Case IPR2023-00554
`Patent No. 10,652,111
`
`
`
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`CISCO SYSTEMS, INC.,
`Petitioner,
`
`v.
`
`ORCKIT CORPORATION,
`Patent Owner.
`____________
`
`Case IPR2023-00554
`U.S. Patent No. 10,652,111
`____________
`
`PATENT OWNER’S RESPONSE PURSUANT TO 37 C.F.R. § 42.120
`
`
`Patent No. 10,652,111
`
`
`
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`CISCO SYSTEMS, INC.,
`Petitioner,
`
`v.
`
`ORCKIT CORPORATION,
`Patent Owner.
`____________
`
`Case IPR2023-00554
`U.S. Patent No. 10,652,111
`____________
`
`PATENT OWNER’S RESPONSE PURSUANT TO 37 C.F.R. § 42.120
`
`
`
`TABLE OF CONTENTS
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`Page
`
`I.
`
`INTRODUCTION ......................................................................................... 1
`
`II.
`
`BACKGROUND ............................................................................................ 6
`
`A.
`
`Procedural History .............................................................................. 6
`
`B.
`
`Patent Owner ....................................................................................... 6
`
`C.
`
`’111 Patent ............................................................................................ 8
`
`1.
`
`Prosecution History ................................................................ 11
`
`D.
`
`Petitioner’s Cited References and Challenged Claims .................. 12
`
`1.
`
`2.
`
`3.
`
`Lin (Ex. 1005) .......................................................................... 13
`
`Shieh (Ex. 1006) ....................................................................... 14
`
`Swenson (Ex. 1007) ................................................................. 15
`
`E.
`
`Level of Ordinary Skill ..................................................................... 16
`
`III. CLAIM CONSTRUCTION ........................................................................16
`
`IV. NO COMBINATION OF THE CITED PRIOR ART
`REFERENCES TEACHES OR SUGGESTS EVERY
`LIMITATION OF THE CLAIMS .............................................................17
`
`A. Claim 1: Petitioner’s First Ground Fails. ....................................... 19
`
`1.
`
`[1.0] Lin and Swenson do not disclose or render
`obvious the claimed controller under either Patent
`Owner’s or Petitioner’s proposed constructions. ................ 19
`
`i
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`a.
`
`b.
`
`c.
`
`Lin does not disclose or render obvious a
`controller configured to perform or capable of
`controlling DPI. .............................................................20
`
`Swenson does not disclose or render obvious a
`controller configured to perform or capable of
`controlling DPI. .............................................................23
`
`A POSA would not have combined Swenson’s
`controller with Lin’s or adapted such a
`combination to practice the claimed controller
`in Lin’s system in any event. ........................................32
`
`2.
`
`[1.5] – [1.6]: Lin does not disclose sending the packet
`to the second entity “responsive to the packet not
`satisfying the criterion” or sending the packet to an
`entity other than the second entity “responsive to the
`packet satisfying the criterion.” ............................................. 39
`
`B.
`
`Claim 1: Petitioner’s Ground 2 fails ................................................ 42
`
`1.
`
`Shieh does not disclose the claimed “packet-
`applicable criterion” responsive to which a packet is
`sent either to a second entity or to another entity that
`is different from the second entity. ........................................ 42
`
`C. Claim 3: The prior art does not disclose sending the packet
`to an entity that is other than the second entity and to the
`controller ............................................................................................. 46
`
`D. Claims 4 and 5: The prior art does not disclose sending the
`packet to an entity that is other than the second entity and
`to the controller .................................................................................. 49
`
`E.
`
`F.
`
`Claim 6: The prior art does not disclose storing the packet
`by the controller in a memory .......................................................... 50
`
`Claim 7: The prior art does not disclose sending “a portion
`of the packet” as claimed .................................................................. 52
`
`ii
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`G. Claim 16: The prior art does not disclose “the packet
`comprises distinct header and payload fields, the header
`comprises one or more flag bits, and wherein the packet-
`applicable criterion is that one or more of the flag bits is
`set”
` ................................................................................................... 54
`
`H. Claim 30: The prior art does not disclose “receiving…one
`or more additional packets” as claimed .......................................... 57
`
`V. CONCLUSION ............................................................................................59
`
`
`
`
`
`
`
`iii
`
`
`
`TABLE OF AUTHORITIES
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`Page(s)
`
`Cases
`
`Arendi SARL v. Apple Inc.,
`832 F.3d 1355 (Fed. Cir. 2016) ...........................................................................56
`
`DSS Tech. Mgmt. Inc. v. Apple Inc.,
`885 F.3d 1367 (Fed. Cir. 2018) ...........................................................................55
`
`Forest Lab’ys, LLC v. Sigmapharm Lab’ys, LLC,
`918 F.3d 928 (Fed. Cir. 2019) .............................................................................33
`
`Mformation Tech. v. Research in Motion Ltd.,
`764 F.3d 1392 (Fed. Cir. 2014) .............................................................. 46, 48, 49
`
`Nidec Motor Corp. v. Zhongshan Broad Ocean Motor Co.,
`851 F.3d 1270 (Fed. Cir. 2017) ...........................................................................55
`
`Realtime Data, LLC v. Iancu,
`912 F.3d 1368 (Fed. Cir. 2019) ...........................................................................16
`
`Samsung Elecs. Co., Ltd. v. Elm 3DS Innovations, LLC,
`925 F.3d 1373 (Fed. Cir. 2019) ...........................................................................34
`
`Statutes
`
`35 U.S.C. § 103 ........................................................................................................11
`
`Agency Decisions
`
`Xerox Corp. et al. v. Bytemark, Inc.,
`IPR2022-00624, Paper 12 (PTAB Feb. 10, 2023) ...............................................43
`
`
`
`
`
`iv
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`EXHIBIT LIST
`
`2001 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 46 (E.D. Tex., Jan. 15, 2023), First Amended Docket Control Order
`(“First Amended Docket Control Order”)
`2002 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 28 (E.D. Tex., Nov. 4, 2022), Notice of Compliance (“11-4-2022
`Notice of Compliance”)
`2003 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 47 (E.D. Tex., Jan. 19, 2023), Notice of Compliance (“1-19-2023
`Notice of Compliance”)
`2004 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 55 (E.D. Tex., Mar. 23, 2023), Defendant’s Motion To Stay
`2005 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 56 (E.D. Tex., Mar. 29, 2023), Order Denying Motion to Stay
`2006 United States District Courts National Judicial Caseload Profile For the
`12 Months Ending March 31, 2023 (available at
`https://www.uscourts.gov/sites/default/files/data_tables/fcms_na_distprof
`ile0331.2023.pdf) (“Judicial Caseload Statistics”)
`2007 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 50 (E.D. Tex., Feb. 3, 2023), Notice of Compliance (“2-3-2023
`Notice of Compliance”)
`2008 Reserved
`
`2010
`
`2009 December 11, 2008 Final Rejection (U.S. Appl. No. 11/123,801) (“’801
`Application Final Rejection”)
`July 28, 2008 Claim Amendments (U.S. Appl. No. 11/123,801) (“’801
`Application Pending Claims”)
`2011 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 59 (E.D. Tex., Mar. 30, 2023), Order Granting Motion To Amend
`Invalidity Contentions
`2012 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, Dkt.
`No. 61 (E.D. Tex., April 13, 2023), Order Granting Motion To Amend
`Invalidity Contentions
`“About Orckit-Corrigent: Executive Summary,” 2011
`
`2013
`
`v
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`2014 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(Cover Pleading)
`2015 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(Exhibit A - ’904 Patent Charts)
`2016 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(Exhibit B - ’821 Patent Charts)
`2017 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(Exhibit C - ’740 Patent Charts)
`2018 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(Exhibit D - ’111 Patent Charts)
`2019 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(Exhibit E - Combination Charts)
`2020 Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276, (E.D.
`Tex., April 13, 2023), Defendant’s First Amended Invalidity Contentions
`(SME Contentions)
`2021 United States District Courts National Judicial Caseload Profile For the
`12 Months Ending December 31, 2022 (available at
`https://www.uscourts.gov/sites/default/files/data_tables/fcms_na_distprof
`ile1231.2022.pdf) (“December 22 Judicial Caseload Statistics”)
`2022 Declaration of George Stamatopoulos in support of Patent Owner’s
`Motion for Pro Hac Vic Admission
`2023 Declaration of Michael Ng in support of Patent Owner’s Motion for Pro
`Hac Vice Admission
`2024 Stipulation of Dismissal
`
`2025 Declaration of Miguel Gomez
`
`2026 CV of Miguel Gomez
`
`2027
`
`“DPI & DFI: A Malicious Behavior Detection Method Combining Deep
`Packet Inspection and Deep Flow Inspection” by Guo et al., Procedia
`Engineering 174, 1309-1314 (2017)
`
`
`
`vi
`
`
`
`I.
`
`INTRODUCTION
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`Orckit Corporation (“Orckit” or “Patent Owner”) submits this Patent Owner
`
`Response (“POR”) to Cisco Systems, Inc.’s (“Petitioner”) Petition challenging
`
`claims 1-9, 12-24, and 27-31 (the “Challenged Claims”) of U.S. Patent No.
`
`10,652,111 (the “’111 Patent”).
`
`The ’111 Patent is directed to novel methods for implementing deep packet
`
`inspection (“DPI”) in software defined networks (“SDN”). The ’111 patent explains
`
`that protocols used in software defined networks (e.g., the OpenFlow protocol)
`
`allowed the programmability of network nodes (e.g., switches or routers) by a central
`
`controller but failed to provide a mechanism for deep packet inspection, a technique
`
`that was useful among other things for detecting security threats. See Ex. 1001, 1:50-
`
`67. The patent explains further that routing all packets from the network nodes to
`
`the central controller had a number of drawbacks, including “increased end-to-end
`
`traffic delays between the client and the server; overflowing the controller capability
`
`to perform other networking functions; and a single point of failure for the re-routed
`
`traffic.” Id. at 2:1-6. The inventors of the ’111 Patent recognized a need to “provide
`
`a solution that overcomes the deficiencies [of prior art SDN protocols and allowed
`
`for] efficient DPI in SDNs.” Id. at 2:7-9. The claims of the ’111 Patent recite
`
`methods that are directed to such a solution.
`
`
`
`1
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`Among other elements, the sole challenged independent claim of the ’111
`
`Patent (claim 1) recites: (i) a SDN “controller” that is capable of controlling deep
`
`packet inspection1 and (ii) the use of a criterion (a “packet-applicable criterion”) to
`
`determine whether packets transmitted over a SDN network should be sent to their
`
`destination or to some other entity (e.g., the controller itself) for further inspection.
`
`The remaining Challenged Claims, all of which depend from Claim 1) recite
`
`additional limitations, for example, about the criterion to be used or the specific
`
`entities to which packets should be sent in response to satisfying or not satisfying
`
`the claimed “packet-applicable criterion.”
`
`The inventive crux of these claims was a novel SDN in which: (i) the SDN
`
`controller, unlike prior art SDN controllers (that were typically uninvolved in DPI
`
`but were dedicated to other network functions), was also capable of controlling DPI;
`
`and (ii) a criterion handed down by the controller to the nodes was used to
`
`intelligently determine whether and when to send packets to their destination and
`
`when to divert them for further inspection with DPI. These two elements in tandem
`
`
`
`1 As discussed below, the parties have advanced competing constructions for
`the claimed “controller.” However, Patent Owner’s arguments in this response are
`the same under either construction (i.e., Patent Owner’s construction as “an entity
`capable of controlling deep packet inspection” or Petitioner’s “entity configured to
`perform deep packet inspection on packets”).
`
`
`
`2
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`were critical in the inventors’ efforts to address the limitations in prior art SDNs
`
`discussed in the patent.
`
`Petitioner has advanced two grounds challenging the patentability of the
`
`Challenged Claims: first, that the Challenged Claims are obvious over Lin in view
`
`of Swenson and, second, that the Challenged Claims are obvious over Shieh in view
`
`of Swenson. With respect to Petitioner’s second ground (Shieh over Swenson), as
`
`the Institution Decision already determined, there is no reasonable basis to conclude
`
`that Shieh and Swenson invalidate any claim because Shieh and Swenson do not
`
`disclose or render obvious the claimed “packet-applicable criterion.” With respect
`
`to Petitioner’s first ground (Lin over Swenson), Patent Owner respectfully submits
`
`new arguments--that were not previously before the Board and are supported by the
`
`declaration of Patent Owner’s expert—which show that the Challenged Claims are
`
`patentable over the Lin/Swenson combination.
`
`As explained in detail below, among other limitations, the Lin and Swenson
`
`combination does not disclose or render obvious a controller that is capable of
`
`controlling deep packet inspection or the use of the claimed packet-applicable
`
`criterion for sending individual packets to an entity other than their original
`
`destination.
`
`
`
`3
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`In particular, Lin discloses a less sophisticated system in which DPI is
`
`performed at a dedicated security service that is distinct from the controller and
`
`provided by “security vendors.” And, because it teaches performing DPI as part of
`
`a discrete security service, Lin does not disclose or render obvious a controller that
`
`is capable of controlling DPI.
`
`Petitioner attempts to overcome this lack of disclosure in Lin by identifying
`
`references in Swenson to a network controller executing a technique called “deep
`
`flow inspection.” Effectively, Petitioner asserts that (i) deep flow inspection is
`
`coextensive or would otherwise render obvious deep packet inspection; and (ii)
`
`because Swenson teaches deep flow inspection at the controller, it also renders
`
`obvious a controller that is capable of controlling (or configured to perform, under
`
`Petitioner’s proposed construction) deep packet inspection. Petitioner’s assertion is
`
`incorrect if not misleading. As explained below, despite their similar-sounding
`
`names, deep packet inspection and deep flow inspection are different techniques that
`
`perform different functions. Deep packet inspection is a granular and thorough
`
`inspection of traffic at the packet level. Owing to its granularity, it is well-suited
`
`among other things to threat detection and security applications stemming, e.g., from
`
`maliciously sent packets. On the other hand, deep flow inspection—which is
`
`focused on traffic monitoring at the flow level—can be used for obtaining and
`
`
`
`4
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`analyzing statistic information about data flows, but does not lend itself to inspecting
`
`data at the packet level. Indeed, Swenson discloses using deep flow inspection in
`
`connection with “the analysis of the statistic information of the data flow” to make
`
`forecasts about bandwidth in connection with facilitating user requests for content
`
`in service provider networks. Ex. 1007, Abstract. Moreover, Swenson expressly
`
`omits from its disclosure details about “security functions” so as not to “obscure the
`
`details of [its] system architecture.” Ex. 1007, [0039]. Accordingly, as also
`
`explained below, a POSA would not understand Swenson to disclose DPI at all, let
`
`alone a controller that is either capable of controlling or configured to perform DPI.
`
`In any event, even if Swenson disclosed DPI (it does not) there is no reference or
`
`teaching anywhere in the art that would provide a POSA with a reason to combine
`
`Swenson with Lin. Accordingly, Lin and Swenson do not disclose or render obvious
`
`independent claim 1.
`
`Moreover, for reasons set forth below, the dependent claims recite additional
`
`patentable elements that are not obvious in view of Lin or Shieh and Swenson.
`
`Accordingly, Patent Owner respectfully asks that the Board issue a Final Written
`
`Decision finding all challenged claims patentable over the asserted prior art.
`
`
`
`
`
`
`
`5
`
`
`
`II. BACKGROUND
`
`A.
`
`Procedural History
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`This proceeding is one of four IPRs filed by Petitioner against Patent Owner.
`
`The other IPRs are IPR2023-00401 (U.S. Pat. No. 7,545,740), IPR2023-00402 (U.S.
`
`Pat. No. 8,830,821) and IPR2023-00714 (U.S. Pat. No. 6,680,904). Each of the ’740,
`
`’821, ’111 and ’904 Patents was asserted by Patent Owner against Petitioner in
`
`Orckit Corporation v. Cisco Systems, Inc., Case No. 2:22-cv-00276 (E.D. Tex. July
`
`22, 2022) (the “District Court Case”). Patent Owner and Petitioner have agreed to a
`
`jointly stipulated dismissal of the district court litigation without prejudice. Ex. 2024
`
`[Stipulation of Dismissal].
`
`B.
`
`Patent Owner
`
`Orckit Corporation owns the ’111 patent, which originated from significant
`
`research and development by Orckit Communications Ltd. (also known as
`
`Corrigent-Systems Ltd., referred to herein as “Orckit-Corrigent”).
`
`Orckit-Corrigent was founded in 1990 in Israel by Izhak Tamir and Eric
`
`Paneth. Orckit-Corrigent’s products offered networking infrastructure for the
`
`delivery of residential, business, and mobile backhauling services in packet-based
`
`networks.
`
`
`
`6
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`By the early 2000s, Orckit-Corrigent was a pioneer in telecommunications,
`
`with revenues some years exceeding $500M from sales to various tier 1 global
`
`telecommunications providers. Over the years, Orckit-Corrigent and its subsidiaries
`
`developed and sold products in a variety of telecommunications areas, including
`
`DSL, Packet Transport Networks (PTN), Carrier Ethernet technologies, PWE
`
`(Pseudo-Wire Emulation) technology, and Resilient Packet Ring (RPR) technology,
`
`which was developed and introduced to the market as the IEEE 802.17 Standard,
`
`part of the company’s packet transport technology. In 2007, Orckit-Corrigent
`
`launched its CM4000 PTN line of products, which were purchased and deployed by
`
`telecom providers worldwide, including leading Indian carrier Bharat Sanchar
`
`Nigam Ltd. (BSNL); T-Systems (Deutsche Telekom) in Germany; Tele2, a leading
`
`Pan-European Scandinavian Service Provider; redIT (formerly MetroNet) in
`
`Mexico, and others. At one time, Orckit-Corrigent had offices in Israel, US, India,
`
`Japan, Korea, Germany, Russia, Brazil, Mexico, Thailand, and the Philippines.
`
`Orckit-Corrigent also engaged in extensive research and development
`
`(investing over $200M) and prosecuted an extensive patent portfolio. Many of the
`
`patents in this portfolio were practiced by its products, notably, the CM-4000
`
`product family, which was a series of packet transport network switches (consisting
`
`of, among other products, the CM-4140, CM-4206 and CM-4314T/4314 models),
`
`
`
`7
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`and the CM-401x portfolio of switches that included the CM-4011, CM-4012 and
`
`CM-4013 products. Ex. 2014 [Orckit-Corrigent Executive Summary].
`
`In 2012, Orckit-Corrigent entered
`
`into debt restructuring/bankruptcy
`
`proceedings in Israel. After a series of transactions that followed the Israel
`
`proceedings, Orckit Corporation acquired a smaller set of Orckit-Corrigent’s
`
`patents, including the ’111 patent.
`
`C.
`
`’111 Patent
`
`The ’111 Patent is titled “Method and System for Deep Packet Inspection in
`
`Software Defined Networks.” Ex. 1001, abstract. DPI is a technique for examining
`
`network communications at the packet level, which can be used to extract data
`
`patterns from a data communication channel. Ex. 1001, 1:21-25. The extracted data
`
`patterns are useful for a variety of purposes, including network security and data
`
`analytics. Id.
`
`A software defined network (SDN) is a networking architecture that provides
`
`for centralized management of the nodes in a network, as opposed to the distributed
`
`architecture utilized by conventional networks. Ex. 1001, 1:30-38. For example, a
`
`SDN may utilize a controller to manage network nodes such as vSwitches. Id. SDN-
`
`based architectures typically decouple the data forwarding (e.g. data plane) from
`
`control decisions (e.g. control plane), such as routing, resources, and other
`
`
`
`8
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`management functionalities. Ex. 1001, 1:39-49. The decoupling may allow the data
`
`plane and the control plane to operate on different hardware, in different runtime
`
`environments, and/or operate using different models. Id.
`
`The inventors of the ’111 Patent recognized that the OpenFlow protocol used
`
`by prior art did not support DPI of packets through the various networking layers.
`
`Ex. 1001, 1:50-67. This limited the ability of the OpenFlow protocol to support a
`
`number of networking features associated with DPI, including detecting security
`
`threats. Id. The inventors also recognized that “routing all traffic from network nodes
`
`to the central controller introduces some significant drawbacks, such as increased
`
`end-to-end traffic delays between the client and the server; overflowing the
`
`controller capability to perform other networking functions; and a single point of
`
`failure for the re-routed traffic.” Id. at 2:1-6. The inventors thus explain that “it
`
`would be advantageous to provide a solution that overcomes the deficiencies [in
`
`prior art SDNs] and allow[s] efficient DPI in SDNs.” Id. at 2:7-9.The ’111 Patent
`
`proposes methods for DPI in a software defined network. Ex. 1001, 2:27-3:3. In one
`
`exemplary embodiment, a network system 100 as shown in Fig. 1 includes a
`
`controller 111 “configured to perform deep packet inspection on designated packets
`
`from designated flows or TCP sessions… the central controller 111 is further
`
`configured to instruct each of the network nodes 112 which of the packets and/or
`
`
`
`9
`
`
`
`sessions should be directed to the controller 111 for packet inspections:”
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`
`
`Ex. 1001, 4:5-11, Fig. 1.
`
`Controller 111 may provide instructions to the network nodes that configure
`
`the network nodes to analyze the headers of incoming packets for DPI. Ex. 1001,
`
`4:23-37. For example, the network node may be instructed to either redirect the
`
`packet to controller 111 or send the packet to the destination server 140. Id.
`
`Alternatively, the controller 111 may instruct the network nodes to mirror a number
`
`
`
`10
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`of bytes within the packet to be sent to controller 111 to perform DPI. Id. The TCP
`
`packet’s header may include fields such as TCP FLAG SYN, TCP FLAG ACK, TCP
`
`FLAG FIN, TCP FLAG RST, which are analyzed by the network node to execute
`
`the instructions sent by the controller, which may vary depending on the contents of
`
`the TCP packet’s header field. Ex. 1001, 4:23-46.
`
`The ’111 Patent has two independent claims (1 and 32) and 52 dependent
`
`claims, of which only independent claim 1 and a subset of its dependent claims are
`
`at issue in this proceeding. Consistent with the description in the ’111 Patent, the
`
`claims recite a method for transporting packets based on an instruction and a packet-
`
`applicable criterion sent from a controller to a network node (claim 1) for performing
`
`DPI (claim 9).
`
`1.
`
`Prosecution History
`
`The ’111 Patent claims priority to provisional application no. 61/982,358,
`
`filed on April 22, 2014. Ex. 1001 [’111 Patent], 1:8-10. The ’111 Patent was filed
`
`on April 21, 2015 as Appl. No. 15/126,288 (the “’288 Application”). Id.
`
`On September 12, 2018, the Examiner issued a non-final rejection rejecting
`
`the then-pending claims under 35 U.S.C. § 103 over U.S. Pub. No. 2010/0208590
`
`(Dolganow) and U.S. Pub. No. 2014/0052836 (Nguyen), which was made final on
`
`April 15, 2019 following an Applicant response on December 9, 2018. Ex. 1002,
`
`
`
`11
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`170-195, 230-238, 240-263.
`
`In response to the rejections, Applicant on May 7, 2019 amended the claims
`
`to explicitly recite that the controller “is external to the network node,” thus
`
`clarifying that the instruction and packet-applicable criterion are sent by the
`
`controller to the network node over the packet network. Ex. 1002, 148-168.
`
`On July 8, 2019, the Examiner issued a new rejection substituting Nguyen
`
`with U.S. Pub. No. 2016/0219080 (Huang). The Examiner subsequently withdrew
`
`the rejection and allowed the claims following Applicant’s October 2, 2019 response
`
`to the Examiner’s July 8, 2019 Office Action. Ex. 1002, 15-16, 55-64. The
`
`Examiner’s January 7, 2020 Notice of Allowance credited the arguments made by
`
`Applicant’s October 2, 2019 response, including that the prior art failed to disclose
`
`“sending, by the controller to the network node over the packet network, an
`
`instruction and a packet-applicable criterion” because the prior art “only described
`
`receiving packets as part of the regular traffic to be analyzed, and are silent regarding
`
`any receiving from a controller in general, and receiving of ‘the instruction and the
`
`criterion’ in particular.” Ex. 1002, 15-16, 62-64.
`
`The ’288 Application issued as the ’111 Patent on May 12, 2020. Ex. 1001.
`
`D.
`
`Petitioner’s Cited References and Challenged Claims
`
`The Petition asserts the following two grounds:
`
`
`
`12
`
`
`
`Ground
`#1
`
`Claims
`1-9, 12-24, and 27-31
`
`#2
`
`1, 5-9, 12-24, and 27-30
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`Basis
`35 U.S.C. § 103 (AIA)
`over Lin and Swenson
`35 U.S.C. § 103 (AIA)
`over Shieh and Swenson
`
`Paper 1, i-iii. Petitioner alternatively relies on Lin or Shieh as the primary reference,
`
`and Swenson as the secondary reference in both cases.
`
`1.
`
`Lin (Ex. 1005)
`
`U.S. Patent No. 9,264,400 to Lin et al. (“Lin”) is titled “Software Defined
`
`Networking Pipe for Network Traffic Inspection” and describes a software defined
`
`networking (SDN) computer network including an SDN controller and an SDN
`
`switch. Ex. 1005, abstract. The SDN controller inserts flow rules in a flow table of
`
`the SDN switch to create an SDN pipe between a sender component and a security
`
`component. Id.
`
`Specifically, Lin utilizes an SDN Controller 610 (which may be an OpenFlow
`
`Controller) that controls the behavior of the SDN computer network 600 as shown
`
`in Fig. 6:
`
`
`
`13
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`
`
`
`Ex. 1005, 3:40-52, Fig. 6.
`
`The SDN controller may include a flow policy database 611. Id. The flow
`
`policy database comprises flow policies that are enforced by the controller 610 on
`
`network traffic transmitted over the SDN computer network 600 and may specify
`
`security policies that govern transmission of packets on the network. Id. Flow
`
`policies in database 611 are implemented in terms of flow rules 624 that are stored
`
`in flow tables 621 of the SDN switch 620. Ex. 1005, 4:19-31. “The SDN controller
`
`610 may insert flow rules in the flow tables 621.” Ex. 1005, 6:1-3.
`
`2.
`
`Shieh (Ex. 1006)
`
`U.S. Pat. Pub. No. 2013/0291088 to Shieh et al. (“Shieh”) is titled
`
`“Cooperative Network Security Inspection” and describes a network system
`
`
`
`14
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`including a security device and a network access device. Ex. 1006, abstract. The
`
`network access device receives a packet from a source node of the network and
`
`determines whether the packet should be routed to a destination node or forwarded
`
`to a security device. Ex. 1006, [0037]. The network access device makes this
`
`determination based on whether a bypass flag in a session table stored on the network
`
`access device is set to a predetermined value or not. Id. If the bypass flag is the
`
`predetermined value, the packet is forwarded to the security device. Id. Otherwise,
`
`the packet is routed to the destination node. Id. The bypass flag may be received
`
`from the security device, such as to indicate that the security device no longer wishes
`
`to receive further packets for security inspection. Ex. 1006, [0030].
`
`3.
`
`Swenson (Ex. 1007)
`
`U.S. Pat. Pub. No. 2013/0322242 to Swenson et al. (“Swenson”) is titled
`
`“Real-Time Network Monitoring and Subscriber Identification with an On-Demand
`
`Appliance” and describes a system and method for selectively monitoring traffic in
`
`a service provider network. Ex. 1007, abstract. A user device 110 accesses a network
`
`via a steering device 130. Ex. 1007, [0026]. A network controller 140 interfaces with
`
`steering device 130 to coordinate the monitoring and categorization of network
`
`traffic. Id. The network controller provides selective real-time network monitoring
`
`and subscriber identification and monitors large flows in the network, collects flow
`
`
`
`15
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`statistics, and selects flows to be optimized. Ex. 1007, [0039-0040]. The network
`
`controller may monitor and optimize flow based on historical traffic data for the
`
`average of the bandwidth per user at a particular cell tower to estimate the amount
`
`of bandwidth or degree of congestion for the new flow based on the historical record.
`
`Ex. 1007, [0029].
`
`E.
`
`Level of Ordinary Skill
`
`The Institution Decision adopted Petitioner’s level of ordinary skill. DI, 11-
`
`12. For purposes of this Patent Owner Response, Patent Owner does not dispute
`
`Petitioner’s level of ordinary skill.
`
`III. CLAIM CONSTRUCTION
`
`Although
`
`the Petition proposed constructions for “controller” and
`
`“instruction,” the Institution Decision “determine[d] that no terms need to be
`
`construed at this time. See Realtime Data, LLC v. Iancu, 912 F.3d 1368, 1375 (Fed.
`
`Cir. 2019) (“The Board is required to construe ‘only those terms . . . that are in
`
`controversy, and only to the extent necessary to resolve the controversy.’”).
`
`Relevant to this Patent Owner Response, the Court in the District Court Case
`
`preliminarily construed the term “controller” as “an entity that is capable of
`
`controlling deep packet inspection,” and the parties submitted their proposed
`
`constructions on the papers without further argument. Notably, the parties stipulated
`
`
`
`16
`
`
`
`
`Case IPR2023-00554
`Patent 10,652,111
`
`jointly to a dismissal of the District Court Case before the Court issued a decision
`
`on claim construction.
`
`Patent Owner submits that “controller” should be construed consistent with
`
`the preliminary construction in the District Court Case as “an entity that is capable
`
`of controlling deep packet inspection.” Petitioner has proposed that “controller” be
`
`construed as “an entity configured to perform deep packet inspection on packets.”
`
`As explained below, Patent Owner’s arguments are materially the same under either
`
`competing construction; thus, they do not turn on the Board resolving the parties’
`
`dispute concerning the construction of “controller.” Accordingly, t
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
