Systems and methods for protecting communications between nodes

US 9,325,676 B2
Filed: 05/24/2012
Issued: 04/26/2016
Est. Priority Date: 05/24/2012
Status: Active Grant

First Claim

Patent Images

1. A method for facilitating data transmission utilizing a communication protocol between first and second nodes, the method comprising:

intercepting, by a packet level program executed by the first node and at a layer immediately prior to or subsequent to a physical layer, outbound and inbound data transmissions, respectively, wherein the transmissions are intercepted at a smallest division of data supported by the communication protocol used to transmit the data;

altering, by the packet level program executed by the first node and at the layer immediately prior to or subsequent to the physical layer, both the intercepted outbound data and the intercepted inbound data, wherein altering comprises modifying the intercepted data such that an integrity check value requires re-computation and, as a result, re-computing the integrity check value;

transmitting, by the packet level program, the altered outbound data to the second node; and

transmitting, by the packet level program, the altered inbound data to an application executed by the first node.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for protecting communications between at least two nodes protect the identity of a node requesting information, provide content of communications being sent and/or obscuring a type of communications being sent. Varying degrees of protection options including encryption, intermediate node termination and direct node communications are provided.

76 Citations

View as Search Results

21 Claims

1. A method for facilitating data transmission utilizing a communication protocol between first and second nodes, the method comprising:
- intercepting, by a packet level program executed by the first node and at a layer immediately prior to or subsequent to a physical layer, outbound and inbound data transmissions, respectively, wherein the transmissions are intercepted at a smallest division of data supported by the communication protocol used to transmit the data;
  
  altering, by the packet level program executed by the first node and at the layer immediately prior to or subsequent to the physical layer, both the intercepted outbound data and the intercepted inbound data, wherein altering comprises modifying the intercepted data such that an integrity check value requires re-computation and, as a result, re-computing the integrity check value;
  
  transmitting, by the packet level program, the altered outbound data to the second node; and
  
  transmitting, by the packet level program, the altered inbound data to an application executed by the first node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The method according to claim 1, wherein the communication protocol is packet based and the data is intercepted at a packet level.
  - 3. The method according to claim 2, further comprising:
    - synchronizing sequence numbers of packets sent from the at least one of the two logical nodes with sequence numbers of packets sent to the at least one of the two logical nodes.
  - 4. The method according to claim 2, further comprising:
    - encrypting at least a portion of a packet intercepted between the two logical nodes.
  - 5. The method according to claim 1, wherein the communication protocol is based on pulses of light and the data is intercepted at a light pulse level.
  - 6. The method according to claim 1, wherein the altering the intercepted outbound data comprises at least one of compressing the intercepted data, encrypting the intercepted data, obfuscating the intercepted data, inserting new data in the intercepted data and splitting the intercepted data.
  - 7. The method according to claim 1, wherein the intercepting the outbound and inbound data between the two logical nodes and the altering the intercepted outbound and inbound data utilize resources in at least two different modes of an operating system.
  - 8. The method according to claim 7, further comprising:
    - at least one of accessing and storing shared data in a shared memory by a process executed in a first mode of the at least two different modes of the operating system;
      
      accessing the shared data in the shared memory by the process executed in a second mode of the at least two different modes of the operating system.
  - 9. The method according to claim 1, further comprising:
    - obtaining node data from one or more logical source nodes;
      
      altering the intercepted outbound data based on the obtained node data; and
      
      sending the altered outbound data to the at least one of the two logical nodes through at least one of the logical source nodes for which the node data is obtained.
  - 10. The method according to claim 9, further comprising:
    - monitoring a behavior of the at least one of the logical source nodes through which the altered data is sent; and
      
      sending the altered outbound data to the at least one of the two logical nodes through another of the logical source nodes for which the node data is obtained based on the monitored behavior.
  - 11. The method according to claim 9, wherein the node data is obtained for source nodes in a selected geographic location.
  - 12. The method according to claim 9, wherein the node data obtained from the one more logical source nodes is encrypted by a layered encryption including at least one of a plurality of types of encryption, and the method further comprises decrypting the node data.
  - 13. The method according to claim 1, further comprising:
    - applying a plain view encryption process based on a unique user encryption data set to the intercepted outbound data before altering the intercepted outbound data;
      
      sending the altered and encrypted outbound data to the at least one of the two logical nodes through at least one cryption node.
  - 14. The method according to claim 13, further comprising:
    - decrypting the altered and encrypted outbound data at the cryption node;
      
      sending the altered outbound data to the at least one of the two logical nodes through at least one intermediate node.
  - 15. The method according to claim 13, further comprising:
    - decrypting the altered and encrypted outbound data at the cryption node;
      
      sending the altered outbound data to the at least one of the two logical nodes directly from the cryption node.
  - 16. The method according to claim 1, further comprising:
    - applying a plain view encryption process based on a unique user encryption data set to the intercepted outbound data before altering the intercepted outbound data;
      
      sending the altered and encrypted data directly to the at least one of the two logical nodes.
  - 17. The method according to claim 1, further comprising:
    - receiving encrypted data encrypted by a plain view encryption process based on a unique user encryption data set at a cryption node;
      
      decrypting the encrypted data at the cryption node;
      
      sending the decrypted data to the at least one of the two logical nodes.
  - 18. The method according to claim 1, wherein the application is a virtualized application.
  - 19. The method of claim 1 wherein the integrity check value comprises a cyclic redundancy check (CRC) value.

20. A method for facilitating data transmission between first and second nodes, the method comprising:
- intercepting, by a packet level program executed by the first node and at a layer immediately prior to or subsequent to a physical layer, outbound and inbound data transmissions, respectively, including first data transmitted using a first communication protocol, wherein the first data is intercepted at a smallest division of data supported by the first communication protocol;
  
  storing the intercepted first data;
  
  intercepting, by the packet level program, outbound and inbound data transmissions, including second data transmitted using a second communication protocol, wherein the second data is intercepted at a smallest division of data supported by the second communication protocol;
  
  comparing the intercepted first data to the intercepted second data;
  
  sending a result of the comparison to at least one of the nodes; and
  
  altering, by the packet level program executed by the first node and at the layer immediately prior to or subsequent to the physical layer, one of the intercepted first or second data, wherein altering comprises modifying the intercepted data such that a cyclic redundancy check (CRC) value requires re-computation and, as a result, re-computing the CRC value.

21. A system for facilitating data transmission utilizing a communication protocol, the system comprising:
- a first node comprising;
  
  a network interface card; and
  
  a processor coupled to the network interface card and to execute a packet level program at a layer immediately prior to or subsequent to a physical layer to;
  
  intercept outbound and inbound data transmissions, wherein the transmissions are intercepted at a smallest division of data supported by the communication protocol used to transmit the data;
  
  alter the intercepted data by modifying the intercepted data such that a cyclic redundancy check (CRC) value requires re-computation and, as a result, re-computing the CRC value;
  
  transmit the altered outbound data to a second node; and
  
  transmit the altered inbound data to an application other than the packet level program executed by the processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Smart Security Systems, LLC
Original Assignee
IP Ghoster, Inc.
Inventors
Tola, Kenneth C. Jr.
Primary Examiner(s)
Colin, Carl
Assistant Examiner(s)
ZHAO, DON GORDON

Application Number

US13/480,057
Publication Number

US 20130318339A1
Time in Patent Office

1,433 Days
Field of Search

726 1- 22, 726/26, 713150-176
US Class Current

1/1
CPC Class Codes

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 43/08   Monitoring or testing based...

H04L 63/0421   Anonymous communication, i....

H04L 63/0478   applying multiple layers of...

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

H04L 67/1095   Replication or mirroring of...

H04L 67/566   Grouping or aggregating ser...

H04L 69/323   in the physical layer [OSI ...

Systems and methods for protecting communications between nodes

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

76 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for protecting communications between nodes

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others