Method of Passive Forensic Identification of Networked TCP/IP Communication Endpoints

The JHU/APL Passive Forensic Identification of Networked TCP/IP Communication Endpoints method “fingerprints” the timing characteristics of a networked computer to distinguish it from a group of similar computers by using passively observed timing differences in TCP packets. In a successful first application, the prototype system correlated intercepted network traffic to track a computer that was “hiding” among several machines using the same Internet Protocol (IP) address

Type of Offer: Licensing



« More Internet Patents

---