Data stream traffic control
First Claim
Patent Images
1. A system for controlling data stream traffic, comprising:
- a hardware processor to;
process a data stream at least partially scrambled by a random re-arrangement of information units in the data stream such that the entropy associated with the data stream is not modified so as to anonymize data encoded in the data stream;
compute a bit equivalent entropy of the processed data stream;
determine whether the data stream is suitably encrypted based on the bit equivalent entropy; and
controlling traffic of the data stream based on the computed bit equivalent entropy such that;
upon the data stream being determined to be suitably encrypted, allowing traffic containing the data stream, orupon the data stream being determined as not being suitably encrypted, restricting traffic containing the data stream;
wherein determining whether the data stream is suitably encrypted includes;
computing an entropy curve of bit equivalent entropy values over size of the data stream; and
determining whether the computed entropy curve matches within a selected range a selected random data entropy curve, whereby, if the match result is negative, it is determined that the data stream is cryptographically unsecure.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques related to data stream traffic control are disclosed herein. A bit equivalent entropy of an anonymized data stream is computed. Traffic of the data stream is controlled based on the value of the bit equivalent entropy.
24 Citations
8 Claims
-
1. A system for controlling data stream traffic, comprising:
-
a hardware processor to; process a data stream at least partially scrambled by a random re-arrangement of information units in the data stream such that the entropy associated with the data stream is not modified so as to anonymize data encoded in the data stream; compute a bit equivalent entropy of the processed data stream; determine whether the data stream is suitably encrypted based on the bit equivalent entropy; and controlling traffic of the data stream based on the computed bit equivalent entropy such that; upon the data stream being determined to be suitably encrypted, allowing traffic containing the data stream, or upon the data stream being determined as not being suitably encrypted, restricting traffic containing the data stream; wherein determining whether the data stream is suitably encrypted includes; computing an entropy curve of bit equivalent entropy values over size of the data stream; and determining whether the computed entropy curve matches within a selected range a selected random data entropy curve, whereby, if the match result is negative, it is determined that the data stream is cryptographically unsecure. - View Dependent Claims (2, 3)
-
-
4. A method performed by a processor, comprising:
-
anonymizing a data stream by a random re-arrangement of information units in the data stream such that entropy associated with data encoded in the data stream is not modified; computing, by the processor, a bit equivalent entropy of the anonymized data stream; determining, by the processor, whether the data stream is suitably encrypted based on the bit equivalent entropy; and upon the data stream being determined to be suitably encrypted, allowing traffic containing the data stream, or upon the data stream being determined as not being suitably encrypted, restricting traffic containing the data stream; wherein determining whether the data stream is suitably encrypted includes; computing an entropy curve of bit equivalent entropy values over size of the data stream; and determining whether the computed entropy curve matches within a selected range a selected random data entropy curve, whereby, if the match result is negative, it is determined that the data stream is cryptographically unsecure. - View Dependent Claims (5)
-
-
6. A computer software product comprising a non-transitory medium readable by a processor, the medium having stored thereon a set of instructions for controlling a data stream, the instructions comprising:
-
(a) a set of instructions which, when loaded into a memory and executed by the processor, causes processing of a data stream so as to anonymize data encoded in the data stream by a random re-arrangement of information units in the data stream such that the entropy associated with the data stream is not modified; (b) a set of instructions which, when loaded into a memory and executed by the processor, causes computation of a bit equivalent entropy of the processed data stream; and (c) a set of instructions which, when loaded into a memory and executed by the processor, causes determining whether the data stream is suitably encrypted based on the bit equivalent entropy; (d) a set of instructions which, when loaded into a memory and executed by the processor, causes, upon the data stream being determined to be suitably encrypted, allowing traffic containing the data stream, or upon the data stream being determined as not being suitably encrypted, restricting traffic containing the data stream, wherein determining whether the data stream is suitably encrypted includes; computing an entropy curve of bit equivalent entropy values over size of the data stream; and determining whether the computed entropy curve matches within a selected range a selected random data entropy curve, whereby, if the match result is negative, it is determined that the data stream is cryptographically unsecure. - View Dependent Claims (7, 8)
-
Specification