DCT

2:24-cv-00345

Touchpoint Projection Innovations LLC v. Imperva Inc

Log In

I. Executive Summary and Procedural Information

  • Parties & Counsel:
    • Plaintiff: Touchpoint Projections Innovations, LLC (Wyoming)
    • Defendant: Imperva Inc, Inc. (Jurisdiction not specified in complaint)
    • Plaintiff’s Counsel: Garteiser Honea PLLC, PLLC
  • Case Identification: 2:24-cv-00345, E.D. Tex., 05/08/2024
  • Venue Allegations: Venue is based on the allegation that the Defendant has an established office within the Eastern District of Texas. The complaint includes a screenshot from the Defendant's website showing a Plano, Texas office location.
  • Core Dispute: Plaintiff alleges that Defendant’s cybersecurity and DDoS protection services infringe a patent related to a network gateway that inspects normally discarded, low-level protocol data to make intelligent filtering decisions.
  • Technical Context: The technology concerns network security, specifically methods for mitigating Denial-of-Service (DoS) attacks at the gateway between connection-based and connectionless networks.
  • Key Procedural History: The complaint states that the patent-in-suit was assigned from Everis, Inc. to the Plaintiff. No other significant procedural events, such as prior litigation or administrative proceedings, are mentioned.

Case Timeline

Date Event
2009-09-04 '089 Patent Priority Date
2009-12-14 '089 Patent Application Filing Date
2012-09-11 '089 Patent Issue Date
2023-03-05 Alleged Date of Defendant's Actual Notice of '089 Patent
2024-05-08 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 8,265,089 - "NETWORK GATEWAY WITH ENHANCED REQUESTING"

  • Issued: September 11, 2012.

The Invention Explained

  • Problem Addressed: The patent addresses a limitation in conventional network gateways that connect different network types, such as a connection-oriented Wide Area Network (WAN) and a connectionless Local Area Network (LAN). When a large, aggregated data unit (an MPDU) from the WAN is disaggregated into smaller, individual packets for the LAN, the low-level network protocol data in the MPDU's header (e.g., physical and data-link layer information) is typically discarded and lost (’089 Patent, col. 3:63 - col. 4:4).
  • The Patented Solution: The invention proposes a gateway that, instead of discarding this low-level MPDU header data, actively collects and analyzes it (’089 Patent, col. 11:55-60). An "information dissector sub-module" captures this data, which is then passed to an "analyzer sub-module" that applies a set of rules to it (’089 Patent, FIG. 2). Based on this analysis, the gateway can take a "responsive reaction," such as blocking or slowing down traffic, thereby providing a more intelligent method for identifying and mitigating threats like DoS attacks using data that would otherwise be lost (’089 Patent, col. 12:5-9).
  • Technical Importance: The complaint alleges this approach improves upon conventional methods like traffic "scrubbing centers" or Content Delivery Networks (CDNs) by creating a more efficient, targeted way to counter DoS attacks without incurring the same performance slowdowns or high costs (Compl. ¶37-38, ¶42).

Key Claims at a Glance

  • The complaint asserts infringement of at least claims 1, 7, and 20 (Compl. ¶58, ¶59, ¶65).
  • Independent Claim 1 (System Claim): A computer communication network system comprising a source computer, an MPDU aggregating module, a connection-based network, a receiver computer, and a gateway, where the gateway is structured to:
    • Receive a first MPDU from the connection-based network.
    • Disaggregate the first MPDU into a plurality of smaller data units (DUs).
    • Collect selected network protocol data from the first MPDU, where the collected data is "not included in any of the plurality of DUs."
    • Apply a first rule to the collected network protocol data.
    • Selectively make a responsive reaction based on the application of the rule.
  • Independent Claim 7 (Gateway Computer Claim): A gateway computer comprising a non-transient software storage device encoded with a gateway module and an enhanced requesting module, where the enhanced requesting module is structured to perform the key functions of collecting the specified network protocol data, applying a rule, and making a responsive reaction.
  • Independent Claim 20 (Method Claim): A method of communicating a data unit through a computer network, comprising the steps of:
    • Receiving a first MPDU at a gateway.
    • Disaggregating the MPDU into a plurality of DUs.
    • Collecting selected network protocol data from the first MPDU that is "not included in any of the plurality of DUs."
    • Applying a first rule to the collected data.
    • Selectively making a responsive reaction based on the rule.
    • Selectively communicating the first DU to a receiver-side network on the condition that it does not conflict with the responsive reaction.
  • The complaint does not explicitly reserve the right to assert dependent claims but seeks relief based on infringement of "one or more claims of the '089 Patent" (Compl. ¶61).

III. The Accused Instrumentality

Product Identification

The complaint identifies the accused instrumentalities as Defendant's "cybersecurity services, including DoS protection services (the 'Accused Services')" (Compl. ¶52).

Functionality and Market Context

The complaint alleges that Imperva offers services to protect customers from DDoS attacks (Compl. ¶52). It further alleges that these services involve an "end-to-end internet whereby connectionless LAN autonomous systems connect to BGP WAN edge routers for the connection-based pathway and encapsulation framing across the WAN to mitigate DDoS" (Compl. ¶53). The complaint's technical description of the accused functionality, however, refers to "Cloudflare" as the entity connecting users to the internet and providing the network edge router (Compl. ¶51). A screenshot provided in the complaint shows an Imperva office in Plano, Texas, offered as support for venue (Compl. Figure 1, p. 2).

IV. Analysis of Infringement Allegations

The complaint states that a claim chart is attached as Exhibit 2, but this exhibit was not included with the filed complaint document (Compl. ¶57). The infringement theory is therefore summarized from the complaint's narrative allegations.

The complaint alleges that the Accused Services infringe because they receive packets from the internet at an edge router, disaggregate those packets into data units, and then use rules to decide whether to transmit those data units (Compl. ¶58, ¶59). The core of the infringement theory is that this process involves collecting network protocol data from the incoming packets and applying rules to it, which allegedly maps to the steps of the asserted claims (Compl. ¶58). For example, the complaint alleges that the Accused Instrumentalities infringe Claim 7 because they receive packets, disaggregate them, "collect[] network protocol data from the packet," and then transmit or not transmit the resulting data units based on the application of rules to that collected data (Compl. ¶58). A similar allegation is made for the method of Claim 20 (Compl. ¶59).

  • Identified Points of Contention:
    • Factual Question: The complaint's specific technical descriptions of the infringing system in paragraphs 51 and 53 name "Cloudflare" as the operator, while the defendant in the suit is Imperva, Inc. This raises a primary factual question as to whether the infringement allegations, as described, are factually directed at the named Defendant's technology.
    • Technical Question: A central technical question will be what specific "network protocol data" the accused system actually "collects" and analyzes. The patent claims require collection of data that is part of the incoming MPDU but is not part of the subsequent, smaller DUs. The case may turn on evidence showing whether the accused system uses this specific, otherwise-discarded MPDU-level information, or if it merely inspects standard header information that remains within the individual data packets after disaggregation.

V. Key Claim Terms for Construction

  • The Term: "selected network protocol data ... not included in any of the plurality of DUs" (from Claim 1).

    • Context and Importance: This phrase appears to be the central inventive concept, distinguishing the claimed technology from conventional packet inspection. Its construction will be critical for determining the scope of infringement. Practitioners may focus on this term because infringement will hinge on whether the accused system uses this specific category of "discarded" data from an aggregated data unit, as opposed to simply analyzing header data within individual packets.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The patent specification describes this data generally as "low level network protocol data (for example, its low level network protocol data) is lost" in conventional systems, suggesting the term could cover a range of data types that are discarded during de-encapsulation (’089 Patent, col. 11:58-60). The Abstract also refers broadly to "low level network protocol data (that is, physical layer and/or data link layer) that would otherwise be discarded."
      • Evidence for a Narrower Interpretation: The patent’s detailed embodiment, particularly Figure 6, illustrates this data as specific "physical link layer network protocol data 412" and "data link layer network protocol data 414" within an "MPDU header 404." A party could argue the term should be construed more narrowly to align with these specific examples.

  • The Term: "responsive reaction" (from Claim 1).

    • Context and Importance: The definition of this term will determine what types of actions taken by the gateway satisfy the final step of the claimed system and method. The breadth of this term could impact whether actions like simple logging or alerting, versus active blocking, meet the claim limitation.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The specification provides a non-limiting list of possible reactions, including "(i) filtering... (ii) regulating communication... (iii) reallocating network resources... and/or (iv) sending out an alert" (’089 Patent, col. 18:29-34). This suggests the term is intended to be broad and encompass both active traffic manipulation and passive informational responses.
      • Evidence for a Narrower Interpretation: A party might argue that in the context of preventing DoS attacks, the term implies an action that has a direct, functional impact on the threatening data flow itself (e.g., blocking or rate-limiting), potentially seeking to exclude purely administrative or informational actions like "sending out an alert."

VI. Other Allegations

  • Indirect Infringement: The complaint alleges inducement of infringement, stating that Defendant aids and abets its customers' direct infringement by "providing instructions to consumer end-users" on how to use the Accused Services in a way that practices the claimed method (Compl. ¶66). The complaint alleges Defendant has knowledge of the patent and specific intent to cause infringement (Compl. ¶67).
  • Willful Infringement: The complaint alleges that Defendant has had actual notice of the ’089 Patent since "at least March 5, 2023" (Compl. ¶13). It further alleges that Defendant's continued infringing activities after this date have been reckless, deliberate, and intentional, thereby justifying an award of enhanced damages (Compl. ¶61, ¶69).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A primary issue will be one of evidentiary alignment: can Plaintiff produce evidence to demonstrate that the accused system of Defendant Imperva, Inc. operates in the specific manner that the complaint's technical narrative attributes to a different entity, Cloudflare?
  • A key question of technical scope will be central to the infringement analysis: does the accused system "collect" and "apply a rule to" the specific type of "network protocol data ... not included in any of the plurality of DUs," as required by the patent claims? The resolution will likely depend on whether the system uses low-level, otherwise-discarded data from an aggregated data unit, or if its analysis is confined to standard data within individual packets.
  • A further question concerns claim construction: how broadly will the court construe the term "responsive reaction"? Whether this term is limited to actions that directly manipulate data flow (e.g., blocking) or also includes informational actions (e.g., alerting) could be determinative for infringement.