Free Answer to Complaint - District Court of Delaware - Delaware

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 1 of 15

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF DELAWARE SRI INTERNATIONAL, INC., a California corporation, Plaintiff, v. INTERNET SECURITY SYSTEMS, INC., a Delaware corporation, INTERNET SECURITY SYSTEMS, INC., a Georgia corporation, and SYMANTEC CORPORATION, a Delaware corporation, Defendants. Civil Action No. 04-1199 (SLR)

JURY TRIAL DEMANDED

SYMANTEC CORPORATION'S ANSWER AND COUNTERCLAIMS TO SRI INTERNATIONAL, INC.'S FIRST AMENDED COMPLAINT
ANSWER Defendant Symantec Corporation ("Symantec") answers the allegations set forth in the First Amended Complaint of Plaintiff SRI International, Inc. ("SRI") as follows: THE PARTIES 1. Symantec admits that SRI is incorporated under the laws of California, and has a

regular and established place of business at 333 Ravenswood Avenue, Menlo Park, California, 94025. Symantec lacks knowledge and information sufficient to form a belief as to whether SRI is an independent, not-for-profit research institute and therefore denies those allegations. 2. 3. 4. 5. Symantec admits the allegations of paragraph 2. Symantec admits the allegations of paragraph 3. Symantec admits the allegations of paragraph 4. Symantec admits the allegations of paragraph 5. JURISDICTION AND VENUE 6. Symantec admits the allegations of paragraph 6.

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 2 of 15

7.

Symantec admits that this Court has personal jurisdiction over Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to whether this Court has personal jurisdiction over Defendant Internet Security Systems, Inc. of Delaware ("ISS-DE") and therefore denies those allegations. 8. Symantec lacks knowledge and information sufficient to form a belief as to the

truth of the allegations of paragraph 8, including whether this Court has personal jurisdiction over Defendant Internet Security Systems, Inc. of Georgia, ("ISS-GA") and therefore denies those allegations. 9. Symantec admits that venue is proper in this Court as to SRI's claims against

Symantec. Symantec lacks knowledge and information sufficient to form a belief as to whether venue is proper in this Court as to SRI's claims against ISS-DE and ISS-GA and therefore denies those allegations. GENERAL ALLEGATIONS 10. Symantec lacks knowledge and information sufficient to form a belief as to the

truth of the allegations of paragraph 10 and therefore denies those allegations. 11. Symantec admits that it manufactures, sells, and offers to sell network security

systems throughout the United States and elsewhere. Symantec denies the remaining allegations of paragraph 11. FIRST CAUSE OF ACTION 12. Symantec incorporates its responses to the allegations of paragraphs 1 through 11

as if fully set forth herein. 13. Symantec lacks knowledge and information sufficient to form a belief as to the

truth of the allegations of paragraph 13 and therefore denies those allegations. 14. Symantec denies those allegations of paragraph 14 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 14 that relate to ISS-DE and ISS-GA and therefore denies those allegations. 2

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 3 of 15

15.

Symantec denies those allegations of paragraph 15 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 15 that relate to ISS-DE and ISS-GA and therefore denies those allegations. 16. Symantec denies those allegations of paragraph 16 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 16 that relate to ISS-DE and ISS-GA and therefore denies those allegations. 17. Symantec denies those allegations of paragraph 17 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 17 that relate to ISS-DE and ISS-GA and therefore denies those allegations. SECOND CAUSE OF ACTION 18. Symantec incorporates its responses to the allegations of paragraphs 1 through 11

as if fully set forth herein. 19. Symantec lacks knowledge and information sufficient to form a belief as to the

truth of the allegations of paragraph 19 and therefore denies those allegations. 20. Symantec denies those allegations of paragraph 20 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 20 that relate to ISS-DE and ISS-GA and therefore denies those allegations. 21. Symantec denies those allegations of paragraph 21 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 21 that relate to ISS-DE and ISS-GA and therefore denies those allegations. 22. Symantec denies those allegations of paragraph 22 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those

3

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 4 of 15

allegations of paragraph 22 that relate to ISS-DE and ISS-GA and therefore denies those allegations. 23. Symantec denies those allegations of paragraph 23 that relate to Symantec.

Symantec lacks knowledge and information sufficient to form a belief as to the truth of those allegations of paragraph 23 that relate to ISS-DE and ISS-GA and therefore denies those allegations. THIRD CAUSE OF ACTION 24. Symantec incorporates its responses to the allegations of paragraphs 1 through 11

as if fully set forth herein. 25. Symantec lacks knowledge and information sufficient to form a belief as to the

truth of the allegations of paragraph 25 and therefore denies those allegations. 26. 27. 28. 29. Symantec denies the allegations of paragraph 26. Symantec denies the allegations of paragraph 27. Symantec denies the allegations of paragraph 28. Symantec denies the allegations of paragraph 29. FOURTH CAUSE OF ACTION 30. Symantec incorporates its responses to the allegations of paragraphs 1 through 11

as if fully set forth herein. 31. Symantec lacks knowledge and information sufficient to form a belief as to the

truth of the allegations of paragraph 31 and therefore denies those allegations. 32. 33. 34. 35. Symantec denies the allegations of paragraph 32. Symantec denies the allegations of paragraph 33. Symantec denies the allegations of paragraph 34. Symantec denies the allegations of paragraph 35.

4

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 5 of 15

AFFIRMATIVE DEFENSES 36. Symantec asserts the following defenses to SRI's Complaint. Assertion of a

defense is not a concession that Symantec has the burden of proving the matter asserted. (`338 Patent) 37. As a first and separate affirmative defense, Symantec alleges that it does not

infringe and has not infringed, directly or indirectly, literally or by the doctrine of equivalents, any valid and enforceable claim of U.S. Patent No. 6,321,338 ("the `338 patent"). 38. As a second and separate affirmative defense, Symantec alleges that insofar as

Symantec is determined to infringe any claim of the `338 patent, said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, and 116. 39. As a third and separate affirmative defense, Symantec alleges that the `338 patent

is unenforceable because it was obtained through the intentional failure of the inventors, and/or their agents, to disclose to the U.S. Patent Office, during prosecution of the `338 patent, information material to patentability, in violation of 37 C.F.R. § 1.56. 40. To the extent now known, and subject to further clarification as to the full extent

of the withholding and misrepresentation of information, the inventors and/or their agents made a number of misrepresentations or omissions of material fact to the U.S. Patent Office, including but not limited to, omissions regarding prior art. In particular, and without limitation, intentional and material false statements or omissions were made by the inventors and/or their agents by the failure by applicants to disclose to the Examiner one of the inventors' own material prior-art publications: Next-generation Intrusion Detection Expert System (NIDES): A Summary, by Debra Anderson, Thane Frivold, and Alfonso Valdes, SRI-CSL-95-07, May 1995. (hereinafter "NIDES: A Summary"). a) This publication is dated May 1995, making it a § 102(b) prior art reference to each of the patents-in-suit (`338, `203, `212 and `615), all of which claim priority to the `338 filing date of November 9, 1998. Numerous other publications cite to the May 1995 publication date of NIDES: A Summary. Furthermore, NIDES: A Summary

5

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 6 of 15

was listed as available in hard copy by request on the SRI Computer Science Laboratory's publicly available website at least as early as July 5, 1997. See http://web.archive.org/web/19970705040424/www.csl.sri.com/trlist.html. b) NIDES: A Summary lists Alfonso Valdes as an author. Alfonso Valdes is also listed as an inventor on each of the patents-in-suit. c) NIDES: A Summary contains information making it highly material to patentability of each of the patents-in-suit. The publication describes SRI's "Next-generation Intrusion-Detection Expert System" as designed to "operate in real time to detect intrusions" and "use[] innovative statistical algorithms for anomaly detection." The publication also describes the future directions of the NIDES project, including the development of "Network NIDES." Relevant information from the publication includes but is not limited to the following: i."Current computing environments are, more and more, massively networked sets of workstations, servers, mainframes, supercomputers, and special-purpose machines and devices. Focusing on the vulnerabilities of any single host may prove inadequate in such a distributed environment. Detection of intruders will require a comprehensive view of a network, possibly extending to other networks gated to the local network, to detect itinerant intruders those who move through many machines in many autonomous administrative domains. Applying intrusion-detection technology to a networked computing environment will require expanding its scope to include the ability to detect network intrusions as well as intrusions into the individual host machines, and to recognize patterns of activity that are spread among many hosts. The current NIDES technology could be easily extended to perform network monitoring and intrusion detection in three key areas -network data collection, rulebased analysis, and statistical analysis. In addition, the NIDES architecture could be extended to support multiple cooperative NIDES processes that would each be

6

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 7 of 15

responsible for a local domain, with a higher-level NIDES process responsible for the network that supports all the local domains." NIDES: A Summary at 31. ii."The only access to any network service information, short of rewriting the concerned system processes, is to directly monitor network packets and to synthesize network-level audit records for the existing NIDES analysis modules. A network monitoring process could be incorporated into NIDES to read network packets and produce canonical NIDES audit records for analysis. Part of this process would entail substantial filtering of the network data prior to conversion to NIDES audit records." NIDES: A Summary at 31. iii."The current NIDES rulebase can be extended to include rules specific to the domain of detecting suspicious network activity. Several types of scenarios can be addressed, for example: . . . An intrusion-detection system, if it can tell which physical network a packet comes from, could look for packets with IP addresses that should not have come from that network. . . . For example, on a network that allows remote connections (or connections to certain services such as login) from only a limited set of hosts, a series of connection attempts within a short time from a variety of unauthorized hosts is likely to represent a serious break-in attempt rather than simply someone poking around. A network intrusion-detection system could watch for such patterns." NIDES: A Summary at 31-32. iv."The NIDES statistical component is easily adaptable to network intrusion detection with a reinterpretation of subject and action but otherwise no algorithmic changes. For network auditing, profiled entities can be network hosts. For the NIDES statistical component, a set of statistical intrusiondetection measures that are specific to network-level intrusions are easily developed. For example, such measures might profile the amount of traffic

7

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 8 of 15

originating or being received by local and remote hosts for given times of the day and days of the week." NIDES: A Summary at 32. v."NIDES generates two files for each subject in which statistical information (the current or short-term profile and the historical or long-term profile) is stored." NIDES: A Summary at 11. vi."The NIDES statistical analysis component maintains historical statistical profiles for each user and raises an alarm when observed activity departs from established patterns of use for an individual." NIDES: A Summary at 22. 41. The omitted NIDES: A Summary reference would have been considered by a

reasonable examiner to be material to a determination of allowability of the `338 patent claims, and on information and belief, said omissions were made with intent to deceive the U.S. Patent Office. Had the inventors and/or their agents made accurate representations to the U.S. Patent Office, the `338 patent would not have issued. Thus, the `338 patent is unenforceable for inequitable conduct. (`203 Patent) 42. As a fourth and separate affirmative defense, Symantec alleges that it does not

infringe and has not infringed, directly or indirectly, literally or by the doctrine of equivalents, any valid and enforceable claim of U.S. Patent No. 6,484,203 ("the `203 patent"). 43. As a fifth and separate affirmative defense, Symantec alleges that insofar as

Symantec is determined to infringe any claim of the `203 patent, said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, and 116. 44. As a sixth and separate affirmative defense, Symantec alleges that the `203 patent

is unenforceable because it was obtained through the intentional failure of the inventors, and/or their agents, to disclose to the U.S. Patent Office, during prosecution of the `203 patent, information material to patentability, in violation of 37 C.F.R. § 1.56. 45. Symantec incorporates by reference paragraph 40.

8

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 9 of 15

46.

The omitted NIDES: A Summary reference would have been considered by a

reasonable examiner to be highly material to a determination of allowability of the `203 patent claims, and on information and belief, said omissions were made with intent to deceive the U.S. Patent Office. Had the inventors and/or their agents made accurate representations to the U.S. Patent Office, the `203 patent would not have issued. Thus, the `203 patent is unenforceable for inequitable conduct. (`212 Patent) 47. As a seventh and separate affirmative defense, Symantec alleges that it does not

infringe and has not infringed, directly or indirectly, literally or by the doctrine of equivalents, any valid and enforceable claim of U.S. Patent No. 6,709,212 ("the `212 patent"). 48. As an eighth and separate affirmative defense, Symantec alleges that insofar as

Symantec is determined to infringe any claim of the `212 patent, said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, and 116. 49. As a ninth and separate affirmative defense, Symantec alleges that the `212 patent

is unenforceable because it was obtained through the intentional failure of the inventors, and/or their agents, to disclose to the U.S. Patent Office, during prosecution of the `212 patent, information material to patentability, in violation of 37 C.F.R. § 1.56. 50. 51. Symantec incorporates by reference paragraph 40. The omitted NIDES: A Summary reference would have been considered by a

reasonable examiner to be highly material to a determination of allowability of the `212 patent claims, and on information and belief, said omissions were made with intent to deceive the U.S. Patent Office. Had the inventors and/or their agents made accurate representations to the U.S. Patent Office, the `212 patent would not have issued. Thus, the `212 patent is unenforceable for inequitable conduct.

9

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 10 of 15

(`615 Patent) 52. As a tenth and separate affirmative defense, Symantec alleges that it does not

infringe and has not infringed, directly or indirectly, literally or by the doctrine of equivalents, any valid and enforceable claim of U.S. Patent No. 6,711,615 ("the `615 patent"). 53. As an eleventh and separate affirmative defense, Symantec alleges that insofar as

Symantec is determined to infringe any claim of the `615 patent, said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, and 116. 54. As a twelfth and separate affirmative defense, Symantec alleges that the `615

patent is unenforceable because it was obtained through the intentional failure of the inventors, and/or their agents, to disclose to the U.S. Patent Office, during prosecution of the `615 patent, information material to patentability, in violation of 37 C.F.R. § 1.56. 55. 56. Symantec incorporates by reference paragraph 40. The omitted NIDES: A Summary reference would have been considered by a

reasonable examiner to be highly material to a determination of allowability of the `615 patent claims, and on information and belief, said omissions were made with intent to deceive the U.S. Patent Office. Had the inventors and/or their agents made accurate representations to the U.S. Patent Office, the `615 patent would not have issued. Thus, the `615 patent is unenforceable for inequitable conduct.

COUNTERCLAIMS THE PARTIES 57. Symantec is a Delaware corporation having its principal place of business at

20330 Stevens Creek Boulevard, Cupertino, California, 95014. 58. SRI is a California corporation having its principal place of business 333

Ravenswood Avenue, Menlo Park, California, 94025.

10

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 11 of 15

JURISDICTION AND VENUE 59. Symantec's counterclaims arise under the Federal Declaratory Judgment Act, 28

U.S.C. §§ 2201-02, and under the patent laws of the United States, 35 U.S.C. § 101, et seq. 60. By its counterclaims, Symantec seeks to obtain a judgment declaring that

Symantec is not and has not infringed the `338, `203, `212, and `615 patents, and that the `338, `203, `212, and `615 patents are invalid and unenforceable. 61. 62. Jurisdiction is proper in this Court under 28 U.S.C. §§ 1331, 1338(a), and 2201. Venue is proper in this Court under 28 U.S.C. §§ 1391(b) and (c). FIRST COUNTERCLAIM (Declaration of Non-Infringement, Invalidity, and/or Unenforceability of the `338 Patent) 63. 64. Symantec incorporates by reference paragraphs 39-41 and 57-62. SRI claims that it is the owner of the `338 patent, that the `338 patent is valid and

enforceable, and that Symantec infringes the `338 patent. 65. patent. 66. Insofar as Symantec is determined to infringe any claim of the `338 patent, Symantec contends it does not and has not infringed any claims of the `338

Symantec contends said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, 116, and/or for inequitable conduct. 67. Accordingly, a valid and justiciable controversy has arisen and exists between

Symantec and SRI. Symantec desires a judicial determination and declaration of the respective rights and duties of the parties. Such a determination is necessary and appropriate at this time in order that the parties may ascertain their respective rights and duties. SECOND COUNTERCLAIM (Declaration of Non-Infringement, Invalidity, and/or Unenforceability of the `203 Patent) 68. Symantec incorporates by reference paragraphs 44-46 and 57-62.

11

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 12 of 15

69.

SRI claims that it is the owner of the `203 patent, that the `203 patent is valid and

enforceable, and that Symantec infringes the `203 patent. 70. patent. 71. Insofar as Symantec is determined to infringe any claim of the `203 patent, Symantec contends it does not and has not infringed any claims of the `203

Symantec contends said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, 116, and/or for inequitable conduct. 72. Accordingly, a valid and justiciable controversy has arisen and exists between

Symantec and SRI. Symantec desires a judicial determination and declaration of the respective rights and duties of the parties. Such a determination is necessary and appropriate at this time in order that the parties may ascertain their respective rights and duties. THIRD COUNTERCLAIM (Declaration of Non-Infringement, Invalidity, and/or Unenforceability of the `212 Patent) 73. 74. Symantec incorporates by reference paragraphs 49-51 and 57-62. SRI claims that it is the owner of the `212 patent, that the `212 patent is valid and

enforceable, and that Symantec infringes the `212 patent. 75. patent. 76. Insofar as Symantec is determined to infringe any claim of the `212 patent, Symantec contends it does not and has not infringed any claims of the `212

Symantec contends said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, 116, and/or for inequitable conduct. 77. Accordingly, a valid and justiciable controversy has arisen and exists between

Symantec and SRI. Symantec desires a judicial determination and declaration of the respective rights and duties of the parties. Such a determination is necessary and appropriate at this time in order that the parties may ascertain their respective rights and duties.

12

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 13 of 15

FOURTH COUNTERCLAIM (Declaration of Non-Infringement, Invalidity, and/or Unenforceability of the `615 Patent) 78. 79. Symantec incorporates by reference paragraphs 54-62. SRI claims that it is the owner of the `615 patent, that the `615 patent is valid and

enforceable, and that Symantec infringes the `615 patent. 80. patent. 81. Insofar as Symantec is determined to infringe any claim of the `615 patent, Symantec contends it does not and has not infringed any claims of the `615

Symantec contends said claim is invalid and unenforceable under one or more of 35 U.S.C. §§ 101, 102, 103, 112, 116, and/or for inequitable conduct. 82. Accordingly, a valid and justiciable controversy has arisen and exists between

Symantec and SRI. Symantec desires a judicial determination and declaration of the respective rights and duties of the parties. Such a determination is necessary and appropriate at this time in order that the parties may ascertain their respective rights and duties. REQUESTED RELIEF Symantec requests the following relief: (a) (b) Judgment that SRI take nothing by way of its Complaint; Judgment that Symantec does not infringe, contributorily infringe, or induce infringement of any of the claims of the `338, `203, `212, and `615 patents, and has not done so; (c) Judgment that the `338, `203, `212, and `615 patents are invalid and unenforceable; (d) Declaration that this case is an exceptional case within the meaning of 35 U.S.C. § 285 and award to Symantec the costs of this action, including reasonable attorneys' fees; and (e) Any other relief that this Court deems just and proper.

13

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 14 of 15

JURY DEMAND Symantec demands a trial by jury on all issues so triable.

Dated: May 23, 2005

By:

/s/ Richard K. Herrmann___ Richard K. Herrmann (#405) Morris, James, Hitchens & Williams LLP 222 Delaware Avenue, 10th Floor P.O. Box 2306 Wilmington, DE 19899-2306 Telephone: (302) 888-6800 [email protected] Counsel for Defendant SYMANTEC CORPORATION

OF COUNSEL: Lloyd R. Day, Jr. (pro hac vice) Robert M. Galvin (pro hac vice) Paul S. Grewal (pro hac vice) Day Casebeer Madrid & Batchelder LLP 20300 Stevens Creek Blvd., Suite 400 Cupertino, CA 95014 Tel: (408) 873-0110 Fax: (408) 873-0220 Michael J. Schallop (pro hac vice) Symantec Corporation 20330 Stevens Creek Blvd. Cupertino, CA 95014 Tel: (408) 517-8000 Fax: (408) 517-8121

14

Case 1:04-cv-01199-SLR

Document 38

Filed 05/23/2005

Page 15 of 15

CERTIFICATE OF SERVICE I hereby certify that on the 23rd day of May, 2005, I electronically filed the foregoing document, TO SYMANTEC SRI CORPORATION'S INC.'S ANSWER FIRST AND

COUNTERCLAIMS

INTERNATIONAL,

AMENDED

COMPLAINT, with the Clerk of the Court using CM/ECF which will send notification of such filing to the following: Timothy Devlin, Esq. Fish & Richardson, P.C. 919 North Market Street, Suite 1100 Wilmington, DE 19801 Richard L. Horwitz, Esq. David E. Moore, Esq. Potter Anderson & Corroon LLP Hercules Plaza 1313 North Market Street, 6th Floor Wilmington, DE 19801

Additionally, I hereby certify that on the 23rd day of May, 2005, the foregoing document was served via email on the following non-registered participants: Howard G. Pollack, Esq. Michael J. Curley, Esq. Fish & Richardson 500 Arguello Street, Suite 500 Redwood City, CA 94063 Holmes Hawkins, III, Esq. King & Spalding 191 Peachtree Street, N.E. Atlanta, GA 30303-1763

/s/ Richard K. Herrmann Richard K. Herrmann (#405) Morris, James, Hitchens & Williams LLP 222 Delaware Avenue, 10th Floor P.O. Box 2306 Wilmington, DE 19899-2306 Telephone: (302) 888-6800 [email protected] Counsel for Defendant SYMANTEC CORPORATION

15