Method to block unauthorized network traffic in a cable data network
First Claim
Patent Images
1. A system for providing data filtering from a data network comprising:
- a data network termination device comprising a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the packet counter (herein, “
downstream packets”
) via the data network and a number of packets originating from the subscriber device and sent to the packet counter (herein, “
upstream packets”
) via the data network;
a data gateway agent, wherein the packet counter is accessible to the data gateway agent; and
a datastore accessible to the data gateway agent for storing a data transfer rule selected by a subscriber, wherein the selected data transfer rule comprises packet filtering criteria selected by the subscriber, andwherein the data gateway agent comprises instructions that cause the gateway agent to;
receive a packet prior to receipt of the packet by the packet counter;
access the data transfer rule stored in the datastore;
apply the packet filtering criteria to the packet to determine whether the packet violates the data transfer rule;
send a notice to the subscriber when the packet violates the data transfer rule;
receive a request to reverse the determination made by the data gateway agent regarding the packet;
reverse the determination made by the data gateway agent regarding the packet in response to the request;
modify in response to the request one or more packet filtering criteria of the data transfer rule applied to the packet; and
apply the data transfer rule as modified to subsequent determinations of the data gateway agent.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention teaches methods and systems for subscriber blocking of unauthorized network traffic in a cable data network. The cable modem termination system (CMTS) incorporates a data gateway agent that filters unauthorized traffic thereby eliminating consumption based subscribers from being responsible for related service charges. Embodiments incorporate the use of packet filtering, hybrid stateful packet filtering, content filtering, application layer filtering and time based filtering. Greater acceptance of consumption based billing is achieved by having the filter settings directed by the subscriber.
45 Citations
33 Claims
-
1. A system for providing data filtering from a data network comprising:
-
a data network termination device comprising a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the packet counter (herein, “
downstream packets”
) via the data network and a number of packets originating from the subscriber device and sent to the packet counter (herein, “
upstream packets”
) via the data network;a data gateway agent, wherein the packet counter is accessible to the data gateway agent; and a datastore accessible to the data gateway agent for storing a data transfer rule selected by a subscriber, wherein the selected data transfer rule comprises packet filtering criteria selected by the subscriber, and wherein the data gateway agent comprises instructions that cause the gateway agent to; receive a packet prior to receipt of the packet by the packet counter; access the data transfer rule stored in the datastore; apply the packet filtering criteria to the packet to determine whether the packet violates the data transfer rule; send a notice to the subscriber when the packet violates the data transfer rule; receive a request to reverse the determination made by the data gateway agent regarding the packet; reverse the determination made by the data gateway agent regarding the packet in response to the request; modify in response to the request one or more packet filtering criteria of the data transfer rule applied to the packet; and apply the data transfer rule as modified to subsequent determinations of the data gateway agent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 31, 32)
-
-
15. A method for providing data filtering from a data network, the method comprising:
-
receiving by a processor a packet prior to receipt of the packet by a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the packet counter (herein, “
downstream packets”
) via the data network and a number of packets originating from the subscriber device and sent to the packet counter (herein, “
upstream packets”
) via the data network;accessing by the processor a data transfer rule selected by a subscriber stored in a datastore accessible to the processor, wherein the selected data transfer rule comprises packet filtering criteria selected by the subscriber; applying by the processor the packet filtering criteria to the packet to determine whether the packet violates the data transfer rule; sending a notice to the subscriber of the determination regarding the packet when the packet violates the data transfer rule; receiving a request to reverse the determination made by the processor regarding the packet; reversing the determination made by the processor regarding the packet in response to the request; modifying in response to the request one or more packet filtering criteria of the data transfer rule applied to the packet; and applying the data transfer rule as modified to subsequent determinations of the processor. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
33. A system for providing data filtering from a data network comprising:
-
a data network termination device comprising a packet counter, wherein the packet counter determines a number of packets sent to a subscriber device from the packet counter (herein, “
downstream packets”
) via the data network and a number of packets originating from the subscriber device and sent to the packet counter (herein, “
upstream packets”
) via the data network; anda data gateway agent, wherein the packet counter is accessible to the data gateway agent; a datastore accessible to the data gateway agent for storing a data transfer rule selected by a subscriber, wherein the selected data transfer rule comprises packet filtering criteria selected by the subscriber, wherein the data gateway agent comprises instructions that cause the gateway agent to; receive a packet prior to receipt of the packet by the packet counter; access the data transfer rule stored in the datastore; apply the packet filtering criteria to the packet to determine whether the packet violates the data transfer rule; and send a notice to the subscriber when the packet violates the data transfer rule.
-
Specification