	US 12,432,046 B2
	Methods and systems for processing information streams
Pierre Racz, Saint-Laurent (CA); and Julien Vary, Saint-Laurent (CA)
Assigned to GENETEC INC., Saint-Laurent (CA)
Appl. No. 17/779,662
Filed by GENETEC INC., Saint-Laurent (CA)
PCT Filed Oct. 29, 2020, PCT No. PCT/CA2020/051457 § 371(c)(1), (2) Date May 25, 2022, PCT Pub. No. WO2021/212204, PCT Pub. Date Oct. 28, 2021.
Application 17/779,662 is a continuation in part of application No. 16/880,832, filed on May 21, 2020, granted, now 11,153,360.
Claims priority of provisional application 62/850,788, filed on May 21, 2019.
Claims priority of provisional application 63/013,021, filed on Apr. 21, 2020.
Claims priority of provisional application 63/027,217, filed on May 19, 2020.
Prior Publication US 2023/0019877 A1, Jan. 19, 2023
Int. Cl. H04L 9/08 (2006.01); H04N 7/18 (2006.01)

CPC H04L 9/0819 (2013.01) [H04N 7/18 (2013.01)]

38 Claims

1. A method for execution by a network element, comprising:

processing a plurality of information streams transiting the network element to identify a particular data stream as a suspected bearer of encrypted media at least based on an inability to recognize data of the particular data stream, the particular data stream established between a first node and a second node;

extracting unencrypted data from the particular data stream that is the suspected bearer of encrypted media by:

establishing a first control stream with the first node and a second control stream with the second node, wherein the first control stream is established using credentials associated with the second node,

obtaining a cryptographic key sent by the first node over the first control stream and destined for the second node,

sending the cryptographic key to the second node over the second control stream,

obtaining encrypted media sent by the second node and destined for the first node, and

decrypting the obtained encrypted media based on the cryptographic key; and

accessing the decrypted media and transmitting the decrypted media onwards to at least another device;

wherein the encrypted media comprises encrypted video data, wherein the particular data stream comprises packets each comprising a header and a payload, and wherein the identifying comprises:

processing at least the header of each packet to determine a flow associated with the packet;

processing at least part of the payload of the packet to determine a candidate payload structure of the packet and processing at least part of the payload of the packet in accordance with the candidate payload structure, which includes processing at least part of the payload of the packet in accordance with one or more codec-specific tests;

concluding that the particular data stream is a suspected bearer of encrypted video data in case none of the one or more codec-specific tests is passed;

wherein the second control stream is established using credentials associated with the first node;

wherein one of the first node and the second node is a video management system (VMS) and wherein the other one of the first node and the second node comprises a security camera.