Card sharing

Abstract: Digital content providers seek to restrict usage by implementing conditional access. One such scenario is the security aspects of digital video broadcast (DVB-S). There has been a history of attacks on this technology to circumvent any security measures and some techniques have been countered by the deployment of customised/provider specific receivers. However, this leads to less choice and the duplication of equipment at the customer level. Open satellite receivers have been introduced to allow a single user to access several different services from a single piece of receiver equipment. These boxes provide a highly configurable environment with software emulations of conditional access systems that is open to abuse. The internet has allowed communities with in-depth expertise to grow up around open receiver equipment; effectively communicating attack methods as they evolve. A new level of emerging attack is a card sharing by which one legitimate user colludes to provide protected content to a larger group of illegitimate users. In this paper we propose countermeasures to protect DVB-S content against this species of attack by enforcing behavioural contracts and correct usage guidelines within the smart card.

Abstract: In the last years, the interest in methods and techniques for circumventing the security of the available digital video broadcasting systems is continuously increasing. Digital TV providers are struggling to restrict access to their video contents only to authorized users, by deploying more and more sophisticated conditional access systems. At the state-of-the-art, the most significant menace is the card-sharing activity which exploits a known weakness allowing an authorized subscriber to provide access to digital contents to a potentially large group of unauthorized ones connected over a communication network. This is usually realized by using ad hoc customized devices. Detecting the presence of these illegal systems on a network, by recognizing their related traffic is an issue of primary importance. Unfortunately, to avoid the identification of such traffic, payload obfuscation strategies based on encryption are often used, hindering packet inspection techniques. This paper presents a strategy for the detection of card-sharing traffic, empowered by machine-learning-driven traffic classification techniques and based on the natural capability of wavelet analysis to decompose a traffic time series into several component series associated with particular time and frequency scales and hence allowing its observation at different frequency component levels and with different resolutions. These ideas have been used for the proof-of-concept implementation of an SVM-based binary classification scheme that relies only on time regularities of the traffic and not on the packet contents and hence is immune to payload obfuscation techniques.

Abstract: According to some implementations of the disclosure, a method is disclosed. The method includes transmitting state indication data corresponding to a current state of first application to a card system. The method further includes receiving a card system response from the card system indicating whether the card system can provide a card corresponding to the current state and determining a sharing score of the card corresponding to the current state. The sharing score is indicative of an estimated probability that a user of the device will share the card corresponding to the current state. The method includes displaying a first selection element overlaying a graphical user interface of the first application when the sharing score is above a threshold. The method includes displaying a second selection element overlaying the graphical user interface when the sharing score is below the threshold and above a second threshold.

Abstract: A method of sharing a state of an application or a card from a first user device to a second user device is provided. The card is representative of the state. The method includes: receiving, at a processor of the first user device, a user share input; in response to the user share input, determining app state information; generating a data object representative of the state or the card based on the app state information; generating share and destination requests; selecting a share method and a destination link based on responses to the share and destination requests; formatting the data object to generate a message; and transmitting the message to the second user device based on the share method and the destination link. The application is executed on the processor. The transmitting of the message shares the state or the card with the second user device.