WO2005045624A2 - Method of protecting copyrighted digital files in a distributed file sharing network - Google Patents

Method of protecting copyrighted digital files in a distributed file sharing network Download PDF

Info

Publication number
WO2005045624A2
WO2005045624A2 PCT/US2004/035782 US2004035782W WO2005045624A2 WO 2005045624 A2 WO2005045624 A2 WO 2005045624A2 US 2004035782 W US2004035782 W US 2004035782W WO 2005045624 A2 WO2005045624 A2 WO 2005045624A2
Authority
WO
WIPO (PCT)
Prior art keywords
file
infringing
network
source
digital file
Prior art date
Application number
PCT/US2004/035782
Other languages
French (fr)
Other versions
WO2005045624A3 (en
Inventor
Charles Armour
Scott Mcnally
Original Assignee
P2P Engineering Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by P2P Engineering Llc filed Critical P2P Engineering Llc
Publication of WO2005045624A2 publication Critical patent/WO2005045624A2/en
Publication of WO2005045624A3 publication Critical patent/WO2005045624A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1087Peer-to-peer [P2P] networks using cross-functional networking aspects
    • H04L67/1093Some peer nodes performing special functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/103Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for protecting copyright

Definitions

  • the instant invention relates to a protection system for digital files. More
  • the instant invention relates to a copyright protection system that implements active and passive measures to prevent and deter the proliferation of infringing copyrighted digital
  • the present invention relates to a copyright enforcement system directed to distributed computer networks such as peer-to-peer file sharing networks.
  • distributed computer networks such as peer-to-peer file sharing networks.
  • file sharing services are decentralized, such as in a peer-to-peer file sharing network, the ability to identify infringing works and the ability to enforce copyrights
  • each participating computing system such as a personal computer (PC), personal digital assistant (PDA), wireless telephone, and the like.
  • the software program integrates the computing system resources of each participant to collectively define the distributed network, wherein each of the computing systems becomes a node in the distributed network.
  • the software may further identify certain participating computing systems to serve as a super node through which access to the digital content of individual network nodes is facilitated.
  • the individual nodes, and even the designation of super nodes are generally in a state of flux, where individual nodes may join and leave the network at will, further exacerbating the ability to identify infringing digital content and making subsequent enforcement of copyrights through traditional methods exceedingly difficult.
  • the constant state of flux in the individual nodes of the distributed network would suggest that the system would lack stability and thereby viability.
  • the instability of the individual nodes is offset by the sheer number of participants in the network. For example, in
  • the present invention comprises a system and method for information gathering about the distribution of unauthorized copies of digital files in file sharing and distribution systems, and for active reduction in the ability of a computing system to share illegal or
  • the system preferably comprises one or more search elements or nodes, called policing units, which accumulate information regarding the presence of illegal or unauthorized distribution of copyrighted content over file sharing and distribution networks, as well as information that may be relevant for attempts to neutralize or otherwise reduce such distribution.
  • policing units which accumulate information regarding the presence of illegal or unauthorized distribution of copyrighted content over file sharing and distribution networks, as well as information that may be relevant for attempts to neutralize or otherwise reduce such distribution.
  • present disclosure describes several methods that can be used against illegal file distribution in a decentralized, peer-to-peer file sharing model.
  • the system comprises the steps of a) a search, to locate suspect digital files, b) verification of the suspect digital files against a database of protected digital files, and the alternative steps of c) competing with the illegal file sharing site, d) notifying authorities of the presence of illegal copies of protected files, and/or e) neutralizing the site or node containing the illegal copy of a protected digital file.
  • the identification of the illegal or unauthorized content is executed inside a search engine, and may be based on alphanumeric data, such as the possible variants of its title, its description, or on meta data included with the content and intending to identify the same.
  • the system may use offensive elements in order to attempt to disrupt or interfere with the illegal or unauthorized activities.
  • the offensive elements may use specific features and known vulnerabilities of the file sharing and distribution systems and/or vulnerabilities in the infrastructures such systems depend upon.
  • the first step of the process is a conducting a search of the file-sharing network.
  • the search preferably makes use of a search engine, as referred to above, to gather data about the
  • the search engine is preferably a network
  • the search engine may use a polymorphic search in order to cover the various forms in which the digital files' names or descriptors may appear. This approach takes advantage of one essential property of the file sharing system, that is, in order for it to be convenient for users, digital content in the file sharing system has to be easy to find.
  • Data returned during the search is stored in a local memory space and is normally displayed on the monitor search screen.
  • the information from the search screen may be used to generate keywords for searching the memory space for more detailed transaction data, which is updated in a centralized database. Some data fields will be obtained directly from the memory space data, while others will be derived from subsequent searches returning an identification of the same site.
  • the competitive content may also include notices according to the next alternative measure.
  • the information gathered by the search engines e.g., the details of the replies to its queries
  • interested parties e.g., via e- mail or web-based interface.
  • a WHOIS look up based on the IP address of the source and notification of the infringing activity can be made by preformatted e-mail.
  • the end user of the network services may be provided a notification that his or her shared directory contains copyrighted material and that their sharing of the digital content violates the copyright of the respective owners.
  • the infringing site may be subjected to auto-competition.
  • auto-competition This is an example of an active enforcement measure.
  • the auto-competing agents are based on file sharing system protocols (such as Kazaa) and appear to be nodes of the network.
  • the auto-competition agents preferably use the features of the file sharing system in order to perform various attacks on distributors of illegal content, as will be described in more detail below.
  • the infringing site may be subjected to auto-competition by utilizing the network
  • simultaneous downloads is such as to saturate the system or, at least, reduce the available
  • the download may be initiated at a low transfer rate sufficient to avoid timing out.
  • the download may be cancelled prior to completion, and a subsequent connection established by a auto-competition system, before the infringing system has an opportunity to notify its super node that it is again available for download.
  • the neutralizing agent preferably initiates a "push" request using methods that are supplied by the file sharing system, thereby causing the distributor to initiate the required file transfer with the offensive element (either by opening connection to the offensive element or by transferring the file over existing connections through the firewall).
  • the auto-competition thus takes advantage of the fact that the firewall protection has to leave openings to allow regular functioning of the file sharing system.
  • FIG. 1 is an environmental diagram depicting common hardware components of the copyright protection system and a peer-to-peer computer network:
  • FIG. 2 is a logical communication diagram of a peer-to-peer computer network
  • FIG. 3 is a logical communication diagram of the copyright protection system
  • FIG. 4 is a logical communication diagram of the copyright protection and a peer- to-peer computer network
  • FIG. 5 is an illustrative flow chart depicting search functionality for the copyright protection system
  • FIG. 6 is an illustrative flow chart depicting memory search functionality for the copyright protection system
  • FIG. 7 is an illustrative flow chart depicting a file verification routine of the copyright protection system.
  • FIG. 8 is an illustrative flow chart for providing perfidy file serving functionality to the copyright protection system
  • FIG. 9 is an illustrative flow chart depicting auto-competition functionality of the copyright protection system.
  • FIG. 10 is an illustrative flow chart depicting messaging functionality.
  • the present invention comprises a system and method for gathering information about the distribution of illegal or unauthorized digital files in a distributed network
  • peer-to-peer networks depicted in FIG. 2. Certain aspects of the
  • the invention also provides for active and passive measures for reducing the availability of file sharing capability within the distributed file sharing network, and reducing the unauthorized distribution of copyrighted digital files on the distributed network.
  • FIG. 1 A logical communication diagram of the copyright protection system hardware 10 and its general interconnection to the internet and a peer-to-peer network 200 is shown in FIG. 1.
  • the hardware comprises at least one computing system 11, such as a PC, blade, or similar computing device, configured for access to the Internet and having at least one internet protocol (L?) address.
  • the system hardware should further comprise at least one router 13, at least one storage server 14, at least one database server 15, and at least one system server 16.
  • system server 16 provides overall control and coordination of the enforcement system 10, we refer to this function as the network controller 40, as shown in the FIGS. 3 and 4 .
  • a cluster controller 50 which may be implemented in system server 16 or database server 15, communicates with network controller 40 instructions to a node controller 60 for implementation by at least one module 70, resident on node controller 40.
  • Node controller 60 and module 70 are resident on each computing system 11, referred to as a policing unit.
  • Each module 70 corresponds to a particular peer-to-peer network, such as Kazaa, Gnutella, or the like, over which the system 10 will operate to enforce copyright protection.
  • This multi- tiered structure provides enhanced system security and facilitates cloaking the enforcement system from the target file sharing networks.
  • the system and method generally comprise the steps of a) a search, to locate suspect digital files, b) verification of the suspect digital files against a database of protected
  • each element or step may be conducted concurrently by one or more policing units 11 having access to the
  • the system and method of the present invention is applicable to all types of peer-to- peer distributed file sharing systems.
  • a given peer-to-peer network 200 will require a specific software application, or first control application, to provide access to the peer-to-peer network.
  • the distributed network 200 depicted in FIG. 2, comprises a plurality of client nodes 201 and index nodes 202.
  • the software code may be either open source, where it may be viewed and altered to directly accomplish the objects of the present invention, or it may be closed source code, which would generally restrict direct modification of the software application to achieve the objects of the invention.
  • the present invention provides a method of protecting digital content in a distributed file sharing network.
  • the first step in the present invention is to provide at least one computer system or computing device, which we refer to as a policing unit 11 with at least one first control application to establish and maintain communications with a peer-to-peer network 200. Additional first control applications may be provided to policing unit 11 to establish and maintain communications for each of a plurality of peer-to-peer networks, wherein each of the plurality of first control applications comprises a module 70 within the enforcement system. To be an effective monitoring or enforcement tool, it is desirable for policing unit 11 to appear as though it is merely one of many systems or nodes 201 comprising the peer-to-peer network 200. Accordingly, policing unit 11 is provided a software application corresponding to the particular
  • a memory searcher such as that shown in FIG. 6, comprising an
  • our second control application searches a memory space of policing unit 11 to locate the unique long username and the known current internet address of the policing unit 11 to determine their position within the memory space.
  • the position information provided by the search permits our application to overwrite this information to provide other aspects of cloaking functionality 75 for policing unit 11. Because the memory space position occupied by the username and internet address may change during use, they are routinely monitored by our second control application.
  • our second control application Upon detection of a position or content change, our second control application terminates the client session and initiates a new client connection, thus disconnecting the policing unit 11 and initiating a new connection to the peer-to-peer network 200.
  • policing unit 11 will have sufficient resources such as bandwidth, storage media, processor speed, or digital content, such that it will be accepted by the network as an index node 202, thereby facilitating the objects of the invention.
  • search functionality 73 such as that shown in FIG 5, is provided to perform the task of identifying digital content shared within the network as suspect or unauthorized.
  • Search functionality 73 comprises a search engine, which is usually provided with the client software for the file sharing network. A search for suspect digital files meeting predefined search criteria corresponding to the parameters of a protected digital file, attempts to match files stored on a storage server 14
  • alphanumeric data such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be based on alphanumeric data, such as the title and/or derivatives of its title. It may
  • an MD5 hash or other unique identifying indicia found in the art the search may be based on those.
  • search functionality 73 further comprises, as part of our second control application, emulation of the keystrokes, mouse clicks, or other user inputs to enter the search parameters and execute a search through the peer-to-peer network client software application at a high rate of speed.
  • API application program interface
  • a subset of the resultant data may be displayed on a monitor, or similar device,
  • network 200 usually through one or more graphical representations of the source 201 or client node 201 that is sharing the suspect digital content.
  • the content and location of the resultant data in memory may be ascertained directly from an analysis of the application program.
  • the open source program may be modified to integrate the functions of the second control application into a single control application.
  • the basic network functionality comprises the first control application of the present invention, and the modifications thereto would comprise the second control application of the present invention.
  • this information may not be readily available.
  • the screen display may be used to identify certain keywords upon which a query of the memory space of policing unit 11 may be made to locate the remainder of returned search data resident in the memory space.
  • we utilize API calls to determine the textual contents of the screen display such that any text data presented on the screen by the client software is readable by our system. This data and its associated data resident in the memory space will normally provide more detailed transaction information regarding the source and content of the suspect digital file.
  • a memory searcher such as that depicted in FIG 6, and comprising a part of the second control application, may be employed as part of search functionality 73 to retrieve the masked transaction data.
  • returned to policing unit 11 during implementation of search functionality 73 may be stored and
  • the policing unit Upon completion of a search, or after the search has exceeded a preset time limit, the policing unit is disconnected from the network 200 and reconnected, such that multiple index nodes 202 are used for each search. Each time our policing unit 11 establishes a client peer-to- peer connection 1, shown in FIG. 4, the index node 202 it connects to is recorded such that duplicate searches can be avoided.
  • the suspect database information may include such elements as: a) IP Address; b)
  • TCP Port c) Index Node IP Address; d) Index Node TCP Port; e) Firewall IP Address (if present); f) firewall Status; g) File Hash; h) File Name; I) File Size; j) Username; k) Bandwidth; 1) Times Found; m) First Found; n) Last Found; o) Search Used; p) First Activated; q) Last Activated; r) Active Status; s) Maximum Uploads; t) Unlimited Status; u) Deactivated Status; v) First Deactivated; w) Last Deactivated.
  • some data fields will be obtained directly from the memory space data, while others will be derived from subsequent searches returning an identification of the same node or digital content.
  • Source verification 80 is performed to avoid subsequent auto- competition 74 of a client node 201 that does not maintain or distribute infringing content. Furthermore verification 80 provides a means for updating the protected digital content database
  • Verification is accomplished by downloading the suspect file and comparing various identification indicia for the file to that of the protected digital file. After retrieval of the suspect file, the file is moved to the cluster storage and tagged as an unverified file. A signature
  • the signature verification system 80 is compared against a known set of signatures, or identifying indicia, by the signature verification system 80. The results of the comparison are then returned to the cluster controller 50, which updates its records and messages the network controller 40 the verified file characteristics. In turn, the network controller 40 shares this information such that other cluster controllers 50 may avoid repeating the verification process for duplicates of the suspect file.
  • Such identification indicia may include for example a watermark inserted into the original protected work. Where the suspect digital content is in a format different than the original or its identification data has been stripped, an MD5 hash may be generated for the file which is then compared to a hash derived for the original protected content.
  • Various types of verification methods according to this procedure are readily available in the art with many having accuracies of 98-99% or better.
  • source verification 80 is initiated on the user side of the peer-to-peer interface software, such that it is the file which is distributed via the software to other users of the peer-to-peer network that is compared to verify that the file is indeed a pirated iteration of the protected file.
  • source verification 80 is initiated on the user side of the peer-to-peer interface software, such that it is the file which is distributed via the software to other users of the peer-to-peer network that is compared to verify that the file is indeed a pirated iteration of the protected file.
  • source verification 80 is initiated on the
  • the policing unit 11 appears to be just another application client node 201.
  • the identification indicia of a protected file is maintained in a protected files database resident on storage server 14.
  • identification data for each downloaded suspect file is maintained in a suspect file database to facilitate verification of subsequent downloads from other client nodes 201 in the network 200, or perhaps the same node upon its later connection to the network under a new dynamically assigned IP address.
  • the downloaded content is identified as infringing content and the identification data corresponding to the user node from which the infringing content was downloaded is retained in an infiinger database as an identified or at least a partially identified infiinger.
  • Competition functionality 72 for clients 201 of the distributed network 200 is a first alternative enforcement means. Competition is implemented through the peer to peer client software, bandwidth shaping, and the emulation of peer-to-peer client software. Competition may be considered a passive enforcement measure that has the effect of reducing the relative availability and ease obtaining infringing copies of protected digital content through the file sharing network by users 20. It is considered passive in that a policing unit 11 merely provides access to competitive digital content for download by peer-to-peer users. The competitive content is identified when a peer-to-peer client 201 initiates a search for a protected digital file. The method comprises receiving requests and fulfilling requests for infringing content and providing a defective, or perfidy version of the content which does not satisfy the user. [0052] In our system, the defective versions or perfidy files are generated through perfidy
  • the perfidy files, comprising competitive content, may be
  • the competitive content may also include notices according to the next alternative enforcement measure to further dissuade users from distributing infringing content within the file
  • the perfidy files are stored in a central NAS storage 110, and are shared by one or more policing units 11.
  • the identifying parameters of the competitive content such as its file size, metadata, watermark, or hash, as displayed on the user's search result should closely match that of the protected digital content desired by the client 201.
  • a plurality of competitive files, each conesponding to a protected file are maintained in a centralized competitive content database 110, accessible to policing units 11.
  • clients 201 are encouraged to share digital content in exchange for their participation in the network. In some instances providing shared digital content is a requirement for continued participation.
  • a policing unit 11 should provide or at least appear to provide shared digital content for the benefit of the host network 200 and its clients 201.
  • the client's search result will include identification of competitive file content apparently shared by policing unit 11.
  • the perfidy is cloaked to resemble the original digital content.
  • the identifying indicia of the perfidy file By rewriting the memory space identifying the perfidy file to clients 201 and index nodes 202, the identifying indicia of the perfidy file, which will likely have a different hash than the original, can thus appear to the client 201 as the desired
  • the competitive content resident in perfidy storage 110 is distributed to the client by policing unit 11 through perfidy distributor 120.
  • the client 201 receives
  • the client 201 has been thwarted in illegally receiving the desired digital content and may also be discouraged from further participation in the file sharing network.
  • the copyright enforcement system contemplated provides for cloaking functionality 75 as a means of avoiding detection as an enforcement site, and provides for redundancy through a plurality of policing units 11 and a substantial bank of available fresh IP addresses for those
  • Cloaking functionality 75 is provided in the first instance by policing unit 11 entering the peer-to-peer network and appearing as any other client 201 or index 202 node on the network 200.
  • Cloaking functionality 75 according to our system is further provided by redirecting an established connection between an enforcement policing unit 11 and a client 201 of the peer-to-peer network. This is accomplished according to the data stored in the memory space of policing unit 11 which conelates to the connection established, IP address and TCP port, with the peer-to-peer client 201.
  • the IP address may be redirected to any of a large volume of associated IP addresses and ports used by or available for use by policing units 11.
  • each policing unit 11 may be configured to simultaneously operate over a plurality of IP addresses such that each physical policing unit 11 may appear to the network 200 as being a plurality of client 201 or index nodes 202, each having its own IP address. With curcent technology each policing unit 11 may effectively utilize as many as 128 unique IP addresses. [0059] As discussed above, the memory space of policing unit 11 is searched to identify additional transaction data, particularly that establishing the connection of policing unit 11 to the distributed network 200.
  • the second control application is provided the ability to over write the memory space containing the established connection data with connection data that re-routs the connection to one of a plurality of policing units 11, called an associate or associated policing unit, having its own IP address selected from the database of available IP addresses.
  • the associated policing unit 11 will then handle the transaction, in this case file sharing of the competitive content, with the client 201 of the distributed network.
  • the redirection may be made to one of its alternative IP addresses.
  • connection is established will normally be assigned to a default port.
  • the network application may run on a default port, but will
  • the memory space may be reset to the original overwritten LP and port, usually as a result of the network software reestablishing connection to the distributed
  • the second control application should monitor the status of the memory space and rewrite the connection data redirecting the connection to the associate when required.
  • querying the memory space for the status of IP address and TCP port every 250 ms provides an effective monitoring cycle.
  • the enforcement system 10 of the present invention may take advantage of the benefits of the distributed nature of the peer-to-peer network architecture and engage in distributed enforcement. Where one or more policing units 11 can acquire status as an index node 202 within the network architecture, it has the ability to redirect a greater proportion of the client 201 traffic to one of its associates. Thus, client 201 searches for protected digital content received by a policing index
  • node may be answered by directing the client 201 exclusively to competitive content.
  • the system of the present invention maintains a centralized
  • the database maintains information regarding each LP address, such as connections established, bandwidth available and other characteristics that users of the file sharing network find desirable in deciding upon which node they will download
  • the database may also maintain usage statistics for each associate IP address or port relevant to the enforcement program including last used, duration used, times used, and a block detection flag which is set when an IP is deemed "dead", i.e. that it has been blocked or is no longer used by the network users.
  • the associates report directly to the database for real time updating.
  • the database is queried and the IP address of the most favorable associated policing unit 11 is returned. Assignment of IP addresses is coordinated by overlord 40 and communicated through cluster controller 50 to node controller 60. This IP address is used to write over the IP address in the policing unit 11 memory space, and to further facilitate the cloaking of the redirected connection, the memory space is rewritten with the network's default TCP port.
  • the enforcement policing unit 11 can make the competing digital content appear more attractive for downloading by the user, thereby reducing the distribution of infringing content.
  • the IP address database also maintains usage statistics for its associates, IP addresses which have been blocked or otherwise identified by the network or its clients as enforcement nodes may be removed from consideration
  • An alternative enforcement measure contemplated by the invention is providing a
  • an infringement notice may be transmitted via e-mail or similar means. In many instances this may sufficiently deter the infringing client from further distribution of infringing content.
  • a WHOIS look up based on the IP address of the source may for example be initiated to identify the company owning the IP address or alternatively, the abuse handle for the ISP servicing the IP address.
  • the notification of the infringing activity can be made by preformatted e-mail transmitted to the infringing party by the second control application, or the identifying
  • information may be reported to the copyright owner via statistics display system 20 for alternative notification methods.
  • the information may also be provided to the respective internet service providers (ISP) in order to obtain the identity of its subscribers in order to effectuate service in legal proceedings to enforce the copyrights.
  • ISP internet service providers
  • the collected information may be derived for other reporting purposes.
  • a participating copyright owner can be given information such as the volume of infringing content distributed by a network.
  • the data may also be utilized to show the popularity of particular titles, artists, etc.
  • the data may be used as a marketing tool to solicit other copyright owners to utilize the services provided through the invention. Reporting is accomplished through statistics generator 30 and a secure connection for the recipient of the report is provided via statistics display system 20.
  • the infringing site may
  • the auto-competition agents which may also be associated policing units 11 used in passive competition, should appear to be regular nodes 201 of the peer-to-peer network 200.
  • the auto- competing agents 11 preferably use the features of the file sharing system in order to perform various attacks on distributors of illegal content, as will be described in more detail below.
  • the infringing site may be neutralized through auto-competition by utilizing the network application to initiate a plurality ot simultaneous downloads of the infringing content using several connections (either via a single "auto-competition agent” or via several coordinated “auto-competition agents"), as depicted by connection 3 in FIG. 4.
  • the number of simultaneous downloads is such that they either saturate the system resources of infringing node 203, or they reduce the available computing device resources of the infiinger such that other clients 201 or an index node 202 of the distributed network would not find the infringing node 203 a desirable site from which to initiate their download.
  • Coordination of auto-compeition agents 11 may be provided through cluster controller 50 or network controller 40.
  • a saturated system 203 will signal an index node 202 that it is unavailable for downloads. Consequently, it will not be listed or appear as a source for the digital file to other clients 201 in the shared file network.
  • Figure 9 depicts an exemplary process for providing auto-competition functionality 74 to copyright enforcement system 10.
  • auto-compeition agent 11 may initiate a download connection with an infringing client 203 at a low transfer rate
  • the transfer rate of the download may be manipulated by the second control application so as to tie up the infringing system's 203 resources for a longer period per
  • connection This aspect may be implemented in either the transport protocols or through
  • auto-compeittion agents 11 can effectively eliminate the infringing node 203r from appearing as a shared resource in response to search engine queries, effectively eliminating its ability to share infringing content with the network 200.
  • the timing of the cancellation signal is determined by dividing the file size of the infringing content by the size of the file transfer segment utilized by the file sharing network so that the number of file segments required by the file transfer is determined. Once the next to last segment has been received by the neutralizing agent, the connection to the infringing node is aborted. The cancellation signal may then be used to trigger
  • a client 201 may allocate a certain number of connections his or her computing device may accept. Alternatively, they may allocate a certain bandwidth dedicated to file sharing network 200 activities. This information is communicated to the respective index nodes 202 via the network application program, and in some instances may be received in the memory space of enforcement policing unit 11. Armed with this information the enforcement system 10 may conserve its resources by allocating only enough assets to saturate
  • the enforcement system 10 may need to monitor the status of the infringing node 203 to determine whether sufficient assets have been committed to neutralize the target.
  • the infringing node 203 may be iteratively targeted for download connections by auto-compeition units 11. As each connection 3 is established to the infringing node 203, the availability of the node 203 for download may be determined by initiating iterative search requests for the infringing content.
  • the infringing node 203 fails to appear as a source for the infringing content in the search result, the infringing node 203 has been effectively neutralized, regardless of whether its resources have been completely exhausted, since it will no longer be shown to the other peer-to-peer clients 201 on the index nodes 202 as a source for infringing content.
  • network controller 40 may be coordinated and distributed via network controller 40, to other participating auto-
  • competition agents 11 which may utilize any of the large number of banked IP addresses available to system 10.
  • cloaking functionality 75 comprises overwriting the memory space to reflect to the network application internally it is communicating over a TCP port or LP address that is not the TCP port or LP address that the program is residing and communicating on.
  • this remapping is implemented in both competition and auto-competition as a means of distributing the enforcement from one machine to a plurality of machines.
  • a significant additional benefit of this technique is that it provides a conduit through the respective network application through which the second control application
  • cloaking functionality 75 may further comprise, the first control application providing masking of the operation of the second control application through which searching 73, verification 80, messaging 71, perfidy file serving 72, and neutralization 74 may be implemented.
  • the conduit permits our second control application to more efficiently distribute the competitive digital content by overcoming deficiencies inherent in some of the network 200 file transfer protocols.
  • the conduit also provides us the ability to monitor and record transaction data as it occurs.
  • the conduit gives us the ability to manipulate the file transfer rate based on implementation; for example fast for competition, slow for auto - competition. Similarly, bandwidth shaping can be implemented to affect transfer rates.
  • conduit provided through the network application permits our search results to be
  • an firewall software or device 204 will protect an infringing node 203.
  • the auto-competition agent preferably initiates a "push" request using methods that are supplied by the file sharing system, thereby causing the distnbutor to initiate trie infringing file transfer with the infringing node 203 (either by opening a connection to the infringing node 203 or by transferring the file over existing connections through the firewall 204).
  • the auto-competition agent 11 thus takes advantage of the fact that the firewall protection scheme needs to leave openings to allow regular functioning of the node in order to participate in the file sharing network
  • Enforcement against firewalled sources (clients) 205 poses a slight problem since our enforcement system is targeted to specifically identified infringing nodes 203.
  • Enforcement against a specific node requires identification of the firewall address, username, and the local (firewall protected) address of the infringing node.
  • a connection is made from a firewalled source 205, it appears as though it originates from the firewall address 204.
  • To determine file requests from a firewalled source 205 we store its firewall endpoint address 204 and its index node endpoint 202, as well as name, and other identifying data. A blank is left in the database for its local (firewalled) address 205, until the local address is identified. If the firewall address 204 has been previously is stored in the database, with its local address 205, we simply request a file associated with that record.
  • the system initiates a request for a false file, based on a randomly generated hash. Whether or not the hash is in fact
  • the firewalled client 205 returns information
  • the firewall address 205 the connection originated from is placed within the blank in the database for that source record for future reference in the system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

Protection for copyrighted digital files from infringing distribution on a file sharing network is provided through auto competition measures designed to reduce or eliminate the proliferation of infringing copes of protected digital files on the file sharing network. The system searches for protected content on the network, verifies the existence and distribution of infringing content, and engages in passive and active auto competition measures. Passive measures involve the distribution of degraded or defective content on the file sharing network while active auto competitive measures reduce or eliminate the ability of an infringing node to distribute infringing content to the file sharing network.

Description

METHOD OF PROTECTING COPYRIGHTED DIGITAL FILES IN A DISTRIBUTED FILE SHARING NETWORK
FIELD OF THE INVENTION
[0001] The instant invention relates to a protection system for digital files. More
specifically, the instant invention relates to a copyright protection system that implements active and passive measures to prevent and deter the proliferation of infringing copyrighted digital
content on a distributed computer network. More particularly, the present invention relates to a copyright enforcement system directed to distributed computer networks such as peer-to-peer file sharing networks. BACKGROUND OF THE INVENTION [0002] The growth of the Internet has provided unprecedented access to and distribution of digital content such as digital text, audio, video and multi-media files, collectively referred to
as digital content. In many instances this digital content is the subject copyright protection laws which afford the copyright owner certain rights in the creative works. Unfortunately, the relative ease by which digital content may be copied and distributed over the Internet has led to the proliferation of infringing digital content, which cause financial and other damages to the owners of the copyrighted works. Where centralized file sharing and distribution services are provided the identification of infringing matter and the enforcement of copyright protection against distribution of the infringing works may be implemented in a straightforward manner. Software resident on the centralized file server may monitor the content of the server and subsequently block access to the infringing content or may block access to the service by the infringing user. Similarly, under current laws, the service provider is offered certain "safe harbors" from infringement liability where it cooperates with a copyright owner's enforcement against infringing users and content on its services. However, where the service provider does not
cooperate with the copyright owner, enforcement against infringing users and the service
provider may still prove difficult for the copyright owner.
[0003] Where the file sharing services are decentralized, such as in a peer-to-peer file sharing network, the ability to identify infringing works and the ability to enforce copyrights
against an identified infiinger is significantly diminished. This is due in part to the peer-to-peer network architecture and to a certain extent file sharing networks that have adopted the peer-to- peer network architecture for the express purpose of subverting the rights of copyright owners.
[0004] In the peer-to-peer network model the centralized file server is eliminated, thereby making identification of infringing digital content considerably more difficult. The network users are interconnected through a software program, usually resident on each participating computing system, such as a personal computer (PC), personal digital assistant (PDA), wireless telephone, and the like. The software program integrates the computing system resources of each participant to collectively define the distributed network, wherein each of the computing systems becomes a node in the distributed network. Out of the participants in the network the software may further identify certain participating computing systems to serve as a super node through which access to the digital content of individual network nodes is facilitated. In the peer-to-peer network, the individual nodes, and even the designation of super nodes are generally in a state of flux, where individual nodes may join and leave the network at will, further exacerbating the ability to identify infringing digital content and making subsequent enforcement of copyrights through traditional methods exceedingly difficult. [0005] The constant state of flux in the individual nodes of the distributed network would suggest that the system would lack stability and thereby viability. However, the instability of the individual nodes is offset by the sheer number of participants in the network. For example, in
one particular peer-to-peer network, there have been over 230 million downloads of the network
software, with traffic in the network software of up to 3.1 million downloads a week. Thus, the
stability of the network increases with the addition of each node to the network. However, for the copyright owner, the addition of each transient node to the network further exacerbates the
ability of the copyright owner to identify and enforce its rights.
[0006] Naturally, the popularity and success of the leading peer-to-peer network models has spawned the proliferation competing peer-to-peer network platforms that have experienced tremendous growth as well. As a result, the copyright owner must now attempt to identify infringing content and seek enforcement over a variety of network platforms. Thus, the proliferation of individual participants in the peer-to-peer file sharing networks, in combination with the transience of their participation makes the identification of infringing content and the subsequent enforcement of copyrights in the subject digital content all the more difficult for the copyright owner utilizing traditional methods.
[0007] The foregoing impediments to copyright enforcement are further compounded by the anonymous nature of many peer-to-peer networks. Indeed, at least a portion of these networks tout the anonymity of the user as a salient feature or benefit of participating in the network. When combined with the transience inherent in the peer-to-peer model, the anonymous infiinger is virtually immune from traditional identification and enforcement methods. [0008] Accordingly, there is a need for a system and method that permits a copyright owner to identify infringing digital content on a distributed digital network and that provides a means for protecting and enforcing a copyright owner' rights against transient, often anonymous, infringers. SUMMARY OF THE INVENTION
[0009] The present invention comprises a system and method for information gathering about the distribution of unauthorized copies of digital files in file sharing and distribution systems, and for active reduction in the ability of a computing system to share illegal or
unauthorized copies of copyrighted digital files on publicly accessible networks. The system preferably comprises one or more search elements or nodes, called policing units, which accumulate information regarding the presence of illegal or unauthorized distribution of copyrighted content over file sharing and distribution networks, as well as information that may be relevant for attempts to neutralize or otherwise reduce such distribution. In particular, the
present disclosure describes several methods that can be used against illegal file distribution in a decentralized, peer-to-peer file sharing model.
[0010] The system comprises the steps of a) a search, to locate suspect digital files, b) verification of the suspect digital files against a database of protected digital files, and the alternative steps of c) competing with the illegal file sharing site, d) notifying authorities of the presence of illegal copies of protected files, and/or e) neutralizing the site or node containing the illegal copy of a protected digital file.
[0011] The identification of the illegal or unauthorized content is executed inside a search engine, and may be based on alphanumeric data, such as the possible variants of its title, its description, or on meta data included with the content and intending to identify the same. Once illegal or unauthorized distribution of content via a certain file sharing system is detected, by one or more of the search engines, the system may use offensive elements in order to attempt to disrupt or interfere with the illegal or unauthorized activities. The offensive elements may use specific features and known vulnerabilities of the file sharing and distribution systems and/or vulnerabilities in the infrastructures such systems depend upon.
[0012] The first step of the process is a conducting a search of the file-sharing network.
The search preferably makes use of a search engine, as referred to above, to gather data about the
digital files that are available on a distributed network. The search engine is preferably a network
application that appears as a regular agent, client, or node of the file-sharing network and utilizes
tools that the file-sharing system supplies for such a search (such as the Kazaa desktop). The search engine may use a polymorphic search in order to cover the various forms in which the digital files' names or descriptors may appear. This approach takes advantage of one essential property of the file sharing system, that is, in order for it to be convenient for users, digital content in the file sharing system has to be easy to find.
[0013] Data returned during the search is stored in a local memory space and is normally displayed on the monitor search screen. The information from the search screen may be used to generate keywords for searching the memory space for more detailed transaction data, which is updated in a centralized database. Some data fields will be obtained directly from the memory space data, while others will be derived from subsequent searches returning an identification of the same site.
[0014] Before remedial action is initiated, it is desirable to verify that the digital files identified by the search engine are illegitimate copies of a protected digital file. Verification is accomplished by downloading the suspect file and comparing various identification data for the file to the protected digital file. Once the downloaded digital file is verified, any of the following actions may be taken individually or in combination. [0015] Competition for users of the distributed network is a passive method of enforcement. The method comprises receiving requests for illegal content and replying to them and providing a version of the content that does not satisfy the user. The versions may be for
example defective, of low visual or audio quality, contain large amounts of unwanted material, or
may be totally irrelevant, etc. Upon downloading the user receives content in reply to his
request, which preferably at least partly corresponds to what he requested, leading him to believe that he downloaded the information from the site to which he addressed his request but that the site provides sub-standard material. The user is thus discouraged from using the source again. [0016] As a passive enforcement measure it has the effect of reducing the relative availability and ease of obtaining an infringing title through the peer-to-peer network. Providing
competing digital files through the file sharing network reduces the desirability of the file sharing system as a source of illegal digital content to end users of the file sharing systems. The competitive content may also include notices according to the next alternative measure. [0017] The information gathered by the search engines (e.g., the details of the replies to its queries) can be used in order to create reports and also to inform interested parties (e.g., via e- mail or web-based interface). For example, a WHOIS look up based on the IP address of the source and notification of the infringing activity can be made by preformatted e-mail. The end user of the network services may be provided a notification that his or her shared directory contains copyrighted material and that their sharing of the digital content violates the copyright of the respective owners.
[0018] Once the infringing content has been found and verified, the infringing site may be subjected to auto-competition. This is an example of an active enforcement measure. Again, it is preferable that the auto-competing agents are based on file sharing system protocols (such as Kazaa) and appear to be nodes of the network. The auto-competition agents preferably use the features of the file sharing system in order to perform various attacks on distributors of illegal content, as will be described in more detail below.
[0019] The infringing site may be subjected to auto-competition by utilizing the network
application to initiate simultaneous downloads of the illegal content using several connections
(either via a single "client" or via several coordinated "clients"). Preferably, the number of
simultaneous downloads is such as to saturate the system or, at least, reduce the available
resources of the infiinger.
[0020] We have found that in certain shared file network, such as Kazaa, a saturated system will signal an index node that it is unavailable for downloads. Consequently, it will not be listed as a source for the digital file to other users in the shared file network, thereby enhancing the effectiveness of the competing digital file in reducing the proliferation of infringing digital files.
[0021] For added efficiency in auto-competing the site, the download may be initiated at a low transfer rate sufficient to avoid timing out. Alternatively, the download may be cancelled prior to completion, and a subsequent connection established by a auto-competition system, before the infringing system has an opportunity to notify its super node that it is again available for download.
[0022] Often the distributor is protected by firewall software In the case of a firewall, the neutralizing agent preferably initiates a "push" request using methods that are supplied by the file sharing system, thereby causing the distributor to initiate the required file transfer with the offensive element (either by opening connection to the offensive element or by transferring the file over existing connections through the firewall). The auto-competition thus takes advantage of the fact that the firewall protection has to leave openings to allow regular functioning of the file sharing system. BRIEF DESCRIPTION OF THE DRAWINGS
[0023] The system and methodology of the present invention are depicted in the
accompanying drawings which form a portion of this disclosure and wherein:
[0024] FIG. 1 is an environmental diagram depicting common hardware components of the copyright protection system and a peer-to-peer computer network:
[0025] FIG. 2 is a logical communication diagram of a peer-to-peer computer network;
[0026] FIG. 3 is a logical communication diagram of the copyright protection system;
[0027] FIG. 4 is a logical communication diagram of the copyright protection and a peer- to-peer computer network;
[0028] FIG. 5 is an illustrative flow chart depicting search functionality for the copyright protection system;
[0029] FIG. 6 is an illustrative flow chart depicting memory search functionality for the copyright protection system;
[0030] FIG. 7 is an illustrative flow chart depicting a file verification routine of the copyright protection system.
[0031] FIG. 8 is an illustrative flow chart for providing perfidy file serving functionality to the copyright protection system;
[0032] FIG. 9 is an illustrative flow chart depicting auto-competition functionality of the copyright protection system; and [0033] FIG. 10 is an illustrative flow chart depicting messaging functionality.
DETAILED DESCRIPTION OF THE INVENTION
[0034] The present invention comprises a system and method for gathering information about the distribution of illegal or unauthorized digital files in a distributed network
environment, referred to as peer-to-peer networks, and depicted in FIG. 2. Certain aspects of the
invention are also applicable to the Internet in general. Where infringing digital content has been
identified, the invention also provides for active and passive measures for reducing the availability of file sharing capability within the distributed file sharing network, and reducing the unauthorized distribution of copyrighted digital files on the distributed network.
[0035] A logical communication diagram of the copyright protection system hardware 10 and its general interconnection to the internet and a peer-to-peer network 200 is shown in FIG. 1. The hardware comprises at least one computing system 11, such as a PC, blade, or similar computing device, configured for access to the Internet and having at least one internet protocol (L?) address. The system hardware should further comprise at least one router 13, at least one storage server 14, at least one database server 15, and at least one system server 16. In the preferred embodiment of the invention, system server 16 provides overall control and coordination of the enforcement system 10, we refer to this function as the network controller 40, as shown in the FIGS. 3 and 4 . A cluster controller 50, which may be implemented in system server 16 or database server 15, communicates with network controller 40 instructions to a node controller 60 for implementation by at least one module 70, resident on node controller 40. Node controller 60 and module 70 are resident on each computing system 11, referred to as a policing unit. Each module 70 corresponds to a particular peer-to-peer network, such as Kazaa, Gnutella, or the like, over which the system 10 will operate to enforce copyright protection. This multi- tiered structure provides enhanced system security and facilitates cloaking the enforcement system from the target file sharing networks. [0036] The system and method generally comprise the steps of a) a search, to locate suspect digital files, b) verification of the suspect digital files against a database of protected
digital files, and the alternative steps of c) competing with the illegal file sharing site, d)
notifying authorities of the presence of illegal copies of protected files, and/or e) neutralizing the site or node containing the illegal copy of a protected digital file. In the system, each element or step may be conducted concurrently by one or more policing units 11 having access to the
network. The system and method of the present invention is applicable to all types of peer-to- peer distributed file sharing systems.
[0037] Generally speaking, a given peer-to-peer network 200 will require a specific software application, or first control application, to provide access to the peer-to-peer network. The distributed network 200, depicted in FIG. 2, comprises a plurality of client nodes 201 and index nodes 202. Depending on the network, the software code may be either open source, where it may be viewed and altered to directly accomplish the objects of the present invention, or it may be closed source code, which would generally restrict direct modification of the software application to achieve the objects of the invention. In either event, the present invention provides a method of protecting digital content in a distributed file sharing network. [0038] The first step in the present invention is to provide at least one computer system or computing device, which we refer to as a policing unit 11 with at least one first control application to establish and maintain communications with a peer-to-peer network 200. Additional first control applications may be provided to policing unit 11 to establish and maintain communications for each of a plurality of peer-to-peer networks, wherein each of the plurality of first control applications comprises a module 70 within the enforcement system. To be an effective monitoring or enforcement tool, it is desirable for policing unit 11 to appear as though it is merely one of many systems or nodes 201 comprising the peer-to-peer network 200. Accordingly, policing unit 11 is provided a software application corresponding to the particular
peer-to-peer network of interest, the application itself providing a part of the cloaking
functionality 75 of the copyright protection scheme, as depicted in FIGS. 3 and 4. When the peer to peer client software, or first control application is started on policing unit 11, it is configured
with a very long username, such that any other username which fits the criteria would not fit in
its place within memory. A memory searcher, such as that shown in FIG. 6, comprising an
element of our second control application, then searches a memory space of policing unit 11 to locate the unique long username and the known current internet address of the policing unit 11 to determine their position within the memory space. The position information provided by the search permits our application to overwrite this information to provide other aspects of cloaking functionality 75 for policing unit 11. Because the memory space position occupied by the username and internet address may change during use, they are routinely monitored by our second control application. Upon detection of a position or content change, our second control application terminates the client session and initiates a new client connection, thus disconnecting the policing unit 11 and initiating a new connection to the peer-to-peer network 200. Ideally, policing unit 11 will have sufficient resources such as bandwidth, storage media, processor speed, or digital content, such that it will be accepted by the network as an index node 202, thereby facilitating the objects of the invention. [0039] Once policing unit 11 enters the particular network of interest, search functionality 73, such as that shown in FIG 5, is provided to perform the task of identifying digital content shared within the network as suspect or unauthorized. Search functionality 73 comprises a search engine, which is usually provided with the client software for the file sharing network. A search for suspect digital files meeting predefined search criteria corresponding to the parameters of a protected digital file, attempts to match files stored on a storage server 14
with data pertaining to the protected files maintained on a database server 15. The search criteria
may be based on alphanumeric data, such as the title and/or derivatives of its title. It may also be
based upon such other items as the artist, producer, year, and other descriptions, which are often
incorporated into metadata encoded with the digital content. For digital content protected by water marks, an MD5 hash or other unique identifying indicia found in the art, the search may be based on those.
[0040] To a large extent a search based on any of these parameters will be αuite successful since one of the objects of the file sharing networks is to facilitate the sharing and distribution of digital content for the users of the network. Where the original digital content has been stripped of the foregoing identifying indicia, more advanced search techniques may be required. The parameters for the protected digital content are maintained on a protected digital content database 15 accessible via system connections by policing unit 11. To facilitate the identification of suspect digital content, search functionality 73 further comprises, as part of our second control application, emulation of the keystrokes, mouse clicks, or other user inputs to enter the search parameters and execute a search through the peer-to-peer network client software application at a high rate of speed. This emulation is provided through the use of application program interface (API) calls directly to the peer-to-peer client software. In practice, these API calls should be recognized by any peer-to-peer client software, as they are part of an operating system's method of communicating with software. This emulation in turn allows our second control application to control any user-controlled action that is taken by the peer-to-peer client software such as searching, downloading, and browsing, all at a substantially faster rate than manual inputs. Moreover, it permits tasks within our system to run without user intervention at the policing unit 11.
[0041] The resultant data from the search engine of the network application, and retrieved
from an index node 202, is returned to policing unit 11 and stored in a memory space of the
device. A subset of the resultant data may be displayed on a monitor, or similar device,
providing a visual indication of availability of the suspect digital content in the file sharing
network 200, usually through one or more graphical representations of the source 201 or client node 201 that is sharing the suspect digital content.
[0042] With an open source network application the content and location of the resultant data in memory may be ascertained directly from an analysis of the application program. Moreover, the open source program may be modified to integrate the functions of the second control application into a single control application. Where such integration is possible, the basic network functionality comprises the first control application of the present invention, and the modifications thereto would comprise the second control application of the present invention. [0043] In the closed source program, this information may not be readily available.
Indeed, it may be an object of a particular network program to mask or obscure certain information from the client 201. In this case, the screen display may be used to identify certain keywords upon which a query of the memory space of policing unit 11 may be made to locate the remainder of returned search data resident in the memory space. Here again, we utilize API calls to determine the textual contents of the screen display, such that any text data presented on the screen by the client software is readable by our system. This data and its associated data resident in the memory space will normally provide more detailed transaction information regarding the source and content of the suspect digital file. A memory searcher, such as that depicted in FIG 6, and comprising a part of the second control application, may be employed as part of search functionality 73 to retrieve the masked transaction data. Information sets containing invalid
information are filtered, and complete results are sent to the cluster controller 50 for further
action. Report results, or data sets, obtained according to memory searcher, or otherwise
returned to policing unit 11 during implementation of search functionality 73, may be stored and
updated in a centralized suspect content database, which may also be integrated in database server 15.
[0044] Upon completion of a search, or after the search has exceeded a preset time limit, the policing unit is disconnected from the network 200 and reconnected, such that multiple index nodes 202 are used for each search. Each time our policing unit 11 establishes a client peer-to- peer connection 1, shown in FIG. 4, the index node 202 it connects to is recorded such that duplicate searches can be avoided.
[0045] The suspect database information may include such elements as: a) IP Address; b)
TCP Port; c) Index Node IP Address; d) Index Node TCP Port; e) Firewall IP Address (if present); f) firewall Status; g) File Hash; h) File Name; I) File Size; j) Username; k) Bandwidth; 1) Times Found; m) First Found; n) Last Found; o) Search Used; p) First Activated; q) Last Activated; r) Active Status; s) Maximum Uploads; t) Unlimited Status; u) Deactivated Status; v) First Deactivated; w) Last Deactivated. As may be readily seen, some data fields will be obtained directly from the memory space data, while others will be derived from subsequent searches returning an identification of the same node or digital content. [0046] Before any remedial action is initiated, it is desirable to verify that the suspect digital files identified by the search engine are in fact unauthorized copies of a protected digital file. Source verification 80, such as that shown in FIG. 7, is performed to avoid subsequent auto- competition 74 of a client node 201 that does not maintain or distribute infringing content. Furthermore verification 80 provides a means for updating the protected digital content database
by storing the identifying indicia of alternative embodiments of infringing digital content
distributed through the file sharing network, thereby facilitating subsequent file searches 73 and verification 80.
[0047] Verification is accomplished by downloading the suspect file and comparing various identification indicia for the file to that of the protected digital file. After retrieval of the suspect file, the file is moved to the cluster storage and tagged as an unverified file. A signature
generation system is run on the unverified files as they appear in the cluster controller 50. After a
signature is generated on the suspect file, it is compared against a known set of signatures, or identifying indicia, by the signature verification system 80. The results of the comparison are then returned to the cluster controller 50, which updates its records and messages the network controller 40 the verified file characteristics. In turn, the network controller 40 shares this information such that other cluster controllers 50 may avoid repeating the verification process for duplicates of the suspect file.
[0048] Such identification indicia may include for example a watermark inserted into the original protected work. Where the suspect digital content is in a format different than the original or its identification data has been stripped, an MD5 hash may be generated for the file which is then compared to a hash derived for the original protected content. Various types of verification methods according to this procedure are readily available in the art with many having accuracies of 98-99% or better. [0049] As a part of cloaking functionality 75, source verification 80 is initiated on the user side of the peer-to-peer interface software, such that it is the file which is distributed via the software to other users of the peer-to-peer network that is compared to verify that the file is indeed a pirated iteration of the protected file. In the preferred embodiment, source verification
80 does not occur on the distributed computer network side 200 of the interface software, thus
the policing unit 11 appears to be just another application client node 201.
[0050] The identification indicia of a protected file is maintained in a protected files database resident on storage server 14. Similarly, identification data for each downloaded suspect file is maintained in a suspect file database to facilitate verification of subsequent downloads from other client nodes 201 in the network 200, or perhaps the same node upon its later connection to the network under a new dynamically assigned IP address. Where a match is obtained, the downloaded content is identified as infringing content and the identification data corresponding to the user node from which the infringing content was downloaded is retained in an infiinger database as an identified or at least a partially identified infiinger. Once the downloaded digital file is verified as infringing digital content, any of the following enforcement
actions may be taken individually or in combination.
[0051] Competition functionality 72 for clients 201 of the distributed network 200 is a first alternative enforcement means. Competition is implemented through the peer to peer client software, bandwidth shaping, and the emulation of peer-to-peer client software. Competition may be considered a passive enforcement measure that has the effect of reducing the relative availability and ease obtaining infringing copies of protected digital content through the file sharing network by users 20. It is considered passive in that a policing unit 11 merely provides access to competitive digital content for download by peer-to-peer users. The competitive content is identified when a peer-to-peer client 201 initiates a search for a protected digital file. The method comprises receiving requests and fulfilling requests for infringing content and providing a defective, or perfidy version of the content which does not satisfy the user. [0052] In our system, the defective versions or perfidy files are generated through perfidy
generator 100, as shown in FIG 8. The perfidy files, comprising competitive content, may be
completely or partially defective as a result of degraded visual or audio quality, insertion of large amounts of unwanted material, or it may be totally irrelevant to the desired materials sought by
the user 20. The competitive content may also include notices according to the next alternative enforcement measure to further dissuade users from distributing infringing content within the file
sharing network 200. The perfidy files are stored in a central NAS storage 110, and are shared by one or more policing units 11.
[0053] To avoid immediate detection or recognition as an unsuitable file, the identifying parameters of the competitive content, such as its file size, metadata, watermark, or hash, as displayed on the user's search result should closely match that of the protected digital content desired by the client 201. A plurality of competitive files, each conesponding to a protected file are maintained in a centralized competitive content database 110, accessible to policing units 11. [0054] In most peer-to-peer networks 200, clients 201 are encouraged to share digital content in exchange for their participation in the network. In some instances providing shared digital content is a requirement for continued participation. Accordingly, in order to appear as a viable network client, a policing unit 11 should provide or at least appear to provide shared digital content for the benefit of the host network 200 and its clients 201. [0055] As a client 201 initiates a search for a protected file through the peer-to-peer search engine, the client's search result will include identification of competitive file content apparently shared by policing unit 11. As with cloaking of the policing units 11, the perfidy is cloaked to resemble the original digital content. By rewriting the memory space identifying the perfidy file to clients 201 and index nodes 202, the identifying indicia of the perfidy file, which will likely have a different hash than the original, can thus appear to the client 201 as the desired
copyrighted file. Upon selecting the content shared by policing unit 11, the client 201 would
then download competitive content according to the standard network procedures as shown by
connection 5, of FIG. 4. The competitive content resident in perfidy storage 110 is distributed to the client by policing unit 11 through perfidy distributor 120. Thus, the client 201 receives
content in reply to his request, which preferably only partly corresponds to what he requested. Upon later use of the competitive content, such as by viewing or listening, the user discovers that the competitive content is sub-standard or unacceptable material. Thus, the client 201 has been thwarted in illegally receiving the desired digital content and may also be discouraged from further participation in the file sharing network.
[0056] Where a substantial quantity of competitive digital files are provided to the network at large, the client's 201 ability to obtain protected content is further diminished and the client 201 is discouraged from using the file sharing network as a source of digital content. Thus, in the prefened embodiment, a plurality of policing units 11 sharing the same competitive content will reduce the availability of infringing content in proportion to the number of policing units 11, or apparent policing units 11.
[0057] Of course, the presence of a single site that provides only defective content to the distributed network will be quickly detected not only by the client connected to the site but in many instances by the network at large. Once the competitive site has been identified, generally by its IP address, the site may be blocked by the network 200 or network clients 201 will avoid the site as they are otherwise informed of its undesirable content. According to the present invention, the copyright enforcement system contemplated provides for cloaking functionality 75 as a means of avoiding detection as an enforcement site, and provides for redundancy through a plurality of policing units 11 and a substantial bank of available fresh IP addresses for those
devices.
[0058] As discussed previously, cloaking functionality 75 is provided in the first instance by policing unit 11 entering the peer-to-peer network and appearing as any other client 201 or index 202 node on the network 200. Cloaking functionality 75 according to our system is further provided by redirecting an established connection between an enforcement policing unit 11 and a client 201 of the peer-to-peer network. This is accomplished according to the data stored in the memory space of policing unit 11 which conelates to the connection established, IP address and TCP port, with the peer-to-peer client 201. The IP address may be redirected to any of a large volume of associated IP addresses and ports used by or available for use by policing units 11. Moreover, each policing unit 11 may be configured to simultaneously operate over a plurality of IP addresses such that each physical policing unit 11 may appear to the network 200 as being a plurality of client 201 or index nodes 202, each having its own IP address. With curcent technology each policing unit 11 may effectively utilize as many as 128 unique IP addresses. [0059] As discussed above, the memory space of policing unit 11 is searched to identify additional transaction data, particularly that establishing the connection of policing unit 11 to the distributed network 200. According to our system, the second control application is provided the ability to over write the memory space containing the established connection data with connection data that re-routs the connection to one of a plurality of policing units 11, called an associate or associated policing unit, having its own IP address selected from the database of available IP addresses. The associated policing unit 11 will then handle the transaction, in this case file sharing of the competitive content, with the client 201 of the distributed network. When policing unit 11 is operating on a plurality of IP addresses, the redirection may be made to one of its alternative IP addresses.
[0060] In most of the peer-to-peer network applications, the TCP port through which the
connection is established will normally be assigned to a default port. In instances where the
exact port is unknown, the memory space will need to be searched in order to ascertain the actual
port utilized. In other instances, the network application may run on a default port, but will
permit the user to specify an alternative TCP port for establishing connections. In this instance, we specify our own port which allows us to more nanowly focus our memory space search for the specified port. This permits a more reliable search of the memory space to determine the location in memory to which the IP address and TCP port are stored. In each instance the memory space address is stored and the address rewritten to reflect the IP address and TCP port to a selected associated policing unit 11.
[0061] In some instances, the memory space may be reset to the original overwritten LP and port, usually as a result of the network software reestablishing connection to the distributed
network 200. Accordingly, the second control application should monitor the status of the memory space and rewrite the connection data redirecting the connection to the associate when required. We have found that querying the memory space for the status of IP address and TCP port every 250 ms provides an effective monitoring cycle.
[0062] By redirecting the connections to a plurality of associated devices 11 or IP addresses comprising a network of policing nodes 11 within the distributed network 200, the enforcement system 10 of the present invention may take advantage of the benefits of the distributed nature of the peer-to-peer network architecture and engage in distributed enforcement. Where one or more policing units 11 can acquire status as an index node 202 within the network architecture, it has the ability to redirect a greater proportion of the client 201 traffic to one of its associates. Thus, client 201 searches for protected digital content received by a policing index
node may be answered by directing the client 201 exclusively to competitive content.
[0063] To be most effective policing associates 11 should appear desirable for downloads
to the network clients. Accordingly, the system of the present invention maintains a centralized
database of all its associates' IP addresses which is continually updated to reflect the status of the associates at each of their LP addresses. The database maintains information regarding each LP address, such as connections established, bandwidth available and other characteristics that users of the file sharing network find desirable in deciding upon which node they will download
content. The database may also maintain usage statistics for each associate IP address or port relevant to the enforcement program including last used, duration used, times used, and a block detection flag which is set when an IP is deemed "dead", i.e. that it has been blocked or is no longer used by the network users. Preferably, the associates report directly to the database for real time updating.
[0064] When redirection is desired the database is queried and the IP address of the most favorable associated policing unit 11 is returned. Assignment of IP addresses is coordinated by overlord 40 and communicated through cluster controller 50 to node controller 60. This IP address is used to write over the IP address in the policing unit 11 memory space, and to further facilitate the cloaking of the redirected connection, the memory space is rewritten with the network's default TCP port. By redirecting the client 201 connection to an associate policing unit having the most favorable connection characteristics, the enforcement policing unit 11 can make the competing digital content appear more attractive for downloading by the user, thereby reducing the distribution of infringing content. Moreover, because the IP address database also maintains usage statistics for its associates, IP addresses which have been blocked or otherwise identified by the network or its clients as enforcement nodes may be removed from consideration
as a redirected site offering competitive content so that other undetected associates may be substituted.
[0065] An alternative enforcement measure contemplated by the invention is providing a
copyright infringement notice to clients 201 providing infringing content over the peer-to-peer network. Where an infringing user is sufficiently identifiable, an infringement notice may be transmitted via e-mail or similar means. In many instances this may sufficiently deter the infringing client from further distribution of infringing content. To obtain source identifying data, a WHOIS look up based on the IP address of the source may for example be initiated to identify the company owning the IP address or alternatively, the abuse handle for the ISP servicing the IP address. The notification of the infringing activity can be made by preformatted e-mail transmitted to the infringing party by the second control application, or the identifying
information may be reported to the copyright owner via statistics display system 20 for alternative notification methods. The information may also be provided to the respective internet service providers (ISP) in order to obtain the identity of its subscribers in order to effectuate service in legal proceedings to enforce the copyrights. A process for providing messaging functionality 71 is shown in FIG. 10.
[0066] Alternatively, the collected information may be derived for other reporting purposes. In this instance, a participating copyright owner can be given information such as the volume of infringing content distributed by a network. The data may also be utilized to show the popularity of particular titles, artists, etc. Similarly, the data may be used as a marketing tool to solicit other copyright owners to utilize the services provided through the invention. Reporting is accomplished through statistics generator 30 and a secure connection for the recipient of the report is provided via statistics display system 20.
[0067] Once the infringing content has been found and verified, the infringing site may
be also be neutralized via active auto-competition. Again, to avoid detection, it is preferable that
the auto-competition agents, which may also be associated policing units 11 used in passive competition, should appear to be regular nodes 201 of the peer-to-peer network 200. The auto- competing agents 11 preferably use the features of the file sharing system in order to perform various attacks on distributors of illegal content, as will be described in more detail below.
[0068] The infringing site may be neutralized through auto-competition by utilizing the network application to initiate a plurality ot simultaneous downloads of the infringing content using several connections (either via a single "auto-competition agent" or via several coordinated "auto-competition agents"), as depicted by connection 3 in FIG. 4. Preferably, the number of simultaneous downloads is such that they either saturate the system resources of infringing node 203, or they reduce the available computing device resources of the infiinger such that other clients 201 or an index node 202 of the distributed network would not find the infringing node 203 a desirable site from which to initiate their download. Coordination of auto-compeition agents 11 may be provided through cluster controller 50 or network controller 40. [0069] We have found that in certain shared file networks, a saturated system 203 will signal an index node 202 that it is unavailable for downloads. Consequently, it will not be listed or appear as a source for the digital file to other clients 201 in the shared file network. When used in conjunction with competitive enforcement, the effectiveness of policing associates 11 in reducing the proliferation of infringing digital files is significantly enhanced. Figure 9 depicts an exemplary process for providing auto-competition functionality 74 to copyright enforcement system 10. [0070] For added efficiency in auto-competing an infringing site 203, auto-compeition agent 11 may initiate a download connection with an infringing client 203 at a low transfer rate
sufficient to just avoid timing out the connection protocol. Similarly, once the connection is
established, the transfer rate of the download may be manipulated by the second control application so as to tie up the infringing system's 203 resources for a longer period per
connection. This aspect may be implemented in either the transport protocols or through
software, and is depicted in the subroutine at the bottom of Fig. 9.
[0071] In addition to manipulating the connection and file transfer rates, we have also found a particularly effective technique in reducing the availability of an infringing site to the network. According to our prefened technique, the download from infringing node 203 may be cancelled immediately prior to its completion. Concunent with or immediately thereafter, auto- competition agent 11, or an associated auto-competition agent 11, initiates a subsequent connection request. This permits the agents 11 to get in the infringing node's queue, or relative queue, before infringing node 203 has had an opportunity to notify its associated index node 202 that it is again available for download, thereby preventing participating network clients 201 from seeing the infringing node 203 as a source of digital content. Thus, auto-compeittion agents 11 can effectively eliminate the infringing node 203r from appearing as a shared resource in response to search engine queries, effectively eliminating its ability to share infringing content with the network 200. [0072] According to our method, the timing of the cancellation signal is determined by dividing the file size of the infringing content by the size of the file transfer segment utilized by the file sharing network so that the number of file segments required by the file transfer is determined. Once the next to last segment has been received by the neutralizing agent, the connection to the infringing node is aborted. The cancellation signal may then be used to trigger
a new connection request by the same policing agent 11 or it may be handed off, via system
server 16, to an associated policing agent 11.
[0073] To conserve policing unit resources to permit broader enforcement, other information provided on the infringing node 203 may be exploited by our enforcement system. In some peer-to-peer networks, a client 201 may allocate a certain number of connections his or her computing device may accept. Alternatively, they may allocate a certain bandwidth dedicated to file sharing network 200 activities. This information is communicated to the respective index nodes 202 via the network application program, and in some instances may be received in the memory space of enforcement policing unit 11. Armed with this information the enforcement system 10 may conserve its resources by allocating only enough assets to saturate
the infringing node 203, according to its "published" capacity.
[0074] Where this information is not available, the enforcement system 10 may need to monitor the status of the infringing node 203 to determine whether sufficient assets have been committed to neutralize the target. For example the infringing node 203 may be iteratively targeted for download connections by auto-compeition units 11. As each connection 3 is established to the infringing node 203, the availability of the node 203 for download may be determined by initiating iterative search requests for the infringing content. When the infringing node 203 fails to appear as a source for the infringing content in the search result, the infringing node 203 has been effectively neutralized, regardless of whether its resources have been completely exhausted, since it will no longer be shown to the other peer-to-peer clients 201 on the index nodes 202 as a source for infringing content. [0075] As previously noted, detection of enforcement systems offering corrupt content will often lead to blocking of such enforcement systems. We expect that the same will be true
for the auto-competition agents of the present invention. However, we can utilize the same
memory space over writing techniques of the present invention as discussed in the context of
competition to provide cloaking functionality 75 to auto-compeittion 74. In this case, the attacks
may be coordinated and distributed via network controller 40, to other participating auto-
competition agents 11 which may utilize any of the large number of banked IP addresses available to system 10.
[0076] In our prefened embodiment, cloaking functionality 75 comprises overwriting the memory space to reflect to the network application internally it is communicating over a TCP port or LP address that is not the TCP port or LP address that the program is residing and communicating on. As discussed in the foregoing, this remapping is implemented in both competition and auto-competition as a means of distributing the enforcement from one machine to a plurality of machines. A significant additional benefit of this technique is that it provides a conduit through the respective network application through which the second control application
of our system may more efficiently carry out the steps of the enforcement system. Thus, cloaking functionality 75 may further comprise, the first control application providing masking of the operation of the second control application through which searching 73, verification 80, messaging 71, perfidy file serving 72, and neutralization 74 may be implemented. [0077] In the competitive situation, the conduit permits our second control application to more efficiently distribute the competitive digital content by overcoming deficiencies inherent in some of the network 200 file transfer protocols. The conduit also provides us the ability to monitor and record transaction data as it occurs. The conduit gives us the ability to manipulate the file transfer rate based on implementation; for example fast for competition, slow for auto - competition. Similarly, bandwidth shaping can be implemented to affect transfer rates.
Moreover, the conduit provided through the network application permits our search results to be
more proliferated, which permits a limited number of actual competing systems to appear as
substantially more. Most significantly, we can achieve each of these aspects of the invention while the network application provides our enforcement system 10 the benefits of masquerading as normal network client 201 and index nodes 202.
[0078] Often an firewall software or device 204 will protect an infringing node 203. In the case of a firewall 204, the auto-competition agent preferably initiates a "push" request using methods that are supplied by the file sharing system, thereby causing the distnbutor to initiate trie infringing file transfer with the infringing node 203 (either by opening a connection to the infringing node 203 or by transferring the file over existing connections through the firewall 204). The auto-competition agent 11 thus takes advantage of the fact that the firewall protection scheme needs to leave openings to allow regular functioning of the node in order to participate in the file sharing network
[0079] Enforcement against firewalled sources (clients) 205, poses a slight problem since our enforcement system is targeted to specifically identified infringing nodes 203. Enforcement against a specific node requires identification of the firewall address, username, and the local (firewall protected) address of the infringing node. When a connection is made from a firewalled source 205, it appears as though it originates from the firewall address 204. To determine file requests from a firewalled source 205, we store its firewall endpoint address 204 and its index node endpoint 202, as well as name, and other identifying data. A blank is left in the database for its local (firewalled) address 205, until the local address is identified. If the firewall address 204 has been previously is stored in the database, with its local address 205, we simply request a file associated with that record.
[0080] If the local address 205 is not contained in the database, the system initiates a request for a false file, based on a randomly generated hash. Whether or not the hash is in fact
associated with a file on the firewalled client 205, the firewalled client 205 returns information,
specifically its local endpoint 205, super node endpoint 202, and username. This information is then used to coalesce a possible set of sources. When a source is deemed a sufficient match, the firewall address 205 the connection originated from is placed within the blank in the database for that source record for future reference in the system.
[0081] While the methods and system disclosed herein may or may not have been described with reference to specific hardware or software, it has been described in a manner sufficient to enable persons of ordinary skill in the art to readily adapt commercially available hardware and software as may be needed to reduce and practice the invention without undue experimentation and using conventional techniques.
[0082] It should be understood that certain features of the invention may also be provided in combination in a single embodiment. Conversely, various features of the invention which are, described in the context of a single embodiment, may also be provided separately or in any suitable alternative subcombination.
[0083] Persons of skill in the art will appreciate that the present invention is not limited to what has been particularly shown and described hereinabove. Rather the scope of the present invention is defined by the appended claims as well as variations and modifications thereof which would occur to persons skilled in the art upon reading the foregoing description.

Claims

I claim:
1. A method of digital content reproduction enforcement in a distributed file sharing network comprising the steps of: providing a first control application to at least one policing unit for participating in said distributed file sharing network; searching said distributed file sharing network utilizing said first control application to locate at least one source of a suspect digital file on said distributed file sharing network, said suspect digital file meeting predefined search criteria conesponding to a protected digital file; receiving a search result of said first control application in a memory space of said policing unit, said search result identifying said at least one source of said suspect digital file; downloading at least a portion of said suspect digital file from at least one said source to through said first control application; providing a second control application verifying that said downloaded suspect digital file is an unauthorized copy of said protected digital file; and identifying said source of said unauthorized copy of said protected digital file as an infringing source and said suspect digital file as an infringing digital file.
2. The method of claim 1 wherein said first control application is software for said distributed file sharing network.
3. The method of claim 1 wherein receiving a search result of said first control application further comprises providing said search result to a display unit of said policing unit.
4. The method of claim 1 further comprising the step of searching said memory space for identification data conesponding to said infringing source.
5. The method of claim 1 further comprising the step of auto-competing said infringing source wherein said policing unit initiates a plurality of downloads of said infringing digital file from said infringing source.
6. The method of claim 5 wherein said auto-competing further comprises analyzing said search result to determine parameters defining a file sharing capacity of said infringing source; and initiating sufficient downloads to deplete a substantial portion of said file sharing capacity of said infringing source.
7. The method of claim 5 wherein a plurality of policing units cooperatively auto-compete said infringing source.
8. The method of claim 5 wherein said policing unit initiates a download connection to said infringing source at a substantially reduced communication rate.
9. The method of claim 8 wherein said substantially reduced communication rate is sufficient to avoid timing out.
10. The method of claim 5 wherein said download of said infringing digital file is rate limited.
11. The method of claim 5 wherein said download is aborted before completion.
12. The method of claim 11 wherein said download is terminated before transmission of a last file segment of said infringing digital file.
13. The method of claim 11 wherein a subsequent download is initiated to said infringing source concunent with aborting said neutralizing download.
14. The method of claim 1 further comprising the step of providing a defective copy of said protected digital file for sharing on said distributed file sharing network, said defective copy having identifying indicia such that it appears to be a protected digital file when searched by a control application of said distributed file sharing network.
15. The method of claim 1 further comprising the step of providing notice of the presence of a protected digital file on said digital file sharing network; said notice provided to a group consisting of an owner of rights in said protected digital file, law enforcement authorities, said at least one source of said shared digital file, or an internet service provider of said at least one source of said shared digital file.
16. The method of claim 1 further comprising the step of auto-competing said at least one source of said shared digital file; wherein said step comprises initiating a plurality of download requests directed at said at least one source of said shared digital file such that said download requests substantially deplete a computing system resource of said source of said shared digital file, said computing system resource required for said source to participate in said distributed file sharing network.
17. A method for deterring unauthorized duplication of digital file content on a distributed computer network wherein computers on said network are enabled to perform peer to peer file transfers and file searches using dedicated software applications, comprising the steps of: initiating a search for unauthorized content on other computers in the distributed computer network using said dedicated software application on at least one policing computer; storing the results of said search in a memory location; requesting transfer of a copy of any file located as a result of said search; comparing each transferred copy of a file to a known file for identity of digital content to determine authorization status as authorized or unauthorized; identifying each substantially identical unauthorized file with a source computer on said
distributed computer network;
identifying all available data regarding said source computer from the contents of said memory;
generating a plurality of simultaneous, concunent, or sequential requests for transfer of
said file from said source computer to a plurality of IP addresses, creating a psuedofile emulating said identical unauthorized file with a file abenation
therein and naming said psuedofile with the same name as said unauthorized file in a memory location accessible to users on said distributed computer network using said software application.
PCT/US2004/035782 2003-10-29 2004-10-28 Method of protecting copyrighted digital files in a distributed file sharing network WO2005045624A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US69678303A 2003-10-29 2003-10-29
US10/696,783 2003-10-29

Publications (2)

Publication Number Publication Date
WO2005045624A2 true WO2005045624A2 (en) 2005-05-19
WO2005045624A3 WO2005045624A3 (en) 2005-12-22

Family

ID=34573242

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/035782 WO2005045624A2 (en) 2003-10-29 2004-10-28 Method of protecting copyrighted digital files in a distributed file sharing network

Country Status (1)

Country Link
WO (1) WO2005045624A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007059224A2 (en) 2005-11-15 2007-05-24 Tiversa, Inc. System for identifying the presence of peer-to-peer network software applications
DE102006011294A1 (en) * 2006-03-10 2007-09-13 Siemens Ag Method and communication system for the computer-aided finding and identification of copyrighted content
USRE47628E1 (en) 2005-04-12 2019-10-01 Kroll Information Assurance, Llc System for identifying the presence of peer-to-peer network software applications

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020087885A1 (en) * 2001-01-03 2002-07-04 Vidius Inc. Method and application for a reactive defense against illegal distribution of multimedia content in file sharing networks

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020087885A1 (en) * 2001-01-03 2002-07-04 Vidius Inc. Method and application for a reactive defense against illegal distribution of multimedia content in file sharing networks

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
USRE47628E1 (en) 2005-04-12 2019-10-01 Kroll Information Assurance, Llc System for identifying the presence of peer-to-peer network software applications
WO2007059224A2 (en) 2005-11-15 2007-05-24 Tiversa, Inc. System for identifying the presence of peer-to-peer network software applications
EP1955185A4 (en) * 2005-11-15 2016-08-10 Tiversa Ip Inc System for identifying the presence of peer-to-peer network software applications
DE102006011294A1 (en) * 2006-03-10 2007-09-13 Siemens Ag Method and communication system for the computer-aided finding and identification of copyrighted content

Also Published As

Publication number Publication date
WO2005045624A3 (en) 2005-12-22

Similar Documents

Publication Publication Date Title
US9177120B2 (en) Method and application for a reactive defense against illegal distribution of multimedia content in file sharing networks
US6732180B1 (en) Method to inhibit the identification and retrieval of proprietary media via automated search engines utilized in association with computer compatible communications network
US8312080B2 (en) System and method for searching for specific types of people or information on a peer to-peer network
US20050114709A1 (en) Demand based method for interdiction of unauthorized copying in a decentralized network
US20050091167A1 (en) Interdiction of unauthorized copying in a decentralized network
US20050267945A1 (en) Systems and methods for deterring internet file-sharing networks
US20070078769A1 (en) Anti piracy system in a peer-to-peer network
CA2601471A1 (en) Method, apparatus and system for interfering with distribution of protected content
Hatta Deep web, dark web, dark net A taxonomy of “hidden” Internet
Kügler An analysis of gnunet and the implications for anonymous, censorship-resistant networks
AU2008287031B2 (en) A method and system for tracking and optimizing advertisements on a decentralized network
US20040010495A1 (en) Method and apparatus for limiting unauthorized copying of copyrighted works over the internet
US10817592B1 (en) Content tracking system that dynamically tracks and identifies pirated content exchanged over a network
WO2005045624A2 (en) Method of protecting copyrighted digital files in a distributed file sharing network
KR100457425B1 (en) Digital right management system
Balhara A Review on Torrent & Torrent Poisoning over Internet.
Hui et al. Tools and technology for computer forensics: research and development in Hong Kong
WO2005071517A1 (en) Method and device for rendering the protection of electronic data against pirate copying in a network more effective and avoid filtering systems
Maioli et al. Control of file exchange of illicit materials in peer-to-peer environments
Ookita et al. Index Poisoning Scheme for P2P File Sharing Systems with Low Spatial and Network Costs (Preliminary Version)
Zadgaonkar et al. Digital Forensic Investigation Challenges in p2p Networks
Steinebach et al. Discouraging File Sharing Piracy by Search Response
Bartoszek " Deemed Distribution": How Talking about Music Can Violate Copyright Law
Zadgaonkar et al. Generic Model for Forensic Investigation of p2p Networks
Korba An autonomous approach to proactive computer crime investigation

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: COMMUNICATION UNDER RULE 69 EPC ( EPO FORM 1205A DATED 06/10/06 )

122 Ep: pct application non-entry in european phase