MS IPTV audit collection services

Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2011Microsoft Mediaroom Internet Protocol Television (MS IPTV), uma plataforma de televisão digital, levou o conceito de televisão a uma dimensão totalmente nova. MS IPTV é um sistema onde o serviço de televisão digital é entregue aos clientes usando Internet Protocol (IP), através de uma conexão de banda larga. Com o advento do IPTV começaram a aparecer novas situações relacionadas com a segurança da televisão, uma vez que, a infra-estrutura começou a ganhar complexidade e exposição a uma série de novos riscos. Por esta razão, a segurança numa infra-estrutura de MS IPTV não é apenas mais uma funcionalidade, mas sim uma necessidade. Podemos mesmo dizer que hoje em dia é obrigatório aguçar o engenho para estar um passo à frente dos atacantes, uma vez que estes estão sempre à espera de uma brecha, para comprometer os sistemas. Uma infra-estrutura como o MS IPTV armazena por omissão dados relativos ao comportamento dos utilizadores ao nível dos logs, no entanto esta informação só se torna relevante se puder ser consultada e analisada com o objetivo de proporcionar uma compreensão a alto nível sobre os diferentes padrões que estão a ocorrer nos servidores ou no comportamento dos utilizadores, uma tarefa que envolve poderosas técnicas de data parsing. A tese apresenta uma abordagem que combina técnicas de data parsing, a fim de analisar os logs relevantes da infra-estrutura de MS IPTV, com o objetivo principal de aumentar a segurança através da investigação dos tipos de informações adicionais que pode ser extraída. Tentámos assim entender se é possível determinar que tipos de ataques estão a ser perpetrados contra a infra-estrutura MS IPTV, com base na análise dos logs. Como o foco central desta tese está no diagnóstico, propomos uma abordagem para descobrir ataques, onde os logs são verificados para identificar grupos coerentes de ocorrências susceptíveis de constituir ataques que apelidámos de padrões. Nos testes, verificámos que a nossa abordagem consegue bons resultados na descoberta de ataques. Os resultados obtidos têm a vantagem adicional de poderem ser integrados na ferramenta de monitorização utilizada pelas equipas de operação dos sistemas da Portugal Telecom, o System Center Operations Manager (SCOM).Microsoft Mediaroom Internet Protocol TeleVision (MS IPTV), one of the platforms for digital TV, took television to an all new dimension level. MS IPTV is described as a system where a digital television service is delivered to consumers using the Internet Protocol over a broadband connection. Since the infrastructure started to gain complexity and exposure to a number of new risks, never envisaged situations related to television security started to appear. For this reason, MS IPTV security is not only a great asset, but also a necessity. Nowadays it is mandatory to sharpen the wit to get ahead of attackers, who are always waiting for a breach to compromise our systems. MS IPTV log servers collect information about user and system behavior. However, this information only becomes relevant if it can be queried and analyzed with the purpose of providing high-level understanding about the different patterns. This task must comprise powerful data parsing techniques, since MS IPTV is able to generate close to one terabyte of logs per day. This thesis presents an approach that combines data parsing techniques in order to analyze relevant MS IPTV logs, with the main objective to increase security through the investigation of what type of additional information can be extracted from the server log files of a MS IPTV platform. The thesis focus is on diagnosis, trying to understand if it is possible to determine what type of attacks are being perpetrated against the MS IPTV infrastructure. We propose an approach for discovering attacks, where the application logs are scanned to identify coherent groups of occurrences that we call patterns, which are likely to constitute attacks. Our results showed that our approach achieves good results in discovering potential attacks. Our output results can be integrated into the MS IPTV monitoring system tool SCOM (System Center Operations Manager), which is an additional advantage over the other monitoring and log management systems

Cooperating broadcast and cellular conditional access system for digital television

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The lack of interoperability between Pay‐TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay‐TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay‐TV systems. This paper presents a novel end‐to‐end system architecture for Pay‐TV systems cooperating mobile and broadcasting technologies. It provides a cost‐effective, scalable, dynamic and secure access control mechanism supporting converged services and new business opportunities in Pay‐TV systems. It enhances interactivity, security and potentially reduces customer attrition and operational cost. In this platform, service providers can effectively interact with their customers, personalise their services and adopt appropriate security measures. It breaks up the rigid relationship between a viewer and set‐top box as imposed by traditional conditional access systems, thus, a viewer can fully enjoy his entitlements via an arbitrary set‐top box. Having thoroughly considered state‐of‐the‐art technologies currently being used across the world, the thesis highlights novel use cases and presents the full design and implementation aspects of the system. The design section is enriched by providing possible security structures supported thereby. A business collaboration structure is proposed, followed by a reference model for implementing the system. Finally, the security architectures are analysed to propose the best architecture on the basis of security, complexity and set‐top box production cost criteria

FISE: A Forwarding Table Structure for Enterprise Networks

This is the author accepted manuscript. The final version is available from IEEE via the DOI in this recordWith increasing demands for more flexible services, the routing policies in enterprise networks become much richer. This has placed a heavy burden to the current router forwarding plane in support of the increasing number of policies, primarily due to the limited capacity in TCAM, which further hinders the development of new network services and applications. The scalable forwarding table structures for enterprise networks have therefore attracted numerous attentions from both academia and industry. To tackle this challenge, in this paper we present the design and implementation of a new forwarding table structure. It separates the functions of TCAM and SRAM, and maximally utilizes the large and flexible SRAM. A set of schemes are progressively designed, to compress storage of forwarding rules, and maintain correctness and achieve line-card speeds of packet forwarding. We further design an incremental update algorithm that allows less access to memory. The proposed scheme is validated and evaluated through a realistic implementation on a commercial router using real datasets. Our proposal can be easily implemented in the existing devices. The evaluation results show that the performance of forwarding tables under the proposed scheme is promising.National Key R&D Program of ChinaNational Natural Science Foundation of China (NSFC)Scientific Research Foundation for Young Teachers of Shenzhen Universit

MediaSync: Handbook on Multimedia Synchronization

This book provides an approachable overview of the most recent advances in the fascinating field of media synchronization (mediasync), gathering contributions from the most representative and influential experts. Understanding the challenges of this field in the current multi-sensory, multi-device, and multi-protocol world is not an easy task. The book revisits the foundations of mediasync, including theoretical frameworks and models, highlights ongoing research efforts, like hybrid broadband broadcast (HBB) delivery and users' perception modeling (i.e., Quality of Experience or QoE), and paves the way for the future (e.g., towards the deployment of multi-sensory and ultra-realistic experiences). Although many advances around mediasync have been devised and deployed, this area of research is getting renewed attention to overcome remaining challenges in the next-generation (heterogeneous and ubiquitous) media ecosystem. Given the significant advances in this research area, its current relevance and the multiple disciplines it involves, the availability of a reference book on mediasync becomes necessary. This book fills the gap in this context. In particular, it addresses key aspects and reviews the most relevant contributions within the mediasync research space, from different perspectives. Mediasync: Handbook on Multimedia Synchronization is the perfect companion for scholars and practitioners that want to acquire strong knowledge about this research area, and also approach the challenges behind ensuring the best mediated experiences, by providing the adequate synchronization between the media elements that constitute these experiences

How\u27s My Network - Incentives and Impediments of Home Network Measurements

Gathering meaningful information from Home Networking (HN) environments has presented researchers with measurement strategy challenges. A measurement platform is typically designed around the process of gathering data from a range of devices or usage statistics in a network that are specifically behind the HN firewall. HN studies require a fine balance between incentives and impediments to promote usage and minimize efforts for user participation with the focus on gathering robust datasets and results. In this dissertation we explore how to gather data from the HN Ecosystem (e.g. devices, apps, permissions, configurations) and feedback from HN users across a multitude of HN infrastructures, leveraging low impediment and low/high incentive methods to entice user participation. We look to understand the trade-offs of using a variety of approach types (e.g. Java Applet, Mobile app, survey) for data collections, user preferences, and how HN users react and make changes to the HN environment when presented with privacy/security concerns, norms of comparisons (e.g. comparisons to the local environment and to other HNs) and other HN results. We view that the HN Ecosystem is more than just “the network” as it also includes devices and apps within the HN. We have broken this dissertation down into the following three pillars of work to understand incentives and impediments of user participation and data collections. These pillars include: 1) preliminary work, as part of the How\u27s My Network (HMN) measurement platform, a deployed signed Java applet that provided a user-centered network measurement platform to minimize user impediments for data collection, 2) a HN user survey on preference, comfort, and usability of HNs to understand incentives, and 3) the creation and deployment of a multi-faceted How\u27s My Network Mobile app tool to gather and compare attributes and feedback with high incentives for user participation; as part of this flow we also include related approaches and background work. The HMN Java applet work demonstrated the viability of using a Web browser to obtain network performance data from HNs via a user-centric network measurement platform that minimizes impediments for user participation. The HMN HN survey work found that users prefer to leverage a Mobile app for HN data collections, and can be incentivized to participate in a HN study by providing attributes and characteristics of the HN Ecosystem. The HMN Mobile app was found to provide high incentives, with minimal impediments, for participation with focus on user Privacy and Security concerns. The HMN Mobile app work found that 84\% of users reported a change in perception of privacy and security, 32\% of users uninstalled apps, and 24\% revoked permissions in their HN. As a by-product of this work we found it was possible to gather sensitive information such as previously attached networks, installed apps and devices on the network. This information exposure to any installed app with minimal or no granted permissions is a potential privacy concern

Creation of value with open source software in the telecommunications field

Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200

Identificação de utilizadores seniores em televisão interativa (iTV) : uma matriz de decisão tecnológica

Doutoramento em Informação e Comunicação em Plataformas DigitaisDesde que surgiu há mais de 50 anos, a televisão sofreu muitas transformações, tanto ao nível tecnológico (por exemplo com a passagem da emissão a preto/branco para cor, o som analógico para digital, a difusão digital) como a nível da sua influência nas sociedades. Entre outros fatores de ordem tecnológica, a consolidação da Internet com o seu elevado nível de personalização, da experiência de utilização, e a sua enorme quantidade de conteúdos disponíveis, catapultou a televisão no sentido de esta se tornar mais interativa. Assim, o telespectador passou a poder usufruir de uma experiência televisiva que pode, por um lado, ser mais participativa, sendo-lhe possível, por exemplo, alvitrar sobre a qualidade de um programa enquanto assiste à sua exibição, e, por outro, ser mais personalizada, possibilitando-lhe, por exemplo, receber conteúdos automaticamente adequados ao seu perfil e contexto. No entanto, esta experiência mais participativa e personalizável carece de uma identificação, idealmente automática e não intrusiva, de quem pode beneficiar da mesma – o telespectador. Contudo, e apesar de significativos avanços na área da televisão interativa, tanto ao nível da infraestrutura de suporte como ao nível dos serviços disponibilizados, a identificação dos utilizadores é, ainda, uma área de estudo com muitos aspetos por compreender. Os seniores, em particular, são grandes consumidores de televisão e representam uma fatia muito considerável das pessoas que podem beneficiar das potencialidades disponibilizadas pela interatividade presente em muitos serviços atuais. Um número crescente destes serviços são desenhados com o objetivo de promoverem um envelhecimento ativo e um concreto apoio à vida, pelo que os seniores podem beneficiar, em vários aspetos do seu quotidiano, se os utilizarem. Nesta faixa etária, a identificação de utilizadores tem, como elemento potenciador da experiência de utilização, um papel especialmente importante ao nível de um aproveitamento personalizado e dirigido destes serviços. No entanto, atendendo às diferentes combinações de características físicas, sensoriais, cognitivas e, mesmo, de literacia digital que tipificam os seniores, perspetivou-se existir uma dependência do perfil do utilizador na seleção do método de identificação mais adequado, os quais podem ser baseados, por exemplo, num leitor de impressões digitais, instalado no telecomando; na leitura de uma wearable tag ou de um cartão RFiD; no reconhecimento da face e, eventualmente, na voz do utilizador. Assim, a inerente investigação desenrolou-se em várias fases, no sentido de permitir alicerçar a construção de uma matriz de decisão tecnológica que, em função do perfil de utilizador, selecione o sistema de identificação mais adequado. O procedimento metodológico inerente à construção desta matriz de decisão, passou por um longo processo envolvendo utilizadores reais, que se iniciou com a realização de entrevistas exploratórias com o objetivo de permitir conhecer melhor os seniores e a forma como estes encaram a tecnologia e, mais concretamente, a televisão interativa. Foi depois implementado um protótipo de alta-fidelidade, completamente funcional, para a realização de testes com o objetivo de perceber qual a preferência relativamente a um subconjunto de tecnologias de identificação. Estes testes, uma vez que não permitiram testar todas as tecnologias em estudo, revelaram-se inconclusivos, porém permitiram reforçar a necessidade de identificar e caracterizar os referidos aspetos do perfil do utilizador que podem interferir na sua preferência relativamente ao sistema de identificação. As características identificadas constituíram-se como os parâmetros de entrada da matriz, sendo que para preencher as respetivas células realizaramse testes de aceitação, com um conjunto de seniores, tendo por base um protótipo, wizard of oz, especificamente implementado para permitir experienciar todas as tecnologias em estudo. Estes testes foram precedidos pela avaliação das capacidades funcionais dos participantes, nos diversos parâmetros definidos. Este texto relata, assim, todo o processo de investigação que foi conduzido, terminando com uma descrição de exemplos de utilização da matriz de decisão implementada e com a identificação de potenciais caminhos de desenvolvimento deste trabalho.Television underwent by many socio-technological changes since its beginning in the fifties. Beyond some inherent technological factors like the transition from black and white to color and the digitalization of both audio and video components, the consolidation of the Internet with its high level of customization of user experience and massive amount of available content, helped television to be driven towards an interactive dimension. Thus, the viewer happened to be able to enjoy from a viewing experience that can, first, be more participatory as he can, for example, vote in TV shows or express his opinion about the quality of a TV program and, second, be more personalized allowing him, for instance, receiving TV contents appropriated to his profile and context of use. However, this more participatory and customizable experience lacks of an automatic identification process of the person/s that is/are watching TV. Despite significant advances in the area of interactive television (iTV), the automatic identification of viewers, especially if a non-intrusive way is at stake, is still a research area with many unsolved topics. Elder people, in particular, are major consumers of television and represent a very sizable chunk of viewers that can benefit from the potential offered by this interactivity in many types of services. A growing number of these services are designed with the aim to promote active aging and life support, thus seniors can benefit in various aspects of their daily lives, if they use them. In this age group, the automatic identification of viewers has a special role in a personalized and targeted usage of these services, acting as an enhancer of the user experience. However, due to a broad range of physical, sensorial, cognitive and digital literacy characteristics inherent to the elderly, it was envisaged that the definition of the most suitable viewer identification technology would be dependent of the actual user/viewer profile. Actually, the user identification method can be based in several technology options, e.g. a fingerprint reader placed in the remote, a wearable tag, an RFID card, a facial or a voice recognition system, making it necessary deciding on the best approach for each possible viewer profile. The research was carried out in order to leverage the design of a decision matrix that, using the characteristics of the senior's profile, computes the most suitable viewer identification method. The methodology used to build the matrix was based on multiple sets of interviews and evaluation sessions with elderly viewers in a longitudinal prototyping process. We started with a set of exploratory interviews that allowed a better understanding how seniors see iTV technology. After, it was implemented a fully functional prototype (that allowed to test a particular set of identification technologies), that was evaluated by seniors participants, to find a clear trend about the preference of identification technologies. Despite these tests were a step forward (since they allow to understand that viewer’s characteristics can influence their preferences about the identification technology), they were not totally conclusive mainly due to the fact that they only had allowed testing a particular set of technologies among all that are referenced in this research. The aforementioned characteristics became the inputs of the decision matrix, leading to a new set of tests to start filling in its cells. These tests were based on a wizard of oz prototype that allowed participants to experiment all identification technologies referred in this research. All these tests with seniors were made at their homes preceded of the evaluation of their functional characteristics (the ones identified in previous test and that can influence viewer's preferences). The document ends reporting the main conclusions and examples of the matrix usage and with some points to next steps of this work