US 11,695,784 B2
Reassembly free deep packet inspection for peer to peer networks
Hui Ling, Shanghai (CN); Cuiping Yu, Shanghai (CN); and Zhong Chen, Fremont, CA (US)
Assigned to SONICWALL INC., Milpitas, CA (US)
Filed by SONICWALL US HOLDINGS INC., Milpitas, CA (US)
Filed on Feb. 11, 2021, as Appl. No. 17/174,182.
Application 17/174,182 is a continuation of application No. 16/853,360, filed on Apr. 20, 2020, granted, now 11,005,858.
Application 16/853,360 is a continuation of application No. 15/860,623, filed on Jan. 2, 2018, granted, now 10,630,697, issued on Apr. 21, 2020.
Application 15/860,623 is a continuation of application No. 14/965,866, filed on Dec. 10, 2015, granted, now 9,860,259, issued on Jan. 2, 2018.
Prior Publication US 2021/0234873 A1, Jul. 29, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 67/104 (2022.01)
CPC H04L 63/1408 (2013.01) [H04L 63/0254 (2013.01); H04L 63/168 (2013.01); H04L 63/0245 (2013.01); H04L 63/1416 (2013.01); H04L 67/104 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for scanning computer data, the method comprising:
scanning a first out-of-order portion of a dataset from an input state associated with malware, wherein the first out-of-order portion is sent to a destination after the scanning;
generating a pattern that identifies the malware as a result of the scanning the first out-of-order portion;
generating an output state by scanning a second out-of-order portion of the dataset that immediately precedes the first out-of-order portion of the dataset;
identifying that the dataset includes a set of malware based on matching of the input and output state; and
blocking the second out-of-order portion of the dataset from being sent to the destination based on the identification that the dataset includes the set of malware.