logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 10587483 B1

PDFFull Text
Date of Patent:
Mar. 10, 2020

Filed:

Jul. 31, 2018

Packet capture collection tasking system

Applicant:

Area 1 Security, Inc., Menlo Park, CA (US);

Inventors:

Blake Darche, Finksburg, MD (US);

Javier Castro, Silver Spring, MD (US);

Chiraag Aval, Menlo Park, CA (US);

Assignee:

Area 1 Security, Inc., Redwood City, CA (US);

Attorneys:

Hickman Palermo Becker Bingham LLP

Malgorzata A. Kulczycka

Primary Examiner:

El Hadji M Sall

Int. Cl.
CPC ...
H04L 12/26 (2006.01);
U.S. Cl.
CPC ...
H04L 43/028 (2013.01); H04L 43/062 (2013.01);
Abstract

A method and apparatus for packet capture is provided. A computer system comprises: a plurality of sensor computers each programmed to capture data packets directed to a different compromised computer from one or more attacker computers; a command server that is programmed to identify a first packet capture filter of a plurality of packet capture filters for a first sensor computer of the plurality of sensor computers, to transmit, via a communications network, the first packet capture filter to the first sensor computer of a plurality of sensor computers, wherein the first packet capture filter is programmed to cause the first sensor computer to capture a first set of data packets that have been routed toward a first compromised computer, and to identify a second packet capture filter of the plurality of packet capture filters for a second sensor computer of the plurality of sensor computers, to send, via the communications network, wherein the second packet capture filter is programmed to cause the second sensor computer to capture a second set of data packets that have been routed toward a second compromised computer, and to instruct the first sensor computer to capture data packets using the first packet capture filter and to instruct the second sensor computer to capture a second set of data packets using the second packet capture filter.

Find Patent Forward Citations

Loading…