Reducing Service Theft in DOCSIS Networks


Adding multiple layers of security is essential for any DOCSIS network. Service theft represents not only a lost revenue opportunity, but also may affect a provider’s bandwidth capacity, reducing quality of service for paying subscribers.

With this is mind, Incognito has implemented various security measures into our fraud protection solution to protect MSPs from threats like hacking and attacks, theft of service or speed boosts, and DoS attacks. These features include:

  1. IP Verification: Only the intended cable modem identified as originating from the associated IP address may download the configuration file

  2. Single Download Only: The configuration file may only be downloaded once

  3. Randomly Generated Filenames: The configuration filename is a randomly generated hex string created on-the-fly during the DHCP process, which eliminates the possibility of guessing configuration filenames

  4. Configuration File Expiry: If a configuration file is not downloaded, the filename and related information regarding that file are destroyed after a configurable amount of time (default: 60 seconds)

  5. TLV 19 and 20: The solution offers the ability to include TFTP timestamp and cable modem IP in configuration files.

For a more in-depth look at how you can prevent fraud on your DOCSIS network, check out our four-part Tips and Tutorial series on fraud protection.

  • Share: