Distributed network interfaces for application cloaking and spoofing

US 10,063,393 B2
Filed: 10/08/2014
Issued: 08/28/2018
Est. Priority Date: 12/28/2010
Status: Active Grant

First Claim

Patent Images

1. A networking fabric device configured to interact with a networking fabric for facilitating communication between an application and a remote device, the networking fabric device comprising:

a network interface communicatively coupled with other networking fabric devices within the networking fabric that is configured to perform different roles within a communication stack distributed among the fabric devices, including the networking fabric device, within the networking fabric and between the application and the remote device; and

a processor coupled with the network interface and programmed to;

upon receiving a first set of instructions, configure the network fabric device to perform a first set of roles associated with a first layer of the communication stack, and to communicate with a second networking fabric device operating as part of the communication stack according to the first set of roles;

upon receiving a second set of instructions, reconfigure the network fabric device to perform a second set of roles associated with a second different layer of the communication stack, and to communicate with a third networking fabric device operating as part of the communication stack according to the second set of roles; and

upon receiving the first set of instructions, configure the networking fabric device as a first interface module of the application that responds to at least a first portion of the application'"'"'s network address by updating incoming packets to transmit to the application through a first set of nodes within the networking fabric via the network interface in a manner where the first interface module is transparent to the remote device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods associated with distributing an application'"'"'s network interface over nodes of a networking fabric are presented. Nodes of the fabric can operate as interface modules, each taking on a role or responsibility for a portion of the application'"'"'s network address including IP address, port assignments, or other portions of the network address. Interface modules of the networking nodes can then spoof or cloak the application to provide security against internal or external threats.

Citations

20 Claims

1. A networking fabric device configured to interact with a networking fabric for facilitating communication between an application and a remote device, the networking fabric device comprising:
- a network interface communicatively coupled with other networking fabric devices within the networking fabric that is configured to perform different roles within a communication stack distributed among the fabric devices, including the networking fabric device, within the networking fabric and between the application and the remote device; and
  
  a processor coupled with the network interface and programmed to;
  
  upon receiving a first set of instructions, configure the network fabric device to perform a first set of roles associated with a first layer of the communication stack, and to communicate with a second networking fabric device operating as part of the communication stack according to the first set of roles;
  
  upon receiving a second set of instructions, reconfigure the network fabric device to perform a second set of roles associated with a second different layer of the communication stack, and to communicate with a third networking fabric device operating as part of the communication stack according to the second set of roles; and
  
  upon receiving the first set of instructions, configure the networking fabric device as a first interface module of the application that responds to at least a first portion of the application'"'"'s network address by updating incoming packets to transmit to the application through a first set of nodes within the networking fabric via the network interface in a manner where the first interface module is transparent to the remote device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The networking fabric device of claim 1, wherein the first set of roles comprises transmitting, via the network interface, data packets to a first node within the networking fabric according to a first communication path to facilitate communication between the application and the remote device.
  - 3. The networking fabric device of claim 2, wherein the second set of roles comprising transmitting, via the network interface, data packets to a second device within the networking fabric according to a second communication path to facilitate communication between an application and a remote device via the networking fabric.
  - 4. The networking fabric device of claim 1, wherein the first set of roles comprising configuring the first interface module as an observation tap configured to monitor the exchanged packets.
  - 5. The networking fabric device of claim 1, wherein the processor is further programmed to, upon receiving the second set of instructions, configure the first interface module of the application to update incoming packets to transmit to the application through a second set of nodes within the networking fabric via the network interface in a manner where the first interface module is transparent to the remote device.
  - 6. The networking fabric device of claim 1, wherein the processor is further programmed to, upon receiving the second set of instructions, configure the network fabric device as a second interface module of the application to respond to a second portion of the application'"'"'s network address update incoming packets to transmit to the application through a second set of nodes within the networking fabric via the network interface in a manner where the second interface module is transparent to the remote device.
  - 7. The networking fabric device of claim 1, wherein the first set of roles comprises logging a history of the incoming packets.
  - 8. The networking fabric device of claim 7, wherein the first set of roles comprises storing the history in a black-box memory.
  - 9. The networking fabric device of claim 1, wherein the first set of roles comprises updating the incoming packets while retaining connectivity between the application and the remote device via the first interface module.
  - 10. The networking fabric device of claim 1, wherein the first set of instructions is received from a fabric management module executed on another node within the networking fabric via the network interface.
  - 11. The networking fabric device of claim 1, wherein the first set of instructions is received from a fabric management module executed on the networking fabric device.
  - 12. The networking fabric device of claim 1, wherein the networking fabric device comprises a line card.
  - 13. The networking fabric device of claim 1, wherein the networking fabric device comprises a networking switch.
  - 14. The networking fabric device of claim 1, wherein the application is executed on a computing device outside of the networking fabric.
  - 15. The networking fabric device of claim 1, wherein the application is distributed across different networking fabric devices within the networking fabric.
  - 16. The networking fabric device of claim 1, wherein the first layer comprises at least one of a link layer, a network layer, and a transport layer.
  - 17. The networking fabric device of claim 1, wherein the first set of roles comprises spoofing a portion of the application'"'"'s network address to intercept the incoming packets destined to the application.
  - 18. The networking fabric of claim 1, wherein the first set of roles comprises cloaking at least a portion of the application'"'"'s network address.

19. A networking fabric device configured to interaction with a networking fabric for facilitating communication between an application and a remote device, the networking fabric device comprising:
- a network interface communicatively coupled with other networking fabric devices within the networking fabric that is configured to perform different roles within a communication stack distributed among the fabric devices, including the networking fabric device, within the networking fabric and between the application and the remote device; and
  
  a processor coupled with the network interface and programmed to;
  
  upon receiving a first set of instructions, configure the network fabric device to perform a first set of roles associated with a first layer of the communication stack, and to communicate with a second networking fabric device operating as part of the communication stack according to the first set of roles, wherein the first set of roles comprises spoofing a portion of the application'"'"'s network address to intercept the incoming packets destined to the application;
  
  upon receiving a second set of instructions, reconfigure the network fabric device to perform a second set of roles associated with a second, different layer of the communication stack, and to communicate with a third networking fabric device operating as part of the communication stack according to the second set of roles; and
  
  upon receiving the first set of instructions, configure the networking fabric device as a first interface module of the application that responds to at least a first portion of the application'"'"'s network address by updating incoming packets to transmit to the application through a first set of nodes within the networking fabric via the network interface in a manner where the first interface module is transparent to the remote device.

20. A networking fabric device configured to interact with a networking fabric for facilitating communication between an application and a remote device, the networking fabric device comprising:
- a network interface communicatively coupled with other networking fabric devices within the networking fabric that is configured to perform different roles within a communication stack distributed among the fabric devices, including the networking fabric device, within the networking fabric and between the application and the remote device; and
  
  a processor coupled with the network interface and programmed to;
  
  upon receiving a first set of instructions, configure the network fabric device to perform a first set of roles associated with a first layer of the communication stack, and to communicate with a second networking fabric device operating as part of the communication stack according to the first set of roles, wherein the first set of roles comprises cloaking a portion of the application'"'"'s network address;
  
  upon receiving a second set of instructions, reconfigure the network fabric device to perform a second set of roles associated with a second, different layer of the communication stack, and to communicate with a third networking fabric device operating as part of the communication stack according to the second set of roles; and
  
  upon receiving the first set of instructions, configure the networking fabric device as a first interface module of the application that responds to at least a first portion of the application'"'"'s network address by updating incoming packets to transmit to the application through a first set of nodes within the networking fabric via the network interface in a manner where the first interface module is transparent to the remote device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nant Holdings IP, LLC (NantWorks, LLC)
Original Assignee
Nant Holdings IP, LLC (NantWorks, LLC)
Inventors
Wittenschlaeger, Thomas
Primary Examiner(s)
Abedin, Normin
Assistant Examiner(s)
Garcia-Ching, Karina J

Application Number

US14/509,904
Publication Number

US 20150026320A1
Time in Patent Office

1,420 Days
Field of Search

709221
US Class Current
CPC Class Codes

H04L 12/66   Arrangements for connecting...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

Distributed network interfaces for application cloaking and spoofing

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Distributed network interfaces for application cloaking and spoofing

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links