Skip to Content
Find More Like This
Return to Search

FULL FLOW RETRIEVAL OPTIMIZED PACKET CAPTURE

United States Patent Application

20170063695
A1
View the Complete Application at the US Patent & Trademark Office
Los Alamos National Laboratory - Visit the Technology Transfer Division Website
A packet capture system may copy packets from an interface to a bucket. When the bucket is full of packets, a new bucket for incoming packets may be started, and the full bucket may be indexed. During the indexing, each packet may be sorted in the bucket by flow, and each flow may be indexed. Once indexing is complete, the packets are written to a flow ordered FCAP file and the indexes are written to disk. The flow ordered nature of the FCAP file combined with the indices and their associated search algorithms allow for rapid retrieval of captured flows.
Ferrell, Paul (Los Alamos, NM)
Los Alamos National Security, LLC.
15/ 139,484
April 27, 2016
STATEMENT OF FEDERAL RIGHTS [0002] The United States government has rights in this invention pursuant to Contract No. DE-AC52-06NA25396 between the United States Department of Energy and Los Alamos National Security, LLC for the operation of Los Alamos National Laboratory.