operate as a clone of a clone master in the network if it remains undetected.
- the invention determines that a cloned ID is being used by detecting differences in any detectable characteristics of the cloned subscriber unit that distinguish it from other cloned subscriber units (of the same ID) or from the cloned master. Since the cloned units' transmissions do not all take the same upstream path in the network to the CMTS, differences in these paths present an opportunity for detecting piracy by uniquely identifying units that attempt to appear identical to the CMTS and the network. Thus, differences in the return path can be used in accordance with the invention to "tag" each unit uniquely. This approach not only relies on the assumed differences in path length, but it also relies on each of the clone modems not knowing the exact details of the corrections (adjustments) sent to the clone master.
- a particular method for detecting a clone subscriber unit in a communication network includes the step of recording a transmission characteristic of an original subscriber unit authorized for use in the network.
- the recorded transmission characteristic is compared to a comparable transmission characteristic of a subscriber unit on the network alleging to be the original subscriber unit.
- the alleging unit may have the same ID in its upstream messages as the authorized unit.
- a difference between the compared transmission characteristics indicates that the alleging subscriber unit is a clone subscriber unit.
- the observed transmission characteristic may include: (1) propagation time, (2) frequency, (3) power, and (4) spectral characteristics.
- an enhancement involves providing data for adjusting the assigned transmit time a subscriber unit at a lower resolution than the resolution at which the offset is initially determined. In this manner, even if the clone subscriber unit intercepts the offset and attempts to adjust its own transmit time accordingly, the CMTS can still detect when the transmit time offset is out of the expected range .
- the enhancement can be extended to the other characteristics .
- FIG. 1 is a block diagram of an HFC network embodying the present invention.
- FIG. 2 illustrates a headend, authorized customer premises equipment (CPE) , and clone CPE in a subscriber network in accordance with the present invention.
- CPE authorized customer premises equipment
- FIG. 3(a) illustrates the calculation of a signal propagation time before ranging in accordance with the present invention.
- FIG. 3(b) illustrates a ranging region in accordance with the present invention.
- FIG. 3(c) illustrates assigned upstream transmission slots after ranging in accordance with the present invention.
- FIG. 3 (d) illustrates an uncertainty region for signal propagation time in accordance with the present invention.
- FIG. 4 illustrates measurement of the power spectrum of a received upstream signal at a headend in accordance with the present invention.
- FIG. 1 illustrates, in block diagram form, an HFC cable television plant in which the invention can be implemented.
- a transmitter and receiver located at a cable headend 10 i.e., service provider equipment such as a CMTS
- CPE subscriber units 14, 16, 18
- FIG. 2 illustrates a headend 200, authorized customer premises equipment (CPE) 276, and clone CPE 274 in a subscriber network.
- the cable headend 200 includes a control 212, clock 215, database 210, transmitter 220, receiver 230, and a programming services function 255.
- the programming services function 255 may provide television programs on the network, for example.
- the receiver 230 is associated with a time offset function 235, a frequency offset function 240, a power offset function 245, and a spectral characteristics offset function 250.
- the control 212 provides overall management of the functions at the headend 200.
- the transmitter 220 transmits data via a hub 260, a network link 265, and example hubs 270 and 272 to an authorized CPE (i.e., a master unit) .
- the transmitter transmits data via the example hubs 270 to an example clone CPE 274. Any number of clone units may be present in a network.
- the clone CPE 274 includes a control 282, a transmitter 284, and a receiver 288.
- the transmitter 284 further includes a clock 285, an identifier (ID) function 286, and a filter with filter coefficients 287.
- the authorized CPE 276 includes a control 290, a transmitter 292 (with a clock 294, an ID function 296, and a filter with filter coefficients 296), and a receiver 299.
- Each of the CPE units 274, 276 can send upstream signals to, and receive signals from, the headend (or CMTS) 200.
- the upstream signals can be for accessing the Internet, general IP-based media services or placing telephone calls.
- a television, PC or other output devices are associated with each CPE unit.
- the data transmitted to the units 274, 276 includes data related to the service being used, along with data from the headend 200 for assigning time slots for the units to transmit upstream according to their respective bandwidth needs .
- transmission characteristics of the upstream signals are measured by the headend 200 to detect clones. These characteristics can include one or more of: (1) propagation time, (2) frequency, (3) power, and (4) spectral characteristics. Each of these is described in greater detail below.
- propagation/receive time of upstream signals from the units is measured.
- the ability to physically locate a subscriber unit within a network is a key factor in eliminating a timing offset attack. If the pirate can spoof the system into believing that the CPE is located in another physical location in the network, there is very little the network operator can do to locate the clone or pirate unit. This is especially true if the pirate unit is transmitting from a virtual location in the network that, to the headend, appears to be the same location as the legitimate modem.
- the "Data Over Cable Service Interface Specification RF Interface” (DOCSIS RFI) specification available at www . cablemodem . com defines a network wide timestamp that is broadcast to all units which are part of the network domain. For this discussion a "domain” and a "CMTS broadcasting on a single downstream channel” are considered to be the same.
- the DOCSIS specification defines a periodically-transmitted message that contains a 32 -bit timestamp. The least significant bit (LSB) of this timestamp is in units of 6.25 ⁇ sec/64 and is based upon a 10.24 MHz clock.
- the CPE modem uses this timestamp to: 1) synchronize an internal reference clock, and 2) define an exact (to within some small guard time) time to transmit on the upstream channel .
- the burst arrival times of the individual subscriber units are normalized to make all of the modems appear the same virtual distance from the headend.
- the DOCSIS system achieves this by a process called "ranging.”
- FIG. 3(a) illustrates the calculation of a signal propagation time before ranging in accordance with the present invention.
- a time offset tl (300) from a first cable modem, CMl is the measured propagation time for a signal to travel from CMl to the CMTS, and corresponds to the physical propagation distance.
- a time offset t2 (310) from a second cable modem, CM2 is the measured propagation time for a signal to travel from CM2 to the CMTS.
- FIG. 3(b) illustrates a ranging region in accordance with the present invention.
- a ranging region 320 is defined for all of the CMs in the network, from the CM that is closest to the CMTS, to the CM that is farthest from the CMTS.
- the CMl has a time offset 302 for transmitting messages at tl ⁇ tl, where ⁇ tl is an uncertainty due to the clock rate used at the headend.
- CM2 has a time offset 312 for transmitting messages at t2 ⁇ .2 , where A ⁇ t2 is the corresponding uncertainty.
- the ranging region 320 defined within the upstream bandwidth assignment is wide enough to accommodate the closest and farthest CPE from the CMTS receiver 230.
- the CMTS receiver 230 measures the arrival time of the ranging burst (the burst defined to occur within this region) , and determines the propagation time based on a difference between the local time, as determined by the clock 215, and an assigned upstream transmission time based on the clocks 285, 294.
- Clocks 285, 294 are synchronized to clock 215 via the system timestamp.
- the time offset is determined by a time offset function 235. The differences are then sent as a timing offset to the
- CPEs 274, 276 in a ranging response message and used as adjustment factors for the modem upstream transmission times .
- the CMTS receiver knows the absolute propagation time and transmission path length of every CPE on the network within that domain.
- the propagation constants for coax cable and optical fiber are approximately 88% and 69%, respectively, of that for free space.
- the ratio of coax to fiber is generally known by the plant manager, but will vary greatly in different networks. Since it is not feasible to determine the exact ratio of coax to fiber in any single plant, the free space propagation constant can be used as the worst case. In addition, if the sampling rate is doubled (20.48 MHz), a worst case resolution of approximately 50 feet is achieved. Other changes in the sampling rate will affect the resolution accordingly.
- FIG. 3(c) illustrates assigned upstream transmission slots after ranging in accordance with the present invention.
- the assigned upstream transmission slots 330 show CMl and CM2 transmitting at the assigned times, 304 and 314, respectively, with the associated uncertainties.
- FIG. 3(d) illustrates an uncertainty region for signal propagation time in accordance with the present invention.
- the uncertainty region 350 accounts for the uncertainties of all subscriber units (CMs) in the network, which can amount to hundreds or thousands of units .
- the uncertainty region width represents the worst case uncertainty based on the measurement resolution of the burst in the headend and the value of the LSB in the ranging offset sent to the CMs.
- the CMl burst 306 and CM2 burst 316 are shown as being offset from the expected receive time 340 by the corresponding uncertainties.
- a clone subscriber unit can be detected by measuring the propagation time of each upstream message having a given unit ID.
- the invention allows the network operator to determine that multiple subscriber units having the same identity are present in the network. It is also possible to detect the movement of a single subscriber unit within the network. With respect to propagation time differences, as mentioned above, the CMTS (or a comparable service provider apparatus) normalizes all of the subscriber units to appear as if they were at a zero distance from the CMTS even though they are physically located at different distances from the CMTS.
- CMl is the clone master which has a valid network subscription
- CM2 is a clone of that modem. Note that there is additional out-of-band coordination required between clone master CMs and cloned CMs for DOCSIS transmission assignments and power control.
- a clone first performs ranging as described in the previous section. However, the clone does not use its own MAC address during the initial ranging process.
- CMTS uses a MAC address of some other valid CM, or possibly even some random MAC address, if the CMTS will accept it .
- the clone After this initial ranging, the clone will know its time offset from the CMTS, i.e., t2. The intrusion detection technique described earlier will not catch this clone, because it is not using its MAC address. In fact, if the clone uses a MAC address of another valid CM, an attempt at the intrusion detection could result in de-authorization of a valid CM, i.e., a denial of service attack.
- CM2 the cable modem clone performs initial ranging using a random but valid MAC address to obtain its ranging offset, t2 , from the CMTS (as illustrated earlier) .
- CM2 which has the identity (including the MAC address) of the clone master, listens for the clone master initial ranging information. Based on detecting ("snooping") the initial ranging response from the CMTS to the clone master (or through some out-of-band method), CM2 now knows the value of tl.
- CM2 then calculates the difference between its time offset (t2) and the clone master's time offset
- CM2 can now perform subsequent initial ranging using the clone master ID and appear to the CMTS as if it was at the same location as CMl (the clone master) . CM2 can do this by sending a ranging request t2-tl seconds earlier than it is supposed to.
- CM2 can now monitor (“sniff") the downstream to note any use of CMl (or through out-of-band methods) and, if clear, CM2 can request upstream transmission slots using CMl ' s identity.
- the headend sees the transmission in the correct assignment with the correct time offset and cannot tell the difference without more a sophisticated transmission arrival time detection scheme.
- An advantage of this method for the attacker is that the CMTS only sees one transient ranging request with an ID that is not subscribed. All subsequent initial ranging will be performed by one of the cloned modems that are using the clone master's identity.
- the intrusion detection techniques described herein can be enhanced to detect these more sophisticated attacks by increasing the frequency of the sampling clock at the CMTS (or other comparable service provider apparatus) such that a resolution of greater than, e.g., 100 feet is obtained. This provide additional ranging resolution, which may allow additional cloned units to be detected.
- Another enhancement is to decrease the number of bits sent to each CPE in the ranging response time offset message, but continue to measure with the current resolution. If, for example, the granularity of the LSB is increased (e.g., by truncating the last three LSBs) the measuring resolution increases to 800 feet. The sampling frequency remains the same so the measurement resolution is still 100 feet.
- This technique has the effect of increasing the uncertainty of the transmission time, based upon the physical location of the modem from the cable headend CMTS and, therefore, the likelihood that duplicate CMs can be detected. This method has the disadvantage that bandwidth is sacrificed.
- these same LSBs could be randomized and sent to each of the cloned modems . This has the additional advantage of not providing any indication to the attackers that any intrusion techniques are enabled. The uncertainty of these measurements is shown in FIG. 3 (d) .
- each CPE 274, 276, transmits on an assigned center frequency.
- the service provider e.g., CMTS 200
- receives the transmitted signal by matching this signal's frequency and extracting the information contained in the signal .
- Differences in the exact received frequency can be measured by the frequency detector 240 at the CMTS 200 or other service provider equipment to detecting duplicate units.
- adjustment data can be provided to the original subscriber unit to change its center frequency.
- a third clone detection technique power differences in the upstream signals from the subscriber units are used to distinguish clone units.
- Each CPE 274, 276 transmits at an assigned power level.
- the CMTS 200 (or other service provider apparatus) sends commands to each CPE to set the power level to use for the unit's upstream transmissions.
- the power of the signal from each unit is attenuated by different amounts as the signals travel upstream in the network, so the measured level at the CMTS 200 will be less than the designated transmission levels.
- the power detector 245 at the CMTS 200 monitors each transmitted burst (upstream signal) and measures the power to determine a baseline expected power level for each unit ID. Thus, a clone unit can be identified when the measured power for a given ID does not match the expected level.
- adjustment data can be provided to the original subscriber unit to change its signal's power.
- a fourth clone detection technique differences in the spectral characteristics of the upstream signals from the subscriber units are used to distinguish clone units. Each unit transmits through a unique path over the cable plant back to the service provider. The paths may cause changes in the spectral characteristics of received upstream signals .
- Each burst (upstream signal) received by the CMTS 200 contains a preamble such that a demodulator
- spectral characteristics detector 250 at the CMTS 200 can "train” for a period of time before the actual start of the data. During this training period, the demodulator determines the spectral characteristics of the burst and attempts to equalize the burst for optimal reception. A set of unique equalization (filter) coefficients are derived as result of the preamble spectral analysis and sent to each CM. These coefficients can also be stored in the database 210 and used to uniquely define each individual unit on the assumption that each of these units traversed a physically different path.
- FIG. 4 illustrates measurement of the signal power spectrum of a received upstream signal at a headend.
- the power spectrum of a received signal might be measured as shown at 400 during the training period.
- the measured spectrum can be normalized to a baseline spectrum 420 using the equalization coefficients. Any significant deviation from the baseline 420 after the training period is an indication of a clone unit.
- the present invention provides techniques for locating duplicate participants (e.g., cloned subscriber units) in a communication network, such as an HFC cable television network or the like, by monitoring the physical layer of the network to detect transmission differences between such units. If such transmission differences are found from units that use a common ID, it is evident that a cloned unit is in use.
- a communication network such as an HFC cable television network or the like
- the measured characteristics can include one or more of: (1) propagation time, (2) frequency, (3) power, and (4) spectral characteristics. Moreover, a combination of characteristics can be used to provide a greater certainty that a clone exists.
- each characteristic for every upstream signal. For example, only one or two characteristics need be measured. Propagation time and spectral characteristics are believed to be particularly effective in detecting clones. If a discrepancy is detected for a unit ID, the ID may be flagged as a possible clone, and other characteristics may be measured to provide a more concrete determination.
- selected unit IDs may be measured if they are suspect for some reason, such as unusually high traffic from that ID.
- Random or sequential measuring of the units may also be implemented.
- the invention is not limited to use with cable modems, but may be used in any network where it is possible to measure the characteristics disclosed herein, and to relate any discrepancy to a particular unit ID.
Abstract
Description
Claims
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2000595494A JP2002535933A (en) | 1999-01-22 | 2000-01-14 | Detecting replication participants in a two-way modem environment |
CA002359607A CA2359607A1 (en) | 1999-01-22 | 2000-01-14 | Detection of duplicate participants in a two-way modem environment |
US09/889,540 US7006446B1 (en) | 1999-01-22 | 2000-01-14 | Detection of duplicate participants in a two-way modem environment |
KR1020017009198A KR20010101858A (en) | 1999-01-22 | 2000-01-14 | Detection of duplicate partic ipants in a two-way modem environment |
AU24140/00A AU2414000A (en) | 1999-01-22 | 2000-01-14 | Detection of duplicate participants in a two-way modem environment |
EP00902420A EP1145553A1 (en) | 1999-01-22 | 2000-01-14 | Detection of duplicate participants in a two-way modem environment |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11673199P | 1999-01-22 | 1999-01-22 | |
US60/116,731 | 1999-01-22 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2000044174A1 true WO2000044174A1 (en) | 2000-07-27 |
Family
ID=22368876
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2000/001021 WO2000044174A1 (en) | 1999-01-22 | 2000-01-14 | Detection of duplicate participants in a two-way modem environment |
Country Status (7)
Country | Link |
---|---|
EP (1) | EP1145553A1 (en) |
JP (1) | JP2002535933A (en) |
KR (1) | KR20010101858A (en) |
AU (1) | AU2414000A (en) |
CA (1) | CA2359607A1 (en) |
TW (1) | TW454396B (en) |
WO (1) | WO2000044174A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2457358A1 (en) * | 2009-07-20 | 2012-05-30 | Verimatrix, Inc. | Systems and methods for detecting clone playback devices |
EP1371226B1 (en) * | 2001-03-23 | 2014-12-24 | Thomson Licensing | Method for establishing a connection between an interactive network adapter and a network interface unit as well as network interface unit and interactive network adapter |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5335265A (en) * | 1991-11-08 | 1994-08-02 | Electronic Data Systems Corporation | Apparatus for detecting and preventing subscriber number cloning in a cellular mobile telephone system |
US5473361A (en) * | 1993-01-19 | 1995-12-05 | Tektronix, Inc. | Cable television test and measurement system |
-
2000
- 2000-01-14 WO PCT/US2000/001021 patent/WO2000044174A1/en not_active Application Discontinuation
- 2000-01-14 AU AU24140/00A patent/AU2414000A/en not_active Abandoned
- 2000-01-14 EP EP00902420A patent/EP1145553A1/en not_active Withdrawn
- 2000-01-14 CA CA002359607A patent/CA2359607A1/en not_active Abandoned
- 2000-01-14 JP JP2000595494A patent/JP2002535933A/en active Pending
- 2000-01-14 KR KR1020017009198A patent/KR20010101858A/en not_active Application Discontinuation
- 2000-01-21 TW TW089100932A patent/TW454396B/en not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5335265A (en) * | 1991-11-08 | 1994-08-02 | Electronic Data Systems Corporation | Apparatus for detecting and preventing subscriber number cloning in a cellular mobile telephone system |
US5473361A (en) * | 1993-01-19 | 1995-12-05 | Tektronix, Inc. | Cable television test and measurement system |
Non-Patent Citations (1)
Title |
---|
ELDERING C A ET AL: "CATV RETURN PATH CHARACTERIZATION FOR RELIABLE COMMUNICATIONS", IEEE COMMUNICATIONS MAGAZINE,US,IEEE SERVICE CENTER. PISCATAWAY, N.J, vol. 33, no. 8, 1 August 1995 (1995-08-01), nEW yORK, ny, us, pages 62 - 69, XP000525541, ISSN: 0163-6804 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1371226B1 (en) * | 2001-03-23 | 2014-12-24 | Thomson Licensing | Method for establishing a connection between an interactive network adapter and a network interface unit as well as network interface unit and interactive network adapter |
EP2457358A1 (en) * | 2009-07-20 | 2012-05-30 | Verimatrix, Inc. | Systems and methods for detecting clone playback devices |
EP2457358A4 (en) * | 2009-07-20 | 2014-06-11 | Verimatrix Inc | Systems and methods for detecting clone playback devices |
US9253544B2 (en) | 2009-07-20 | 2016-02-02 | Verimatrix, Inc. | Systems and methods for detecting clone playback devices |
Also Published As
Publication number | Publication date |
---|---|
JP2002535933A (en) | 2002-10-22 |
TW454396B (en) | 2001-09-11 |
EP1145553A1 (en) | 2001-10-17 |
KR20010101858A (en) | 2001-11-15 |
CA2359607A1 (en) | 2000-07-27 |
AU2414000A (en) | 2000-08-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11962826B2 (en) | Zero sign-on authentication | |
US7895665B2 (en) | System and method for detecting and reporting cable network devices with duplicate media access control addresses | |
EP1905191B1 (en) | Network user authentication system and method | |
US7272846B2 (en) | System and method for detecting and reporting cable modems with duplicate media access control addresses | |
US20070276943A1 (en) | Prevention of Cloning Attacks in a DOCSIS Network | |
US6233687B1 (en) | Method and apparatus for providing configuration information in a network | |
US7272649B1 (en) | Automatic hardware failure detection and recovery for distributed max sessions server | |
US7877805B1 (en) | Apparatus, method and computer program product for detection of a security breach in a network | |
CN101467131A (en) | Network user authentication system and method | |
US7006446B1 (en) | Detection of duplicate participants in a two-way modem environment | |
US8260941B2 (en) | System and method for detecting and reporting cable modems with duplicate media access control addresses | |
Calhoun Jr et al. | An 802.11 MAC layer covert channel | |
US20030046584A1 (en) | Method and apparatus for remote control and monitoring of a multimedia system | |
CN106412498A (en) | Monitoring data acquisition method, and cloud terminal | |
US20090175174A1 (en) | System and Method for Determining Whether DOCSIS-Enabled Devices in a HFC Cable Network Are Co-Located | |
WO2000044174A1 (en) | Detection of duplicate participants in a two-way modem environment | |
CA2490974C (en) | Method, system and apparatus for establishing a packet-based connection with a dial up modem | |
MXPA01007358A (en) | Detection of duplicate participants in a two-way modem environment | |
EP3428816A1 (en) | Method and system for authorizing a mobile device to access a digital content | |
CN114915440A (en) | System and method for guaranteeing media service security attribute | |
CN111314856A (en) | Hierarchical examination and tracking device and method for 5G user position information service |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
ENP | Entry into the national phase |
Ref document number: 2359607 Country of ref document: CA Ref country code: CA Ref document number: 2359607 Kind code of ref document: A Format of ref document f/p: F |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09889540 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2000902420 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: PA/a/2001/007358 Country of ref document: MX |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020017009198 Country of ref document: KR |
|
ENP | Entry into the national phase |
Ref country code: JP Ref document number: 2000 595494 Kind code of ref document: A Format of ref document f/p: F |
|
WWP | Wipo information: published in national office |
Ref document number: 2000902420 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWP | Wipo information: published in national office |
Ref document number: 1020017009198 Country of ref document: KR |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1020017009198 Country of ref document: KR |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2000902420 Country of ref document: EP |