VALIDATING PACKETS IN NETWORK COMMUNICATIONS

US 20120017265A1
Filed: 09/23/2011
Published: 01/19/2012
Est. Priority Date: 10/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method for validating packets in network communications, comprising the steps of:

(a) receiving, at networking hardware of a device, a packet communicated from another device over a network;

(b) intercepting, by virtual dispersive routing (VDR) software loaded on the device, the packet as it is passed from the networking hardware;

(c) determining, by the VDR software, that a destination address of the packet corresponds to an address associated with the device; and

(d) determining, by the VDR software, using a virtual machine for a network connection that virtualizes network capabilities of the device, that the packet belongs to a valid application running on the device.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for validating packets in network communications includes receiving, at networking hardware of a device, a packet communicated from another device over a network; intercepting, by virtual dispersive routing (VDR) software loaded on the device, the packet as it is passed from the networking hardware; determining, by the VDR software, that a destination address of the packet corresponds to an address associated with the device; and determining, by the VDR software, using a virtual machine for a network connection that virtualizes network capabilities of the device, that the packet belongs to a valid application running on the device.

47 Citations

View as Search Results

20 Claims

1. A method for validating packets in network communications, comprising the steps of:
- (a) receiving, at networking hardware of a device, a packet communicated from another device over a network;
  
  (b) intercepting, by virtual dispersive routing (VDR) software loaded on the device, the packet as it is passed from the networking hardware;
  
  (c) determining, by the VDR software, that a destination address of the packet corresponds to an address associated with the device; and
  
  (d) determining, by the VDR software, using a virtual machine for a network connection that virtualizes network capabilities of the device, that the packet belongs to a valid application running on the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the virtual machine is spawned by the VDR software in response to a request for a network connection from a particular application running on the device.
  - 3. The method of claim 2, wherein said step of determining that the packet belongs to a valid application running on the device comprises determining that the packet belongs to the particular application running on the device.
  - 4. The method of claim 2, wherein the particular application is a computer game.
  - 5. The method of claim 1, wherein the device is a computer.
  - 6. The method of claim 5, wherein the computer includes a plurality of processing cores.
  - 7. The method of claim 1, wherein the device is a mobile phone.
  - 8. The method of claim 1, wherein said step of determining, using a virtual machine for a network connection that virtualizes network capabilities of the device, that the packet belongs to a valid application utilizes a spider configured to thread together an upper application layer and a lower layer of a protocol stack.
  - 9. The method of claim 1, wherein the method further includes the steps of:
    - (a) determining, based on application information associated with a valid application running on the device, that the packet is atypical; and
      
      (b) quarantining, utilizing a virtual machine for a network connection that virtualizes network capabilities of the device, the packet and other packets received over the network pending verification.
  - 10. The method of claim 1, wherein the method further includes the steps of:
    - (a) running a hashing algorithm on the packet; and
      
      (b) determining, based on a result of the hashing algorithm, that the packet is corrupt.
  - 11. The method of claim 10, wherein the method further includes a step of, in response to determining that the packet is corrupt, quarantining the packet.
  - 12. The method of claim 1, wherein the method further includes the step of determining, based at least in part on application information associated with a valid application running on the device, that the packet is corrupt.
  - 13. The method of claim 12, wherein the method further includes a step of, in response to determining that the packet is corrupt, quarantining the packet.
  - 14. The method of claim 1, wherein the method further includes the steps of:
    - (a) running a hashing algorithm on the packet; and
      
      (b) determining, based at least partially on a result of the hashing algorithm, and at least partially on application information associated with a valid application running on the device, that the packet is corrupt.
  - 15. The method of claim 14, wherein the method further includes a step of, in response to determining that the packet is corrupt, quarantining the packet.
  - 16. The method of claim 1, wherein the method further includes the steps of:
    - (a) running a hashing algorithm on the packet; and
      
      (b) determining, based at least partially on a result of the hashing algorithm, and at least partially on application information associated with a valid application running on the device, that the packet is atypical.
  - 17. The method of claim 16, wherein the method further includes a step of, in response to determining that the packet is atypical, quarantining the packet.

18. A method of utilizing information from one layer of a protocol stack to inform decisions at another layer of the protocol stack, comprising:
- (a) spawning a virtual machine for a network connection that virtualizes network capabilities of a device;
  
  (b) loading a spider configured to thread together an upper application layer and a lower layer of a protocol stack;
  
  (c) receiving, using the virtualized network capabilities of the virtual machine, a packet at the lower layer; and
  
  (c) determining whether a value from the packet corresponds to a value associated with the application layer.

19. A method of utilizing information from one layer of a protocol stack to inform decisions at another layer of the protocol stack, comprising:
- (a) loading, at a device, a spider configured to thread together an upper application layer and a lower layer of a protocol stack;
  
  (b) receiving a network packet at the lower layer;
  
  (c) determining whether a value derived from information in the network packet corresponds to a value associated with the application layer.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein the device comprises a computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dispersive Holdings Incorporated (Dispersive Networks, Inc.)
Original Assignee
Dispersive Networks, Inc.
Inventors
Twitchell, Robert W. Jr.

Granted Patent

US 9,246,980 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 12/56   Packet switching systems

H04L 45/586   of virtual routers

H04L 47/17   Interaction among intermedi...

H04L 51/06   Message adaptation to termi...

H04L 67/06   specially adapted for file ...

H04L 69/14   Multichannel or multilink p...

H04L 69/18   Multiprotocol handlers, e.g...

H04L 69/22   Parsing or analysis of headers

H04L 69/28   Timers or timing mechanisms...

H04L 69/32   Architecture of open system...

H04L 69/325   in the network layer [OSI l...

VALIDATING PACKETS IN NETWORK COMMUNICATIONS

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

VALIDATING PACKETS IN NETWORK COMMUNICATIONS

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links