Pacsec3 LLC v. Corero Network Security Inc

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: PacSec3, LLC (Texas)
  • Defendant: Corero Network Security, Inc. (Delaware)
  • Plaintiff’s Counsel: Consumer Rights Law Firm, PLLC
• Case Identification: 1:25-cv-10441, D. Mass., 02/21/2025
• Venue Allegations: Venue is alleged to be proper in the District of Massachusetts because Defendant maintains its principal office and a regular and established place of business in the district, and has allegedly committed acts of infringement there.
• Core Dispute: Plaintiff alleges that Defendant’s firewall systems and related products infringe a patent related to defending against packet flooding denial-of-service attacks.
• Technical Context: The technology at issue involves network security systems designed to mitigate malicious traffic, a critical function for maintaining the availability of online services.
• Key Procedural History: The complaint notes that Plaintiff is a non-practicing entity and has entered into prior settlement licenses. It also notes that an Ex Parte Reexamination Certificate was issued for the patent-in-suit, which confirmed the patentability of asserted claims 7 and 10 while cancelling others. This history may be relevant to potential arguments regarding damages and validity.

Case Timeline

Date	Event
2000-11-16	'497 Patent Priority Date
2009-04-21	'497 Patent Issue Date
2023-05-22	'497 Patent Ex Parte Reexamination Certificate Issue Date
2025-02-21	Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,523,497 - "PACKET FLOODING DEFENSE SYSTEM"

• Patent Identification: U.S. Patent No. 7,523,497, "PACKET FLOODING DEFENSE SYSTEM," issued April 21, 2009.

The Invention Explained

• Problem Addressed: The patent addresses "packet flooding attacks," where an attacker overwhelms a victim’s network bandwidth with useless data, degrading or denying service to legitimate users. The patent notes that a key challenge is that attackers can falsify source address information, confounding defenses that rely on it (ʼ497 Patent, col. 2:3-14).
• The Patented Solution: The invention proposes a distributed defense system where "cooperating sites and routers" work together to trace and limit malicious traffic. Instead of relying on the packet's source address, the system uses "attacker-independent information" about the actual path the packet traveled through the network. Cooperating routers add "packet marks" to data packets, which allows a receiving computer (the victim) to determine the path the packets took. The victim can then request that specific upstream routers on a malicious path limit the rate at which they forward such data (ʼ497 Patent, Abstract; col. 2:30-43; col. 4:1-11).
• Technical Importance: This approach sought to create a more resilient defense against denial-of-service attacks by shifting the basis of defense from easily forged sender information to the verifiable network path taken by the packets (ʼ497 Patent, col. 4:1-5).

Key Claims at a Glance

• The complaint asserts independent claims 7 and 10, along with dependent claims 8-9 and 11-12 (Compl. ¶14).
• Independent Claim 10, identified as exemplary in the complaint, recites a method with the following essential elements (Compl. ¶15):
  • Determining a path by which data packets arrive at a router via packet marks provided by other routers leading to a host computer.
  • Classifying the received data packets by their determined path.
  • Associating a maximum acceptable transmission rate with each class of data packet.
  • Allocating a transmission rate for unwanted data packets that is equal to or less than the associated maximum acceptable rate.

III. The Accused Instrumentality

Product Identification

• The Accused Instrumentality is identified as "Corero Smartwall and related components and products" (Compl. ¶15).

Functionality and Market Context

• The complaint describes the accused instrumentality as one or more "firewall systems" (Compl. ¶14). The complaint does not provide specific technical details regarding the operation of the Corero Smartwall product. It alleges that the product is available to businesses and individuals throughout the United States (Compl. ¶19).

IV. Analysis of Infringement Allegations

The complaint references an Exhibit B, a claim chart for claim 10, as support for its infringement allegations (Compl. ¶15, ¶21). However, this exhibit was not filed with the complaint. The complaint’s narrative theory is that the Corero Smartwall product performs the method steps recited in the asserted claims (Compl. ¶14). No probative visual evidence provided in complaint.

• Identified Points of Contention:
  • Technical Questions: A primary question will be what evidence Plaintiff provides to show that the Corero Smartwall product performs the specific steps recited in the claims. For example, what evidence demonstrates that the accused system "determin[es] a path... via packet marks provided by routers" and subsequently "classify[s] data packets... by path" as required by claim 10. The complaint itself does not contain factual allegations detailing these operations.
  • Scope Questions: The dispute may turn on whether the functionality of the Corero Smartwall falls within the scope of the patent's claims. For instance, a question for the court could be whether the methods used by the accused product to identify traffic sources and paths are equivalent to the "packet marks" system described in the '497 Patent.

V. Key Claim Terms for Construction

• The Term: "packet marks provided by routers"

• Context and Importance: This term is central to the invention's path-determination mechanism and appears in both asserted independent claims 7 and 10. The infringement analysis will likely depend on whether the method used by the accused product to trace traffic can be characterized as using "packet marks." Practitioners may focus on this term because its construction will define the core technical requirement for infringement.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The patent does not appear to define "packet marks" with structural particularity, which may support an interpretation that covers any form of packet metadata or tag added by a network device that conveys path information (ʼ497 Patent, col. 4:62-65).
  • Evidence for a Narrower Interpretation: The specification describes a system of "transitively connected cooperating machines" that form a "cooperating neighborhood" to trace forwarding paths (ʼ497 Patent, col. 2:30-40). This context may support a narrower construction requiring an explicit, cooperative protocol for marking packets, potentially excluding systems that derive path information through other means.

• The Term: "classifying data packets... by path"

• Context and Importance: This term, from claim 10, defines the basis for distinguishing between wanted and unwanted traffic. The interpretation of this term will determine what kind of traffic-sorting logic infringes the patent.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The term itself could be argued to encompass any method that uses any aspect of a packet's traversal route as a basis for categorization, even if the path information is incomplete or inferred rather than explicitly marked.
  • Evidence for a Narrower Interpretation: The claim requires classification "by path," which follows the step of "determining a path... via packet marks." This linkage may support an interpretation that the classification must be based on the specific, marked path identified in the preceding step, rather than on more general path-related data like the ingress router interface or source subnet (ʼ497 Patent, col. 10:35-37).

VI. Other Allegations

• Indirect Infringement: The complaint alleges inducement of infringement, stating that Defendant instructs others to use its products in an infringing manner and that the infringing systems would not have been put into service but for Defendant's actions (Compl. ¶14; Prayer for Relief ¶VI.a).
• Willful Infringement: Willfulness is alleged based on the assertion that Defendant had knowledge of the '497 patent yet made no attempt to design around its claims and lacked a reasonable basis to believe the claims were invalid (Compl. ¶16-18).

VII. Analyst’s Conclusion: Key Questions for the Case

• A central evidentiary question will be one of "technical operation": What factual evidence will Plaintiff produce to show that the Corero Smartwall product actually utilizes a system of "packet marks" to determine a traffic path and then "classif[ies]... by path," as the complaint's infringement theory requires but does not detail?
• A core issue will be one of "claim scope": Can the term "packet marks provided by routers," which is described in the patent in the context of a "cooperating neighborhood" of network devices, be construed to read on the specific traffic-tracing and mitigation techniques employed by Defendant's modern firewall system?
• The case may also be shaped by a "procedural question": How will the prior ex parte reexamination, which confirmed the patentability of asserted claims 7 and 10, impact the litigation, particularly with respect to any invalidity defenses raised by the Defendant and the overall case posture?