Abstract: In one embodiment, a method, system and apparatus are described for cloud digital video recorder optimization. A cloud based storage unit stores recorded content items in response to recording requests by users from among a plurality of users, each recorded content item belonging to at least one content item type category and each user belonging to at least one user type category. A processor receives log files tracking the recording requests, applies a data-driven procedure to the log files on a basis of at least one of: the at least one content item type category and the at least one user type category, and assigns each recorded content item to a group associated with a second plurality of users and a co-related group of content items of a given content item type category and determines times to delete each recorded content item from the cloud based storage unit. Related methods, systems, and apparatus are also described.

Abstract: A system includes a network gateway in communication with a plurality of servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of network appliances, wherein each one appliance of the plurality of network appliances is associated with one of the plurality of servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of network appliances from one of the servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.

Abstract: In one embodiment, a system is described, the system including a network gateway in communication with a plurality of original equipment manufacturer (OEM) servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of OEM network appliances, wherein each one appliance of the plurality of OEM network appliances is associated with one of the plurality of OEM servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of OEM network appliances from one of the OEM servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.

Abstract: In one embodiment, a method for assessing security posture for entities in a computing network is implemented on a computing device and includes: receiving behavior data from one or more of the entities, where the behavior data is associated with at least activity on the computing network by the one or more entities, calculating a risk score for at least one of the entities by comparing the behavior data with a classification model, where the classification model represents at least a baseline for normative network behavior by the entities in a computing network, assessing a security posture for the at least one the entities based on the risk score, and allocating network security resources to the at least one of the entities at least in accordance with the security posture.

Abstract: In one embodiment, a method performed by a system that includes at least one processor, the method comprising: obtaining subscriber data of a plurality of subscribers, wherein said subscriber data comprises at least one of: consumption data relating to subscribed content consumption by said plurality of subscribers, or network data relating to data transmittal via one or more computer networks by the plurality of subscribers; detecting anomalous data by comparing subscriber data of different subscribers in the plurality of subscribers; identifying one or more suspected subscribers out of the plurality of subscribers as being suspected of unauthorized subscribed content distribution, the one of more suspected subscribers being associated with the anomalous data; and providing a respective identity for the one or more suspected subscribers.

Abstract: In one embodiment, a method, system and apparatus are described for cloud digital video recorder optimization. A cloud based storage unit stores recorded content items in response to recording requests by users from among a plurality of users, each recorded content item belonging to at least one content item type category and each user belonging to at least one user type category. A processor receives log files tracking the recording requests, applies a data-driven procedure to the log files on a basis of at least one of: the at least one content item type category and the at least one user type category, and assigns each recorded content item to a group associated with a second plurality of users and a co-related group of content items of a given content item type category and determines times to delete each recorded content item from the cloud based storage unit. Related methods, systems, and apparatus are also described.

Abstract: In one embodiment, a method for assessing security posture for entities in a computing, network is implemented On a computing device and includes: receiving behavior data from one or more of the entities, where the behavior data is associated with at least activity on the computing network by the one or more entities, calculating a risk score for at least one of the entities by comparing the behavior data with a classification model, where the classification model represents at least a baseline for normative network behavior by the entities in a computing network, assessing a security posture for the at least one the entities based on the risk score, and allocating network security resources to the at least one of the entities at least in accordance with the security posture.

Abstract: In one embodiment, a system is described, the system including a network gateway in communication with a plurality of original equipment manufacturer (OEM) servers, a household behavior model processor which models a household behavior model based at least on expected usage of each of a plurality of OEM network appliances, wherein each one appliance of the plurality of OEM network appliances is associated with one of the plurality of OEM servers, and behavior of users associated with the network gateway, an anomaly detector which determines, on the basis of the household behavior model, if an anomalous control message which has been sent to one of the plurality of OEM network appliances from one of the OEM servers has been received at the network gateway, and a notification server which sends a notification to an application on an administrator's device upon receipt of the anomalous control message at the network gateway. Related systems, apparatus, and methods are also described.

Abstract: In one embodiment, a method includes for each one time period of a plurality of time periods performing a weighted random selection of a first set of intrusion detection/protection system rules from a plurality of rules, each rule of the plurality of rules having an associated probability of selection, preparing a packet inspection plan including the first set of intrusion detection/protection system rules, and sending the packet inspection plan to a network distribution device to inspect packets according to the packet inspection plan. Related apparatus and methods are also described.

Abstract: In one embodiment, a system includes a hardware processor and a memory to store data used by the hardware processor, wherein the hardware processor is operative to calculate, for each one device of a plurality of devices, a device-specific packet inspection plan based on (a) a security vulnerability score for the one device; and (b) a damage score for the one device, wherein for each one device of the plurality of devices, the device-specific packet inspection plan includes at least one of the following (a) a percentage of a plurality of packets, destined for the one device, to be inspected for compliance with at least one intrusion detection/protection system rule and (b) instructions on which intrusion detection/protection system rules to use to inspect a multiplicity of the plurality of packets destined for the one device. Related apparatus and methods are also described.

Abstract: In one embodiment, a device discovery system includes a data storage medium to store a clustered data structure including device signatures grouped according to clusters. Each device signature includes device information. Each cluster from a sub-set of the clusters has a different device name. The system also includes an input/output sub-system to receive, from a remote device, a first device signature describing information about a first device, and a processor to perform a decision process based on the clustered data structure with the first device signature as input yielding an output including a first device name or an indication that a name associated with the first device signature is unknown. The processor is operative to prepare a response message including data about the output. The input/output sub-system is operative to send the response message to the remote device.

Abstract: A method of distributing audio video content is described. The method includes: receiving configuration data for a plurality of devices; for each device in the plurality of devices, computing a set of bit rates based, at least in part, on the configuration data; encoding audio video content at each bit rate in each set of bit rates to produce a plurality of encoded audio video content streams; splitting each encoded audio video content stream in the plurality of encoded audio video content streams into chunks to produce a plurality of chunked encoded audio video content streams; for each device in the plurality of devices, creating a separate index file, each separate index file including references to at least one of the plurality of chunked encoded audio video content streams; publishing a locator for each separate index file in a catalogue; and transmitting the plurality of chunked encoded audio video content streams and each separate index file to a network.

Abstract: A method and system for fingerprinting a content item is described, the content item including a set of content item elements E, providing information uniquely associated with a single user including a string of bits S0, parsing S0 into a plurality of substrings which are functions of S0, providing a matrix of content item replacement elements, each row of which includes, for each member of E, an array of content item replacement elements for Ei, uniquely associating each substring of S0 so that for every substring there exists a corresponding element of E, for every substring, replacing at least one instance of the corresponding element E in the content item with one substitute matrix element for the corresponding substring, and outputting a replacement content item including the result of the replacing, the substitute matrix elements being chosen according to at least one similarity criterion.

Abstract: A method of distributing audio video content is described. The method includes: receiving configuration data for a plurality of devices; for each device in the plurality of devices, computing a set of bit rates based, at least in part, on the configuration data; encoding audio video content at each bit rate in each set of bit rates to produce a plurality of encoded audio video content streams; splitting each encoded audio video content stream in the plurality of encoded audio video content streams into chunks to produce a plurality of chunked encoded audio video content streams; for each device in the plurality of devices, creating a separate index file, each separate index file including references to at least one of the plurality of chunked encoded audio video content streams; publishing a locator for each separate index file in a catalogue; and transmitting the plurality of chunked encoded audio video content streams and each separate index file to a network.

Abstract: This invention discloses a method for displaying advertisements transmitted to a user unit, the method includes receiving, at the user unit, at least one advertisement tagged with a delay tag indicating whether display of the at least one advertisement can be delayed and only if the delay tag allows delaying display of the at least one advertisement, storing the at least one advertisement at the user unit, retrieving the at least one advertisement and displaying the at least one advertisement. A billing system for reporting a commercial broadcast to a multiplicity of users is also disclosed.

Abstract: A secondary content distribution system and method is described, the system and method including a receiver for receiving a plurality of differing versions of secondary content from an provider, each one of the differing versions of the secondary content being associated with at least one of a reading mode, and a connection mode, a processor operative to determine a reading mode of a user of a client device, a selector for selecting one of the differing versions of the secondary content for display on the client device display, the selection being a function, at least in part, of matching the determined reading mode with the reading mode associated with the one of the differing versions of the secondary content and the connection mode of the client device, and a display for displaying the selected one of the differing versions of the secondary content on the client device display. Related methods, systems, and apparatus are also described.

Abstract: A system and method for providing content to users including a multicast sub-system providing content to multiple users and a unicast sub-system providing content to individual users. The multicast sub-system being operative to push to each of a plurality of user communities, content relating to the community and the unicast sub-system being operative to provide on demand to a user, content which has not been previously pushed to the user.

Abstract: A method and system for fingerprinting a content item is described, the and system method include providing the content item, the content item including a set of content item elements, the set of content item elements denoted E, such that E={E1, E2, Ei, Em}, providing information uniquely associated with a single user, the information including a string of bits, hereinafter denoted S0, parsing S0 into a plurality of subsequences of strings of bits, hereinafter denoted S1,, Sn, the parsing being performed such that S0 equals a function of S1,, Sn, providing a matrix of content item replacement elements, the matrix denoted R, each row of matrix R including, for at least each one of n members of set E, an array of content item replacement elements for Ei denoted Ri, such that Ri={Ri1, Rij}, uniquely associating each one of S1, Sn with one matrix element of matrix R, so that for every one of S1,, Sn there exists a corresponding element of E, for every one of S1,, Sn replacing at least one instance of the correspo

Abstract: A method and system for securing digital content for transmission to an end user device. In a preferred embodiment, the invention provides for: a control center for controlling access to the digital content by the end user device; transmitting scrambled digital content to the end user device, such that the end user device cannot play back the said scrambled digital content; contacting the control center to request a PECM (personal ECM), the PECM being specific to the end user device; transmitting the PECM to the end user device by the control center; and unscrambling the scrambled digital content by the end user device according to the PECM.

Abstract: A system and a method for secure distribution of digital media content through a packet-based network such as the Internet. The security of the present invention does not require one-to-one key exchange, but rather enables keys, and/or information required in order to build the key, to be broadcast through the packet-based network. The digital media content is then also preferably broadcast, but cannot be accessed without the proper key. However, preferably only authorized end-user devices are able to access the digital media content, by receiving and/or being able to access the proper key. Thus, the present invention is useful for other types of networks in which digital media content is more easily broadcast rather than unicast, in addition to packet-based networks.