Field of the Invention
Embodiments of the invention relate generally to cable communications, and, more particularly, to provisioning of cable networking services.
Description of the Background Art
Many home and business consumers connect to the Internet through cable-based Internet Service Providers (“ISPs”). These connections are commonly established through the use of a stand-alone device termed a cable modem. The cable modem serves as the interface between the consumer's network, or individual computer, and the ISP's network.
The ISP's physical infrastructure typically includes cable drops to many of the households and businesses in its service area, whether or not that household or business is an active subscriber of the ISP's services. Without closely monitoring activity on its network, an unscrupulous individual may attempt to access the ISP's services using an active cable drop without paying for the services.
Cable ISPs typically control access to high speed internet service by limiting access only to cable modems that have been provisioned to receive such services (i.e., whitelisted). Properly authorized cable modems are provisioned and managed using techniques designed to ensure that only authorized customers receive service, and then only at the appropriate levels.
Hackers have, over the years, developed a number of techniques to evade these management and provisioning mechanisms. By circumventing provisioning mechanisms, hackers connect a cable modem to the ISP's network without paying for service. Once connected, either by circumventing provisioning mechanisms or through holding a legitimate account with the ISP, hackers may also circumvent management mechanisms in order to increase their bandwidth allocation, for example.
Specifically, many cable systems are capable of handling speeds in excess of those advertised to their customers. However, these same cable systems may not be designed to handle those excess speeds for many users simultaneously, and so connection speeds are capped to a set limit. By circumventing management mechanisms, hackers may seek to uncap their service in order to access the full capacity of the cable network, to the detriment of other users.
The particular techniques used by hackers to circumvent provisioning and management mechanisms are varied and layered in order to increase effectiveness and/or to reduce the chance of detection. Hacked cable modems may take on much of the same behavior or appearance as legitimate modems, and so care must be taken to avoid inadvertently identifying a paying customer as a hacker.
Accordingly, what is desired is an effective technique for recognizing hacked modems circumventing provisioning and/or management mechanisms while minimizing false positives.