DCT

2:25-cv-00668

PacSec3 LLC v. Lumen Tech Inc

Log In

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 2:25-cv-00668, E.D. Tex., 06/30/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Texas because Defendant maintains a regular and established place of business in the district, and commits acts of alleged infringement there.
  • Core Dispute: Plaintiff alleges that Defendant’s firewall systems infringe a patent related to defending against network packet flooding attacks.
  • Technical Context: The technology addresses Distributed Denial of Service (DDoS) or "packet flooding" attacks, a significant threat to the stability and availability of internet-based services.
  • Key Procedural History: Plaintiff identifies itself as a non-practicing entity and notes prior settlement licenses related to its patent portfolio. Notably, the patent-in-suit, U.S. Patent No. 7,523,497, underwent an ex parte reexamination, with a certificate issued on May 22, 2023. The two independent claims asserted in this complaint, claims 7 and 10, were confirmed as patentable during that proceeding, which may strengthen their presumption of validity against the prior art considered by the U.S. Patent and Trademark Office.

Case Timeline

Date Event
2000-11-16 '497' Patent Priority Date
2009-04-21 '497 Patent Issue Date
2023-05-22 '497 Patent Reexamination Certificate Issued
2025-06-30 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,523,497 - “PACKET FLOODING DEFENSE SYSTEM,” Issued April 21, 2009

The Invention Explained

  • Problem Addressed: The patent addresses "packet flooding attacks," where an attacker overwhelms a victim's network connection with useless data, rendering it slow or unusable for legitimate traffic (Compl. ¶14; ’497 Patent, col. 2:7-14). A key challenge is that attackers can falsify the source address of malicious packets, making it difficult to block them without affecting legitimate users ('497 Patent, col. 2:3-6).
  • The Patented Solution: The invention proposes a distributed defense system where "cooperating sites and routers" work together to trace and limit malicious traffic ('497 Patent, col. 2:30-32). Instead of relying on the easily forged source address, the system identifies the path that packets take through the network. A victim computer can identify unwanted packets and then request that upstream routers on that path limit the rate at which they forward such traffic ('497 Patent, Abstract). This defense relies on "attacker-independent information"—the physical path through the network—which is difficult for an attacker to manipulate ('497 Patent, col. 4:1-5).
  • Technical Importance: The described approach provides a method for mitigating denial-of-service attacks that does not depend on attacker-controlled information, such as the packet source address, which was a known vulnerability in network security protocols ('497 Patent, col. 2:3-6).

Key Claims at a Glance

  • The complaint asserts independent claims 7 and 10 (Compl. ¶¶15, 21).
  • Independent Claim 7 is a method comprising the steps of:
    • Determining a path by which data packets arrive at a host computer via packet marks provided by routers leading to the host computer, where the path comprises all routers in the network via which the packets are routed;
    • Classifying received data packets into wanted and unwanted packets by path;
    • Associating a maximum acceptable processing rate with each class of data packet; and
    • Allocating a processing rate less than or equal to the maximum for unwanted data packets.
  • Independent Claim 10 is a method comprising nearly identical steps, but from the perspective of a "router" instead of a "host computer".

III. The Accused Instrumentality

Product Identification

  • The complaint accuses "one or more firewall systems" sold, offered for sale, or manufactured by Defendant Lumen Technologies, Inc. (Compl. ¶15).

Functionality and Market Context

  • The complaint does not specify any particular Lumen product or service by name. It alleges that Defendant's "firewall systems" infringe the ’497 Patent and are made available to businesses and individuals throughout the United States, including within the Eastern District of Texas (Compl. ¶15, ¶19). The complaint does not provide specific details regarding the technical operation of the accused firewall systems or their market positioning. No probative visual evidence provided in complaint.

IV. Analysis of Infringement Allegations

The complaint references a claim chart in "Exhibit B" to support its infringement allegations, but this exhibit was not included with the filed complaint (Compl. ¶16, ¶21). The complaint asserts in a conclusory manner that Defendant's firewall systems infringe claims 7 and 10 of the ’497 Patent, but does not provide a narrative description of how the accused systems meet the specific limitations of those claims (Compl. ¶15, ¶21). As such, a detailed claim chart summary cannot be constructed from the provided documents.

Identified Points of Contention

  • Evidentiary Question: The primary issue will be evidentiary. The complaint lacks factual allegations explaining how the accused firewall systems perform the claimed methods. A central question for discovery will be what evidence, if any, demonstrates that the accused systems determine a packet's "path" using "packet marks provided by routers" and subsequently classify and rate-limit traffic based on that identified path.
  • Technical Question: A key technical question is whether the accused "firewall systems" function as a "host computer" (as recited in Claim 7) or a "router" (as recited in Claim 10). The applicability of each asserted claim will depend on the specific architecture and point of operation of the accused instrumentality within a network.

V. Key Claim Terms for Construction

The Term: "path comprising all routers in said network via which said packets are routed to said computer" (from Claims 7 and 10)

  • Context and Importance: This limitation defines the scope of the "path" that must be determined. Its construction is critical because it dictates how complete the path-tracing functionality of an accused system must be to infringe. Practitioners may focus on this term because the phrase "all routers" sets a potentially high and specific standard.
  • Intrinsic Evidence for a Broader Interpretation: The patent's summary describes associating packets with "places" in the cooperating neighborhood from which they were forwarded, which could suggest that identifying key points or a partial path is the functional goal ('497 Patent, col. 2:37-41). A party might argue "all routers" means all routers within the cooperating neighborhood that provide marks, not every single router on the internet.
  • Intrinsic Evidence for a Narrower Interpretation: The plain language of the claim itself, "all routers in said network via which said packets are routed," suggests a requirement to identify the complete sequence of routers from a relevant origin to the destination. An accused system that only identifies a single upstream router or a partial path might not meet the literal scope of this limitation.

The Term: "packet marks provided by routers" (from Claims 7 and 10)

  • Context and Importance: This term is the mechanism by which the claimed "path" is determined. The infringement analysis will depend heavily on whether the accused systems use a feature that can be characterized as a "packet mark."
  • Intrinsic Evidence for a Broader Interpretation: The specification does not appear to provide a specific definition of "packet mark," which could support an interpretation that covers any form of metadata or information added to or associated with a packet by a router that helps identify its path of travel ('497 Patent, col. 8:19-23).
  • Intrinsic Evidence for a Narrower Interpretation: The context of a "cooperating neighborhood" and a system for "defense" could imply that "packet marks" are explicit, specially added pieces of data for the specific purpose of path-tracing, rather than inherent, pre-existing routing information that a firewall might passively observe ('497 Patent, col. 2:30-32).

VI. Other Allegations

  • Indirect Infringement: The complaint includes a prayer for relief for inducement, alleging Defendant instructs others to use its products, but pleads no specific facts to support this, such as references to user manuals or marketing materials (Compl. ¶VI.a).
  • Willful Infringement: The complaint contains a conditional allegation of willfulness, contingent upon discovery revealing that Defendant had pre-suit knowledge of the ’497 Patent (Compl. ¶VI.e). The pleading does not allege any specific facts to support pre-suit knowledge.

VII. Analyst’s Conclusion: Key Questions for the Case

  • Evidentiary Sufficiency: A threshold issue is whether the Plaintiff can produce evidence through discovery to support its currently bare allegations. The case will depend on whether Lumen’s accused firewall systems can be shown to perform the specific steps of the asserted method claims, particularly the use of router-provided "packet marks" to trace a network "path".
  • Claim Scope: The case will likely involve a significant dispute over claim construction, centered on the phrase "path comprising all routers". The viability of the infringement case may hinge on whether this is interpreted to require a complete, end-to-end path tracing, a potentially high standard for the accused systems to meet.
  • Validity Post-Reexamination: Although the asserted claims were confirmed in ex parte reexamination, a key question is whether Defendant will be able to challenge their validity with prior art or arguments that were not before the U.S. Patent and Trademark Office during that proceeding.