Patents by Inventor Marc Willebeek-LeMair
Marc Willebeek-LeMair has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220078199Abstract: A system and method automatically links security events associated with a computer network and system calls of plural networked computers interfaced with the computer network. System call information of the system calls of the plural networked computers are communicated to a network location to associate security events with system calls across the networked computers and provide a causal graph that reconstructs a sequence of events with precise attribution and timing to comprehend entities and actions associated with the security event.Type: ApplicationFiled: September 9, 2021Publication date: March 10, 2022Applicant: Spyderbat, Inc.Inventors: Marc Willebeek-LeMair, Brian Smith, Ian Spencer Nelson, David Tyree, Seth Goldhammer
-
Patent number: 9071637Abstract: A network security platform stores network telemetry information in an active memory, such as DRAM, and analyzes the network telemetry information to detect and respond to network security threats. Using a common active memory to store sensed network telemetry information and analyze that information provides a real-time dataflow engine for detecting security threats and neutralizing detected threats.Type: GrantFiled: November 14, 2012Date of Patent: June 30, 2015Assignee: Click Security, Inc.Inventors: Brian Smith, Marc Willebeek-LeMair
-
Patent number: 8973132Abstract: Pluggable network security modules provide a collaborative response across plural networks by allowing modules associated with detection and neutralization of a network security threat to plug into a network security platform of other networks. Plugging the security modules in provides an automated insertion of detection and neutralization tools into the network security platform to respond to potential threats based upon proven successful responses at other networks.Type: GrantFiled: November 14, 2012Date of Patent: March 3, 2015Assignee: Click Security, Inc.Inventors: Brian Smith, Donovan Kolbly, Marc Willebeek-LeMair
-
Publication number: 20140137240Abstract: A network security platform stores network telemetry information in an active memory, such as DRAM, and analyzes the network telemetry information to detect and respond to network security threats. Using a common active memory to store sensed network telemetry information and analyze that information provides a real-time dataflow engine for detecting security threats and neutralizing detected threats.Type: ApplicationFiled: November 14, 2012Publication date: May 15, 2014Applicant: CLICK SECURITY, INC.Inventors: Brian Smith, Marc Willebeek-LeMair
-
Publication number: 20140137241Abstract: Pluggable network security modules provide a collaborative response across plural networks by allowing modules associated with detection and neutralization of a network security threat to plug into a network security platform of other networks. Plugging the security modules in provides an automated insertion of detection and neutralization tools into the network security platform to respond to potential threats based upon proven successful responses at other networks.Type: ApplicationFiled: November 14, 2012Publication date: May 15, 2014Applicant: Click Security, Inc.Inventors: Brian Smith, Donovan Kolbly, Marc Willebeek-LeMair
-
Patent number: 8570866Abstract: A network node includes a classify engine interfaced with the Internet. The classify engine accepts packets from the Internet and determines classification information for each packet. A process engine is interfaced with the classify engine, and has ports, each port being associated with a function. A controller is interfaced with the classify engine and the process engine. The controller programs the classify engine with a dataflow program to route each packet to a predetermined port of the process engine based on the classification information of the packet.Type: GrantFiled: February 9, 2012Date of Patent: October 29, 2013Assignee: Hewlett-Packard Development Company, L.P.Inventors: Charles R. Buckman, Dennis J. Cox, Donovan M. Kolbly, Craig S. Cantrell, Brian C. Smith, Jon H. Werner, Marc Willebeek-LeMair, Joe Wayne Blackard, Francis S. Webster, III
-
Publication number: 20120140672Abstract: A network node includes a classify engine interfaced with the Internet. The classify engine accepts packets from the Internet and determines classification information for each packet. A process engine is interfaced with the classify engine, and has ports, each port being associated with a function. A controller is interfaced with the classify engine and the process engine. The controller programs the classify engine with a dataflow program to route each packet to a predetermined port of the process engine based on the classification information of the packet.Type: ApplicationFiled: February 9, 2012Publication date: June 7, 2012Inventors: Charles R. Buckman, Dennis J. Cox, Donovan M. Kolbly, Craig S. Cantrell, Brian C. Smith, Jon H. Werner, Marc Willebeek-LeMair, Joe Wayne Blackard, Francis S. Webster, III
-
Patent number: 8125905Abstract: A system and method provides a broadband network node for a best effort network such as the Internet or intranets which supports the inexpensive and rapid deployment of services to the best efforts network. Separate data path and control path mechanisms allow high-speed data transfers with parallel processing flows for the data path that are controlled across data flows by the control path. Packets are classified, modified and shaped to enable the service on the network with an accountant to track packet traffic for control and billing purposes. A series of processing blades perform a modification function for each blade that processes packets according to classifications. The processing blades are modular and scalable for insertion in the broad band switch to rapidly adapt the broadband network node for new services.Type: GrantFiled: September 3, 2009Date of Patent: February 28, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventors: Charles R Buckman, Dennis J Cox, Donovan M Kolby, Craig S Cantrell, Brian C Smith, John H Werner, Marc Willebeek-LeMair, Joe Wayne Blackard, Francis S. Webster, III
-
Publication number: 20110099631Abstract: Distribution of network processing load among a set of packet processing devices is improved by employing means for eliminating, controlling, or otherwise affecting redundant packet processing operations. In one embodiment, at least two packet processing devices are present, both capable of processing data packets flowing therethrough, such as, inspecting, detecting, and filtering data packets pursuant to one or more filters from a filter set. Redundancy is controlled by providing or enabling either or both of the packet processing devices with capability for detecting during its said inspection of said data packets that, for example, one or more filters had been previously executed on said data packets by the other packet processing device, and then not executing the previously-executed filters on said data packets.Type: ApplicationFiled: October 26, 2010Publication date: April 28, 2011Inventors: Marc Willebeek-LeMair, Brian C. Smith
-
Publication number: 20090323550Abstract: A system and method provides a broadband network node for a best effort network such as the Internet or intranets which supports the inexpensive and rapid deployment of services to the best efforts network. Separate data path and control path mechanisms allow high-speed data transfers with parallel processing flows for the data path that are controlled across data flows by the control path. Packets are classified, modified and shaped to enable the service on the network with an accountant to track packet traffic for control and billing purposes. A series of processing blades perform a modification function for each blade that processes packets according to classifications. The processing blades are modular and scalable for insertion in the broadband switch to rapidly adapt the broadband network node for new services.Type: ApplicationFiled: September 3, 2009Publication date: December 31, 2009Applicant: 3COM CORPORATIONInventors: Charles R. Buckman, Dennis J. Cox, Donovan M. Kolbly, Craig S. Cantrell, Brian C. Smith, Jon H. Werner, Marc Willebeek-LeMair, Joe Wayne Blackard, Francis S. Webster, III
-
Patent number: 7633868Abstract: A system and method provides a broadband network node for a best effort network such as the Internet or intranets which supports the inexpensive and rapid deployment of services to the best efforts network. Separate data path and control path mechanisms allow high-speed data transfers with parallel processing flows for the data path that are controlled across data flows by the control path. Packets are classified, modified and shaped to enable the service on the network with an accountant to track packet traffic for control and billing purposes. A series of processing blades perform a modification function for each blade that processes packets according to classifications. The processing blades are modular and scalable for insertion in the broad band switch to rapidly adapt the broadband network node for new services.Type: GrantFiled: June 23, 2006Date of Patent: December 15, 2009Assignee: TippingPoint Technologies, Inc.Inventors: Charles R. Buckman, Dennis J. Cox, Donovan M. Kolbly, Craig S. Cantrell, Brian C. Smith, Jon H. Werner, Marc Willebeek-LeMair, Joe Wayne Blackard, Francis S. Webster, III
-
Patent number: 7454499Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.Type: GrantFiled: November 7, 2002Date of Patent: November 18, 2008Assignee: Tippingpoint Technologies, Inc.Inventors: Craig Cantrell, Marc Willebeek-LeMair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
-
Patent number: 7454792Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.Type: GrantFiled: August 31, 2004Date of Patent: November 18, 2008Assignee: TippingPoint Technologies, Inc.Inventors: Craig Cantrell, Marc Willebeek-Lemair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
-
Patent number: 7451489Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.Type: GrantFiled: August 31, 2004Date of Patent: November 11, 2008Assignee: TippingPoint Technologies, Inc.Inventors: Craig Cantrell, Marc Willebeek-Lemair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly
-
Patent number: 7359962Abstract: A network discovery functionality, intrusion detector functionality and firewalling functionality are integrated together to form a network security system presenting a self-deploying and self-hardening security defense for a network.Type: GrantFiled: April 30, 2002Date of Patent: April 15, 2008Assignee: 3Com CorporationInventors: Marc Willebeek-LeMair, Craig Cantrell, Dennis Cox, John McHale, Brian Smith
-
Publication number: 20070189273Abstract: An electronic communication network includes a connectivity plane and a control plane. The control plane includes at least one control node for inspecting packets received by the control plane. The control plane is configured to perform network traffic control functions on the packets received by the at least one control node before transmitting the packets to any other node in the network. The network traffic control functions include one or more of access control, attack control, and application control.Type: ApplicationFiled: December 8, 2006Publication date: August 16, 2007Applicant: 3Com CorporationInventors: Marc Willebeek-LeMair, Brian C. Smith
-
Publication number: 20060239273Abstract: A system and method provides a broadband network node for a best effort network such as the Internet or intranets which supports the inexpensive and rapid deployment of services to the best efforts network. Separate data path and control path mechanisms allow high-speed data transfers with parallel processing flows for the data path that are controlled across data flows by the control path. Packets are classified, modified and shaped to enable the service on the network with an accountant to track packet traffic for control and billing purposes. A series of processing blades perform a modification function for each blade that processes packets according to classifications. The processing blades are modular and scalable for insertion in the broad band switch to rapidly adapt the broadband network node for new services.Type: ApplicationFiled: June 23, 2006Publication date: October 26, 2006Inventors: Charles Buckman, Dennis Cox, Donovan Kolbly, Craig Cantrell, Brian Smith, Jon Werner, Marc Willebeek-LeMair, Joe Blackard, Francis Webster
-
Patent number: 7095715Abstract: A system and method provides a broadband network node for a best effort network such as the Internet or intranets which supports the inexpensive and rapid deployment of services to the best efforts network. Separate data path and control path mechanisms allow high-speed data transfers with parallel processing flows for the data path that are controlled across data flows by the control path. Packets are classified, modified and shaped to enable the service on the network with an accountant to track packet traffic for control and billing purposes. A series of processing blades perform a modification function for each blade that processes packets according to classifications. The processing blades are modular and scalable for insertion in the broad band switch to rapidly adapt the broadband network node for new services.Type: GrantFiled: July 2, 2001Date of Patent: August 22, 2006Assignee: 3Com CorporationInventors: Charles R. Buckman, Dennis J. Cox, Donovan M. Kolbly, Craig S. Cantrell, Brian C. Smith, Jon H. Werner, Marc Willebeek-LeMair, Joe Wayne Blackard, Francis S. Webster, III
-
Patent number: 6983323Abstract: A packet filtering operation implements a hierarchical technique. Received packet traffic is first filtered with a first filtering criteria. This first filtering action generates a first pass traffic portion and a fail traffic portion from the received packet traffic. The fail traffic portion is then second filtered with a second filtering criteria. This second filtering action generates a second pass traffic portion and a reject traffic portion. The first filtering criteria provide for higher throughput, lower accuracy processing while the second filtering criteria provide for lower throughput, higher accuracy processing. Dynamic adjustments may be made to the first and second filtering criteria to achieve better overall packet filtering performance. For example, load is measured and the filtering criteria adjusted to better balance load between the hierarchical filtering actions.Type: GrantFiled: August 12, 2002Date of Patent: January 3, 2006Assignee: TippingPoint Technologies, Inc.Inventors: Craig Cantrell, Marc Willebeek-LeMair, Dennis Cox, Donovan Kolbly, Brian Smith
-
Publication number: 20050044422Abstract: An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.Type: ApplicationFiled: August 31, 2004Publication date: February 24, 2005Inventors: Craig Cantrell, Marc Willebeek-Lemair, Dennis Cox, John McHale, Brian Smith, Donovan Kolbly