DCT

6:22-cv-01302

CTD Networks LLC v. Akamai Tech Inc

Log In

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 6:22-cv-01302, W.D. Tex., 12/27/2022
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant maintains regular and established places of business, partners with local businesses, hires for positions within the District, and has committed the alleged acts of infringement there.
  • Core Dispute: Plaintiff alleges that Defendant’s Akamai Intelligent Edge Platform infringes four patents related to distributed, agent-based network security monitoring and response.
  • Technical Context: The technology concerns distributed security systems that use software agents across a network to collectively monitor, analyze, and respond to cyber threats, a foundational concept for modern cloud computing and content delivery networks.
  • Key Procedural History: The complaint does not mention prior litigation or administrative proceedings. However, the asserted patents are part of an interconnected family. U.S. Patent No. 11,171,974 is a continuation of the application that led to U.S. Patent No. 9,503,470, which is a continuation-in-part of the application that led to U.S. Patent No. 8,327,442. The '974 Patent is also subject to a terminal disclaimer, which may limit its enforceable term to that of an earlier patent in the family.

Case Timeline

Date Event
2002-10-23 ’614 Patent Priority Date
2002-12-24 ’442, ’470, ’974 Patents Priority Date
2012-12-04 ’442 Patent Issue Date
2016-09-06 ’614 Patent Issue Date
2016-11-22 ’470 Patent Issue Date
2021-02-02 Alleged date of Defendant's knowledge of infringement
2021-11-09 ’974 Patent Issue Date
2022-12-27 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 8,327,442 - System and method for a distributed application and network security system (SDI-SCAM), issued December 4, 2012

The Invention Explained

  • Problem Addressed: The patent describes that computer networks are vulnerable to unauthorized intrusions and that existing security systems, which are often focused on individual machines, are insufficient to detect and counteract coordinated, network-level attacks in a timely manner (’442 Patent, col. 1:21-41).
  • The Patented Solution: The invention proposes a distributed security system, termed "SDI-SCAM," which places software "agents" on the various nodes of a computer network (’442 Patent, col. 2:17-25). These agents collectively pool and analyze data from across the network to identify patterns consistent with an intrusion or attack. When a threat is detected, the system distributes warnings and potential countermeasures to all machines on the network, creating a collective, real-time defense (’442 Patent, Abstract; col. 2:1-4).
  • Technical Importance: This approach aimed to create a network-wide "immune system" where every node could benefit from security intelligence gathered at any other point, moving beyond the limitations of isolated, machine-level security protocols (’442 Patent, col. 2:1-4).

Key Claims at a Glance

  • The complaint asserts at least independent claim 1 (Compl. ¶20).
  • Essential elements of claim 1 include:
    • A distributed security system comprising individual computers with associated agents.
    • Each agent performs steps including:
      • creating statistical models of usage of the associated computer.
      • gathering and analyzing information on current usage.
      • determining a pattern of usage consistent with an intrusion or attack.
      • determining a probability of the likelihood of an intrusion or attack from that pattern.
      • distributing real-time warnings and countermeasures when the probability exceeds a threshold.
      • updating the statistical models to reflect current usage.
      • scheduling anti-viral software updates based on different probability levels of an intrusion.
      • suspending the schedule to provide an immediate update when an attack is detected.
  • The complaint reserves the right to assert additional claims (Compl. ¶27).

U.S. Patent No. 9,438,614 - Sdi-scam, issued September 6, 2016

The Invention Explained

  • Problem Addressed: The patent addresses the need for a system that can detect the condition of a computer network and identify threats by using passive data analysis, particularly one that can function across a network of heterogeneous systems (’614 Patent, col. 1:13-17, col. 2:50-54).
  • The Patented Solution: The technology describes a distributed multi-agent system where agents collect, monitor, aggregate, and model data from network operations to identify abnormal or suspicious conditions (’614 Patent, Abstract). The system is architecturally flexible, allowing agents to be implemented on top of existing security platforms and to communicate in various ways, including hierarchical or peer-to-peer models, to provide defensive and remedial actions (’614 Patent, col. 2:19-30, col. 2:50-60).
  • Technical Importance: The invention's emphasis on architectural flexibility and interoperability was intended to address the practical challenge of deploying a unified, intelligent security system across diverse and pre-existing network infrastructures (’614 Patent, col. 2:45-54).

Key Claims at a Glance

  • The complaint asserts at least independent claim 10 (Compl. ¶29).
  • Essential elements of claim 10 include:
    • A system for detecting the state of a computer network comprising a plurality of distributed agents designed for adaptive learning and probabilistic analysis.
    • The agents passively collect, monitor, aggregate, and pattern analyze data to identify similar patterns of suspicious activities indicative of an attack or threat to different portions of the network.
    • The system determines whether a probability threshold for suspicious activity has been exceeded by these similar patterns.
    • When the threshold is exceeded, the system alerts other agents, a central server, and/or a human operator.
  • The complaint reserves the right to assert additional claims (Compl. ¶36).

U.S. Patent No. 9,503,470 - Distributed agent based model for security and response, issued November 22, 2016

  • Technology Synopsis: The patent identifies the problem of unceasing, high-frequency cyber threats that require an adaptive, autonomous, and automatic security response beyond the capability of human operators (’470 Patent, col. 2:5-9). The proposed solution is a distributed agent-based model that uses Bayesian analysis to estimate threat probabilities from data pooled across a network, enabling the system to recommend or implement countermeasures and repair damage (’470 Patent, Abstract).
  • Asserted Claims: The complaint asserts at least claim 1 (Compl. ¶38).
  • Accused Features: The complaint accuses the Akamai Intelligent Edge Platform of infringement (Compl. ¶¶18, 38).

U.S. Patent No. 11,171,974 - Distributed agent based model for security monitoring and response, issued November 9, 2021

  • Technology Synopsis: This patent addresses the technical problem of highly asymmetric cyber warfare, where attackers can cause significant disruption with limited resources, necessitating a software "immune system" that can counter novel threats in milliseconds (’974 Patent, col. 2:1-17). The solution is a distributed multi-agent system that employs a Bayesian model to assess threats and can be rapidly tuned to new threats by adding small "plug-in" agents, analogous to browser plug-ins (’974 Patent, col. 2:23-35, col. 2:50-58).
  • Asserted Claims: The complaint asserts at least claim 1 (Compl. ¶47).
  • Accused Features: The complaint accuses the Akamai Intelligent Edge Platform of infringement (Compl. ¶¶18, 47).

III. The Accused Instrumentality

Product Identification

The Akamai Intelligent Edge Platform (Compl. ¶18).

Functionality and Market Context

  • The complaint describes the accused instrumentality as Akamai's "distributed computer platform with focus on security and cloud computing" (Compl. ¶18).
  • The complaint does not provide sufficient detail for a deep technical analysis of the platform's internal operations. It relies on Akamai's public-facing marketing materials to characterize the platform as a distributed network that provides security, but does not specify how the accused security features are implemented (Compl. ¶18).

IV. Analysis of Infringement Allegations

No probative visual evidence provided in complaint.

The complaint states that claim chart exhibits (Exhibits E, F, G, and H) are attached to describe the infringement of the asserted patents (Compl. ¶¶ 27, 36, 45, 52). These exhibits were not included with the public filing of the complaint. In their absence, the infringement theory must be inferred from the narrative allegations.

'442 Patent Infringement Allegations

The complaint alleges that the Akamai Intelligent Edge Platform directly infringes at least Claim 1 of the ’442 Patent (Compl. ¶20). The narrative theory suggests that Akamai's globally distributed servers function as the "individual computers" and that software running on them functions as the claimed "agents." These agents are alleged to perform the claimed steps of creating "statistical models of usage" by monitoring network traffic, analyzing this data to detect "pattern[s] of usage...consistent with intrusion or attack," and distributing "warnings and potential countermeasures" across the Akamai platform when a threat is detected (Compl. ¶¶ 18, 20).

'614 Patent Infringement Allegations

The complaint alleges that the Akamai Intelligent Edge Platform directly infringes at least Claim 10 of the ’614 Patent (Compl. ¶29). The infringement theory posits that Akamai's platform is a "system that detects the state of a computer network" through its "plurality of distributed agents." These agents are alleged to perform "adaptive learning and probabilistic analysis" by collecting and analyzing data from various locations to identify "similar patterns of suspicious activities." When these patterns exceed a "probability threshold," the system is alleged to generate an alert, satisfying the final element of the claim (Compl. ¶¶ 18, 29).

V. Key Claim Terms for Construction

The Term: "agent"

  • Context and Importance: The infringement case for all asserted patents hinges on whether software components within Akamai's Intelligent Edge Platform qualify as "agents." Practitioners may focus on this term because the patents' specification describes agents as discrete entities loaded onto network nodes, and the defense may argue that Akamai's platform is a more holistic, integrated system not comprised of such discrete "agents."
  • Intrinsic Evidence for a Broader Interpretation: The specification provides a broad definition, stating an agent "can be implemented through software, through hardware, through human interaction, or some combination thereof" (’974 Patent, col. 6:26-29). This language could support construing the term to cover a wide variety of software modules or functions within a distributed system.
  • Intrinsic Evidence for a Narrower Interpretation: The figures in the patents consistently depict "SDI-SCAM" agents as distinct boxes on client machines and servers (’442 Patent, FIG. 1; ’974 Patent, FIG. 1). The specification also states that in a "preferred embodiment...every machine linked into the system is loaded with an SDI-SCAM agent," which may suggest a discrete, installable software component rather than a generalized system function (’442 Patent, col. 2:65-3:1).

The Term: "creating statistical models of usage"

  • Context and Importance: This term from claim 1 of the ’442 Patent is central to defining the claimed analytical function. The dispute may question whether Akamai's general security monitoring and threat detection, which necessarily involves data analysis, rises to the level of "creating statistical models of usage" as specifically contemplated by the patent.
  • Intrinsic Evidence for a Broader Interpretation: The patent does not narrowly define this term and uses broad concepts like implementing a "Belief network" and using "probabilistic" analysis, which could be argued to encompass any system that establishes a behavioral baseline and detects deviations (’442 Patent, col. 4:41-43, col. 4:47-49).
  • Intrinsic Evidence for a Narrower Interpretation: The patent's repeated references to its specific "SDI-SCAM" system and its detailed claim language requiring agents to "update" the models to "reflect the current usage" could support a narrower construction requiring a formal, evolving statistical model, as opposed to simpler threshold-based alerting or static rule sets (’442 Patent, col. 11:12-14).

VI. Other Allegations

Indirect Infringement

The complaint makes passing references to indirect infringement and inducement in its jurisdictional allegations (Compl. ¶¶ 3, 11). However, the formal counts for each patent allege only direct infringement under 35 U.S.C. § 271(a) (Compl. ¶¶ 20, 29, 38, 47). No specific facts are alleged to support theories of indirect infringement, such as knowledge of the patents combined with instructions for customers to perform infringing acts.

Willful Infringement

The complaint alleges that Defendant’s infringement of all four patents-in-suit has been willful (Compl. ¶¶ 21, 30, 39, 48). The basis for this allegation is the assertion that Defendant has had knowledge of its infringing activities "since at least February 2, 2021" (Compl. ¶¶ 22, 31, 40). The complaint does not specify the source of this alleged pre-suit knowledge.

VII. Analyst’s Conclusion: Key Questions for the Case

  • A central issue will be one of technical mapping: do the specific security functions of the modern, commercial Akamai Intelligent Edge Platform practice the particular methods described in the patents, which have priority dates from 2002? The case will likely turn on whether Akamai's integrated security analytics can be fairly mapped to the more structured, agent-based system with "statistical models" recited in the claims.
  • A key legal question will be the definitional scope of "agent." The court's construction of this term—whether it is broad enough to cover functional software modules within a cloud platform or is limited to the discrete, installable components illustrated in the patents' embodiments—will be critical to the infringement analysis.
  • A key defensive question may concern patent validity. Given the patents' early priority dates and their claims to foundational concepts in distributed network security, the case may involve challenges to whether the claimed inventions were novel and non-obvious over the state of the art at the time, and whether they claim patent-eligible subject matter under 35 U.S.C. § 101 or are directed to an abstract idea implemented on a generic computer network.