Network security system and method

Abstract

In a security system for network communications with client devices, each client device has a communication module for communicating with at least one server over a network, a data storage module for storing one or more covert data values of one or more operational events at the client device, and a covert identifier generating module which creates at least one covert identifier based on the stored covert data values. The covert identifier is provided in one or more network messages to the server, or otherwise sent to the service provider, and may be provided in response to a specific request received over the network, or routinely in one or more messages normally involved in network communications. The server compares covert identifiers received from client devices having the same client identifier in order to detect possible clones.

Description

RELATED APPLICATION[0001]The present application claims the benefit of co-pending U.S. provisional patent application No. 60 / 760,475 filed Jan. 20, 2006, which is incorporated herein by reference in its entirety.BACKGROUND[0002]1. Field of the Invention[0003]The present invention relates to network communications between a server and client device, and is particularly concerned with a network security system and method for detecting clones of true or properly registered client devices attempting to steal services without payment or otherwise mimic a real client device.[0004]2. Related Art[0005]In a distributed computing environment, pirates attempt to steal services by creating multiple clients with credentials identical to a valid client or authorized subscriber, thereby allowing non-paying subscribers to share (steal) the services of a paying authorized subscriber. Since the credentials appear valid, the server sends broadcast keys or the like to such clones, enabling non-authoriz...

AI Technical Summary

Benefits of technology

[0010]The client device may be any type of computing device capable of receiving and / or sending data over a network, such as set top boxes (STBs), personal computers, game consoles, cellular phones, personal digital assistants (PDAs), video equipment, smart cards, and the like. The covert identifier generated for the client device may comprise one or more covert data values collected and stored by a client device, or a transformed version of such covert data values, and may be based on any operational characteristic or event of a client device which changes over time and which can be stored by the client device, or by the client device and server. The covert identifier may be a token or value provided by the server, or may be a combination of client and server generated covert data values. An operational characteristic of a client device as referenced herein is an event which occurs at or in connection with the client device and which is unique to that particular client device, such as a time at which a predetermined operational event occurs, for example sending or receiving a predetermined message at the client device or server, a firmware update, a delay time between sending a message to the network and receiving a response from the network, the time when the nth network packet is received at the client device, the number of times a certain operational event occurs, a token sent to the client device from the server, a count of Entitlement Control Message (ECM) packets received, a channel the client device was tuned to at a predetermined time, number of channel changes in a predetermined time, a register value contained on a chip in a client device, and so on. In the case of a smart card, the operational characteristic used to generate covert data may be a time of first use of the smart card, the microsecond time when the smartcard was used for a certain operation, the total number of data bytes processed by the smartcard at a certain time or captured at a certain event such as a broadcasted event trigger, or any other operational data, count, or event occurring during the use of the smartcard, for example. In the case of a mobile phone, call logs at the phone may be used to generate the covert identifier, by processing the call log with a hashing function to generate an identifier which is unique to that phone. The operational characteristic is one which is created by operation of a particular client device and is therefore not easily hacked or duplicated by a cloned client device, for example the microsecond time of day that an event occurred or a trigger occurred, or new data was captured. Covert identifiers may be updated periodically using new operational events to provide the covert data values, to further reduce the risk of successful hacking.

Problems solved by technology

Such cloning techniques are a significant problem to network providers.

Cloning of smart cards also causes significant problems to providers of such services as well as the authorized card users.

The client library of covert data values is periodically updated, making it more difficult to conceal cloned devices from a server.

Images