US 11,658,991 B2
Nonce injection and observation system for detecting eavesdroppers
David J. Plonka, Madison, WI (US); Kyle R. Rose, Somerville, MA (US); and Laura M. Roberts, Dallas, TX (US)
Assigned to Akamai Technologies, Inc., Cambridge, MA (US)
Filed by Akamai Technologies, Inc., Cambridge, MA (US)
Filed on Feb. 19, 2021, as Appl. No. 17/179,760.
Application 17/179,760 is a continuation of application No. 16/109,454, filed on Aug. 22, 2018, granted, now 10,931,695.
Prior Publication US 2021/0243214 A1, Aug. 5, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04W 12/02 (2009.01); G06F 21/57 (2013.01); G06F 21/00 (2013.01)
CPC H04L 63/1425 (2013.01) [G06F 21/577 (2013.01); H04L 63/0281 (2013.01); H04L 63/0428 (2013.01); H04L 63/166 (2013.01); H04W 12/02 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A method, comprising:
modifying an outbound network message, at least by:
generating a nonce, and,
inserting the nonce into a network identifier in the outbound network message;
sending the modified outbound network message to a first device, via one or more network links;
recording information about the sending of the modified outbound network message in a nonce record;
subsequent to the sending of the modified outbound network message, receiving an inbound network message from a second device, the inbound network message comprising at least one of: (i) a query about the network identifier with the nonce, and (ii) a probe about the network identifier with the nonce;
recording information about the inbound network message in a log entry; and,
determining, based at least in part on the nonce record and the log entry, that the second device is associated with an eavesdropper on at least one of: (a) the one or more network links over which the modified outbound network message was sent to the first device, and (b) the first device.