Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2006-09-07
2010-10-05
Nguyen, Thu (Department: 2452)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C370S390000, C370S392000
Reexamination Certificate
active
07809827
ABSTRACT:
A network device comprises a service card (e.g., a lawful intercept (LI) service card) executing a communication protocol to receive, from one or more sources (e.g., law enforcement agents), intercept information specifying at least one destination and criteria for matching one or more packet flows. The network device further includes a network interface card to receive a packet from a network, and a control unit to provide the packet from the interface card to the LI service card. The LI service card executes a flow match detection module that, when the packet matches the criteria of the intercept information, forwards the packet to the destination specified by the intercept information. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow LEAs to tap packet flows with little delay after specifying intercept information, e.g., within 50 milliseconds, even under high-volume networks.
REFERENCES:
patent: 3962681 (1976-06-01), Requa et al.
patent: 4032899 (1977-06-01), Jenny et al.
patent: 4600319 (1986-07-01), Everett, Jr.
patent: 5375216 (1994-12-01), Moyer et al.
patent: 5408539 (1995-04-01), Finlay et al.
patent: 5490252 (1996-02-01), Macera et al.
patent: 5509123 (1996-04-01), Dobbins et al.
patent: 5530958 (1996-06-01), Agarwal et al.
patent: 5568471 (1996-10-01), Hershey et al.
patent: 6011795 (2000-01-01), Varghese et al.
patent: 6018765 (2000-01-01), Durana et al.
patent: 6148335 (2000-11-01), Haggard et al.
patent: 6182146 (2001-01-01), Graham-Cumming, Jr.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6392996 (2002-05-01), Hjalmtysson
patent: 6499088 (2002-12-01), Wexler et al.
patent: 6501752 (2002-12-01), Kung et al.
patent: 6563796 (2003-05-01), Saito
patent: 6584548 (2003-06-01), Bourne et al.
patent: 6594268 (2003-07-01), Aukia et al.
patent: 6598034 (2003-07-01), Kloth
patent: 6651098 (2003-11-01), Carroll et al.
patent: 6735201 (2004-05-01), Mahajan et al.
patent: 6751663 (2004-06-01), Farrell et al.
patent: 6826713 (2004-11-01), Beesley et al.
patent: 6889181 (2005-05-01), Kerr et al.
patent: 6983294 (2006-01-01), Jones et al.
patent: 6985956 (2006-01-01), Luke et al.
patent: 7031304 (2006-04-01), Arberg et al.
patent: 7055174 (2006-05-01), Cope et al.
patent: 7058974 (2006-06-01), Maher et al.
patent: 7120931 (2006-10-01), Cheriton
patent: 7139242 (2006-11-01), Bays
patent: 7231459 (2007-06-01), Saraph
patent: 7292573 (2007-11-01), LaVigne et al.
patent: 7369557 (2008-05-01), Sinha
patent: 7386108 (2008-06-01), Zave et al.
patent: 7433966 (2008-10-01), Chamy et al.
patent: 7561569 (2009-07-01), Thiede
patent: 7580366 (2009-08-01), Mishra et al.
patent: 2002/0163932 (2002-11-01), Fischer et al.
patent: 2003/0120769 (2003-06-01), McCollom et al.
patent: 2003/0214913 (2003-11-01), Kan et al.
patent: 2007/0016702 (2007-01-01), Pione et al.
patent: 2007/0058558 (2007-03-01), Cheung et al.
patent: 2007/0076658 (2007-04-01), Park et al.
patent: 2007/0121812 (2007-05-01), Strange et al.
patent: WO 98/36532 (1998-08-01), None
patent: WO 02/084920 (2002-10-01), None
“The CAIDA Web Site,” www.caida.org/, 2002, 1 pg.
“About Endace,” www.endace.com/, 2002, 1 pg.
“Cisco IOS NetFlow,” , www.cisco.com/warp/public/732/Tech
mp
etflow/index.shtml, 2002, 1 pg.
Weaver, A.C. et al., “A Real-Time Monitor for Token Ring Networks,” Military Communications Conference, 1989, MILCOM '89, Oct. 1989, vol. 3, pp. 794-798.
Dini, P. et al., “Performance Evaluation for Distributed System Components,” Proceedings of IEEE Second International Workshop on Systems Management, Jun. 1996, pp. 20-29.
Integrated Services Adapter, 2000, Cisco Systems, Data Sheet, pp. 1-6, http://www.cisco.com/warp/public/cc/pd/ifaa/svaa/iasvaa/prodlit/ism2—ds.pdf.
“Well-Known TCP Port Number,” www.webopedia.com, 2004, 3 pgs.
“TCP Packet Field Descriptions,” www.ipanalyser.co.uk, Analyser Sales Ltd., Copyright 2003, 2 pages.
Michael Egan, “Decomposition of a TCP Packet,” www.passwall.com, 3 pages, Aug. 7, 2000.
Mark Gibbs, “A Guide to Original SYN,” www.nwfusion.com, Network World, Nov. 2000, 4 pages.
“Sample TCP/IP Packet,” www.passwall.com, Version 0.0.0 @ 03:55/Aug. 7, 2000, Copyright 2002, 6 pages.
D.J. Bernstein, “SYN Cookies,” http://cr.yp.to/syncookies.html, Oct. 2003, 3 pages.
Jonathan Lemon, “Resisting SYN Flood DoS Attacks with a SYN Cache,” http://people.freebsd.orgt/˜jlemon/papers/syncache.pdf, 9 pages.
Stuart Staniford, et al., “Practical Automated Detection of Stealthy Portscans,” http://downloads.securityfocus.com/library/spice-ccs2000.pdf, 16 pages.
U.S. Appl. No. 10/188,567, entitled “Adaptive Network Flow Analysis,” filed Jul. 2, 2002, Scott Mackie.
U.S. Appl. No. 10/228,150, entitiled “Network Device Having Accounting Service Card,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/228,132, entitled “Adaptive Network Router,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/228,114, entitled “Network Router Having Integrated Flow Accounting and Packet Interception,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/241,785, entitled “Rate-Controlled Transmission of Traffic Flow Information,” filed Sep. 10, 2002, Sandeep Jain.
U.S. Appl. No. 10/839,187, entitled “Port Scanning Mitigation Within a Network,” filed May 5, 2004.
PCI Technology Overview, Feb. 2003, www.cs.unc.edu/Research/stc/FAQs/pci-overview.pdf, 22 pgs.
U.S. Appl. No. 11/517,232, filed Sep. 7, 2006 entitled, “Network Device Having Service Card for Dynamic Flow Capture and Monitoring of Packet Flows,” to Apte et al.
Office Action dated Apr. 23, 2009 for U.S. Appl. No. 11/517,232, 28 pgs.
Response to Office Action dated Apr. 23, 2009 for U.S. Appl. No. 11/517,232, 23 pgs.
Office Action dated Oct. 19, 2009, for U.S. Appl. No. 11/517,232, 34 pgs.
Response to Office Action dated Oct. 19, 2009, for U.S. Appl. No. 11/517,232, filed Jan. 11, 2010, 13 pgs.
Apte Manoj
Budiyanto Fritz
Deenadayalan Saravanan
Duraiswamy Senthil Kumar
Jain Sandeep
Juniper Networks, Inc.
Nguyen Thu
Shumaker & Siettert, P.A.
Tran Nam
LandOfFree
Network device having service card for lawful intercept and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network device having service card for lawful intercept and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network device having service card for lawful intercept and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4184448