Method to block unauthorized network traffic in a cable data network

US 7,792,963 B2
Filed: 09/04/2003
Issued: 09/07/2010
Est. Priority Date: 09/04/2003
Status: Active Grant

First Claim

Patent Images

1. A system for providing data filtering from a cable modem termination system (CMTS) in a cable data network consisting essentially of:

the CMTS, wherein the CMTS comprises a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the CMTS (herein, “

downstream packets”

) and a number of packets originating from the subscriber device and sent to the CMTS (herein, “

upstream packets”

), and a data gateway agent;

a datastore accessible to the data gateway agent for storing a data transfer rule selected by a subscriber, wherein the selected data transfer rule comprises filtering criteria selected by the subscriber, andwherein the data gateway agent comprises instructions that cause the CMTS to;

receive a packet prior to receipt of the packet by the packet counter;

access the data transfer rule stored in the datastore;

use the filtering criteria to determine whether the packet violates the data transfer rule;

forward the packet to the packet counter for counting when the packet does not violate the data transfer rule; and

apply a corrective measure to the packet when the packet violates the data transfer rule.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention teaches methods and systems for subscriber blocking of unauthorized network traffic in a cable data network. The cable modem termination system (CMTS) incorporates a data gateway agent that filters unauthorized traffic thereby eliminating consumption based subscribers from being responsible for related service charges. Embodiments incorporate the use of packet filtering, hybrid stateful packet filtering, content filtering, application layer filtering and time based filtering. Greater acceptance of consumption based billing is achieved by having the filter settings directed by the subscriber.

96 Citations

View as Search Results

24 Claims

1. A system for providing data filtering from a cable modem termination system (CMTS) in a cable data network consisting essentially of:
- the CMTS, wherein the CMTS comprises a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the CMTS (herein, “
  
  downstream packets”
  
  ) and a number of packets originating from the subscriber device and sent to the CMTS (herein, “
  
  upstream packets”
  
  ), and a data gateway agent;
  
  a datastore accessible to the data gateway agent for storing a data transfer rule selected by a subscriber, wherein the selected data transfer rule comprises filtering criteria selected by the subscriber, andwherein the data gateway agent comprises instructions that cause the CMTS to;
  
  receive a packet prior to receipt of the packet by the packet counter;
  
  access the data transfer rule stored in the datastore;
  
  use the filtering criteria to determine whether the packet violates the data transfer rule;
  
  forward the packet to the packet counter for counting when the packet does not violate the data transfer rule; and
  
  apply a corrective measure to the packet when the packet violates the data transfer rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 24)
- - 2. The system of claim 1, wherein the filtering criteria comprise packet payload criteria and the instruction to use the filtering criteria to determine whether the packet violates the data transfer rule comprises determining whether the packet comprises the packet payload criteria.
  - 3. The system of claim 2, wherein the packet is an upstream packet and the packet payload criteria are selected from the group consisting of subscriber personal information, a telephone number, a social security number, a driver'"'"'s license number, a credit card number, and location information.
  - 4. The system of claim 1, wherein the filtering criteria further comprise a recurring time period and wherein the instruction to use the filtering criteria to determine whether the packet violates the data transfer rule comprises determining whether the packet is received during the recurring time period and comprises the packet payload criteria.
  - 5. The system of claim 1, wherein the filtering criteria comprise protocol type criteria and wherein the instruction to use the filtering criteria to determine whether the packet violates the data transfer rule comprises determining whether the packet that is received at the CMTS uses a particular protocol.
  - 6. The system of claim 1, wherein the filtering criteria comprise protocol criteria and the instruction to use the filtering criteria to determine whether the packet violates the data transfer comprises determining whether the packet received at the CMTS uses a particular protocol.
  - 7. The system of claim 1, wherein the gateway agent further comprises instructions that cause the CMTS to:
    - receive an upstream packet;
      
      create an entry in a connection database, wherein the entry in the connection database comprises an upstream packet identifier that identifies the upstream packet as originating from the subscriber device; and
      
      receive a downstream packet, wherein the filtering criteria comprises the upstream packet identifier, and wherein the instruction to use the filtering criteria to determine whether the packet violates the data transfer rule comprises determining whether the downstream packet comprises the upstream packet identifier.
  - 8. The system of claim 1, wherein the CMTS further comprises a billing agent and wherein the billing agent is configured to receive a subscriber count trigger and to transmit a count message to the subscriber comprising a current packet count upon the receipt of the subscriber count trigger.
  - 9. The system of claim 8, wherein the subscriber count trigger is selected from the group consisting of an end of billing cycle, a receipt of a subscriber count request message, a subscriber count exceeding a subscriber selected trigger amount, and a subscriber count exceeding data over a cable carrier selected trigger amount.
  - 10. The system of claim 8 wherein the billing agent is further configured to automatically transmit an electronic message identifying current subscriber data transfer counts to the subscriber upon the occurrence of the subscriber count trigger.
  - 11. The system of claim 2, wherein the cable network is a hybrid fiber coaxial cable network.
  - 24. The system of claim 1, wherein the gateway agent further comprises instructions that cause the CMTS to:
    - send the subscriber device a notification message when the packet violates the data transfer rule, wherein the notification message comprises a request for selection of an option from the group consisting of an option to allow the packet to be sent or received and an option to not allow the packet to be sent or received;
      
      receive a response from the subscriber device comprising the selected option;
      
      discard the packet when the selected option is to not allow the packet to be sent or received; and
      
      forward the packet to the packet counter for counting when the selected option is to allow the packet to be sent or received.

12. A method for providing data filtering from a cable modem termination system (CMTS) in a cable data network, wherein the CMTS comprises a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the CMTS (herein, “
- downstream packets”
  
  ) and a number of packets originating from the subscriber device and sent to the CMTS (herein, “
  
  upstream packets”
  
  ), and a data gateway agent, the method consisting essentially of;
  
  receiving a packet prior to receipt of the packet by the packet counter;
  
  accessing a data transfer rule selected by a subscriber stored in a datastore accessible to the data gateway agent, wherein the selected data transfer rule comprises filtering criteria selected by the subscriber, andusing the filtering criteria to determine whether the packet violates the data transfer rule;
  
  forwarding the packet to the packet counter for counting when the packet does not violate the data transfer rule; and
  
  applying a corrective measure to the packet violates the data transfer rule.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 13. The method of claim 12, wherein the filtering criteria comprise payload criteria and wherein using the filtering criteria to determine whether the packet violates the data transfer rule comprises using the filtering criteria to determine whether the packet comprises the packet payload criteria.
  - 14. The method of claim 13, wherein the packet is an upstream packet and the payload criteria are selected from the group consisting of subscriber personal information, a telephone number, a social security number, a driver'"'"'s license number, a credit card number, and location information.
  - 15. The method of claim 12, wherein the filtering criteria further comprise a recurring time period and wherein using the filtering criteria to determine whether the packet violates the data transfer rule comprises using the filtering criteria to determine whether the packet is received during the recurring time period and comprises the packet payload criteria.
  - 16. The method of claim 12, wherein the filtering criteria comprise packet protocol criteria and wherein using the filtering criteria to determine whether the packet violates the data transfer rule comprises using the filtering criteria to determine whether the packet that is received at the CMTS uses a particular protocol.
  - 17. The method of claim 12, wherein the filtering criteria comprise protocol criteria and wherein using the filtering criteria to determine whether the packet violates the data transfer rule comprises using the filtering criteria to determine whether the packet received at the CMTS uses a particular protocol.
  - 18. The method of claim 12 further comprising:
    - receiving an upstream packet;
      
      creating an entry into a connection database, wherein the entry in the connection database comprises an upstream packet identifier that identifies the upstream packet as originating from the subscriber device; and
      
      receiving a downstream packet, andwherein the filtering criteria comprise the upstream packet identifier, and wherein using the filtering criteria to determine whether the packet violates the data transfer rule comprises using the filtering criteria to determine whether the downstream packet comprises the upstream packet identifier.
  - 19. The method of claim 12, wherein the CMTS further comprises a billing agent and wherein the method further comprises configuring the billing agent to receive a subscriber count trigger and to transmit a count message to the subscriber comprising a current packet count upon the receipt of the subscriber count trigger.
  - 20. The method of claim 19, wherein the subscriber count trigger is selected from the group consisting of an end of billing cycle, a receipt of a subscriber count request message, a subscriber count exceeding a subscriber selected trigger amount, and a subscriber count exceeding data over a cable carrier selected trigger amount.
  - 21. The method of claim 19 further comprising configuring the billing agent to automatically transmit an electronic message identifying current subscriber data transfer counts to the subscriber upon the occurrence of the subscriber count trigger.
  - 22. The method of claim 12, wherein the cable network is a hybrid fiber coaxial cable network.
  - 23. The method of claim 12 further comprising:
    - sending the subscriber device a notification message when the packet violates the data transfer rule, wherein the notification message comprises a request for selection of an option from the group consisting of an option to allow the packet to be sent or received and an option to not allow the packet to be sent or received;
      
      receiving a response from the subscriber device comprising the selected option;
      
      discarding the packet when the selected option is to not allow the packet to be sent or received; and
      
      forwarding the packet to the packet counter for counting when the selected option is to allow the packet to be sent or received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Original Assignee
Time Warner Cable Inc. (Charter Communications Incorporated)
Inventors
Gould, Kenneth, Danforth, Andrew
Primary Examiner(s)
Srivastava; Vivek
Assistant Examiner(s)
Jakovac; Ryan J

Application Number

US10/654,667
Publication Number

US 20050055708A1
Time in Patent Office

2,560 Days
Field of Search

709/225
US Class Current

709/225
CPC Class Codes

H04N 21/438   Interfacing the downstream ...

H04N 21/4532   involving end-user characte...

H04N 21/454   Content or additional data ...

H04N 7/163   by receiver means only

Method to block unauthorized network traffic in a cable data network

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

96 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method to block unauthorized network traffic in a cable data network

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

96 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links