System and method for monitoring unauthorized transport of digital content
First Claim
1. A system for network content monitoring, comprising:
- at least one computer processor and a non-transitory electronically readable medium,a transport data monitor, connectable to a point in a network, and configured to monitor data being transported past said point,an encryption detector configured to determine whether said transport data is encrypted, said encryption detector comprises comprising a transport entropy measurement unit configured to measure entropy of said monitored transport data; and
a policy determinator configured to use a rule-based decision making unit to select between a set of outputs including at least one of;
removing sensitive parts of content, altering the content, and adding a message to the content, wherein said policy determinator is configured to use;
an input of an amount of encrypted transport from a given user, and a confidence level based on said measured entropy of said monitored transport data, as factors in said rule based decision making.
17 Assignments
0 Petitions
Accused Products
Abstract
A system for network content monitoring and control, comprising: a transport data monitor, connectable to a point in a network, for monitoring data being transported past said point, a signature extractor, associated with said transport data monitor, for extracting a derivation of said data, said derivation being indicative of content of said payload, a database of preobtained signatures of content whose movements it is desired to monitor, and a comparator for comparing said derivation with said preobtained signatures, thereby to determine whether said payload comprises any of said content whose movements it is desired to monitor. The monitoring result may be used in bandwidth control on the network to restrict transport of the content it is desired to control.
-
Citations
7 Claims
-
1. A system for network content monitoring, comprising:
-
at least one computer processor and a non-transitory electronically readable medium, a transport data monitor, connectable to a point in a network, and configured to monitor data being transported past said point, an encryption detector configured to determine whether said transport data is encrypted, said encryption detector comprises comprising a transport entropy measurement unit configured to measure entropy of said monitored transport data; and a policy determinator configured to use a rule-based decision making unit to select between a set of outputs including at least one of;
removing sensitive parts of content, altering the content, and adding a message to the content, wherein said policy determinator is configured to use;
an input of an amount of encrypted transport from a given user, and a confidence level based on said measured entropy of said monitored transport data, as factors in said rule based decision making. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification