NETWORK SECURITY DEFENSE METHOD AND RELATED DEVICE APPLIED TO NETWORK SECURITY DEFENSE SYSTEM

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/14/2026 has been entered. Response to Amendment The amendment filed 01/14/2026 has been entered. Claims 1 and 10 have been amended. No Claims have been/remains canceled. Claims 1-13 remain pending in the application. Response to Arguments Regarding Applicant’s arguments, on page 6-11 of the remark filed on 01/14/2026, on the newly amended limitations of independent claim 1: “wherein the first memory is a memory changed to be different from corresponding original contents on the effect of random disturbance, and wherein the first memory is an error on the effect of random disturbance; wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and wherein the second memory is an error on the effect of non-random disturbance; and wherein the error comprises configuration data error, business data error, or user data error.”, arguments are persuasive. Therefore, the 35 U.S.C. 103 rejection over Yan et al. (U.S Pub. No. 20190219994), Hutchison et al. (U.S Pub. No. 20160291942) and Reddy et al. (U.S Pub. No. 20190306173) further in view of Geri et al. (U.S Pub. No. 20210004332)), has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made under 35 U.S.C. § 103 in view of the following prior art: Bennett et al. (U.S Pub. No. 20130080862) and Korotaev et al. (U.S Pub. No. 20210026949) in conjunction with Yan et al. (U.S Pub. No. 20190219994)). Please refer to the 35 U.S.C. 103 section below for a detailed explanation. For the reasons stated above and the new ground(s) of rejection under 35 U.S.C. 103 below, Examiner respectfully disagrees with Applicant’s argument, see Applicant’s Remarks Page 6-11, regarding allowance of the application. Examiner asserts that claims 1-13 are rejected for the reasons stated above in conjunction with the new ground(s) of rejection under 35 U.S.C. 103 below. Conclusion: Yan-Bennett- Korotaev teaches the aforementioned limitations of independent claims 1 and 10 rendering the claim limitations obvious before the effective date of the claimed invention. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 6-7 and 10-13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yan et al. (U.S Pub. No. 20190219994, hereinafter referred to as “Yan”) and Bennett et al. (U.S Pub. No. 20130080862, hereinafter referred to as “Bennett”) further in view of Korotaev et al. (U.S Pub. No. 20210026949, hereinafter referred to as “Korotaev”) In regards to Claim 1, Yan teaches a security defense method applied to a network security defense system, comprising: using memoryless technology in a cyberspace information system, (Par. (0028); monitor occurrences of cyber-attacks in abnormal space; use data and create decision boundaries )), (Par. (0104); memoryless))(Par. (0067); memoryless)) wherein the memoryless technology comprises technology which is not affected by generalized disturbance; (Par. (0037); cyber attack detected program still running only portion to further investigate disturbance)) (Par. (0079); disturbances)) Yan does not explicitly teach eliminating a first memory of the cyberspace information system on an effect of random disturbance by using a redundancy and replacement mechanism before the first memory is used, wherein the first memory is a memory changed to be different from corresponding original contents on the effect of random disturbance, and wherein the first memory is an error on the effect of random disturbance; eliminating a second memory of the cyberspace information system on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system and/or data in the cyberspace information system before the second memory is used, wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and wherein the second memory is an error on the effect of non-random disturbance; and wherein the error comprises configuration data error, business data error, or user data error. Wherein Bennett teaches eliminating a first memory of the cyberspace information system on an effect of random disturbance by using a redundancy and replacement mechanism before the first memory is used, (Par. (0026); eliminating a first memory (erasing a block of memory)), (Par. (0032-0033, 0056 and 0061); of the cyberspace information system (system corresponding to error correcting code associated with validation and verification)), (Par. (0037, 0039); on an effect of random disturbance (erasing the data/block in memory based on device wearing out)), (Par. (0063-0065); on an effect of random disturbance by using a redundancy and replacement mechanism (erasing a block of memory that is degrading near wear out point)), (Par. (0052, 0054-0055); on an effect of random disturbance by using a redundancy and replacement mechanism (RCC bit of memory is discarded and replaced based on redundancy data)), (Par. (0091); eliminating a first memory of the cyberspace information system (pool of blocks of the memory are removed when error statistics are exhibited)) (Par. (0026); before the first memory is used (erasing the block of memory prior to being written again with different data)), (Examiner Note: In the instant application the specification defines on Par. (0037-0038) describing a redundancy and replacement mechanism to be hardware or software with decreased reliability and broken down hardware/software that is replace, therefore it will be broadly and reasonably interpreted in light of the specification that “a redundancy and replacement mechanism” refers to a removal or erasing of memory based on wearing down, degrading and error, followed by a replacing, refreshing or updating step)) wherein the first memory is a memory changed to be different from corresponding original contents on the effect of random disturbance, and (Par. (0026); the first memory is a memory changed to be different (erasing a block of memory prior to being written again with a different data) different from corresponding original contents (refreshed data stored in memory)), (Par. (0037, 0039 and 0062-0065); on an effect of random disturbance (erasing and replacing of the data/block in memory corresponding to the device wearing out and errors compared with original version of data)), wherein the first memory is an error on the effect of random disturbance; and (Par. (0014); memory with errors)), (Par. (0063-0065); first memory is an error (error determined by memory, error characteristics of each block of flash memory) on the effect of random disturbance (memory and device degrading and wear out then erasing operation)) wherein the error comprises configuration data error, business data error, or user data error. (Par. (0034); wherein the error comprises user data error (inner error computed over user data)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan to incorporate the teaching of Bennett to utilize the above feature because of the analogous concept of memoryless technology and verification techniques over disturbances within data, with the motivation of securely protecting data storage and mitigating received errors within hardware and software by over time implementing an erasing operation to protect worn out devices and create higher level of storage to ensure users files. By having a correction of errors associated with redundancy data the system is more enhanced to detect various disturbances. (Bennett Par. (0002, 0008-0009 and 0034-0035)) Yan and Bennett do not explicitly teach eliminating a second memory of the cyberspace information system on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system and/or data in the cyberspace information system before the second memory is used, wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and wherein the second memory is an error on the effect of non-random disturbance; and Wherein Korotaev teaches eliminating a second memory of the cyberspace information system on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system and/or data in the cyberspace information system before the second memory is used, (Par. (0008-0010); eliminating a second memory (removing a portion of program code)), (Par. (0007 and 0010); of the cyberspace information system (system with security hardening module and software detecting vulnerabilities)), (Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)), (Par. (0031 and 0045); eliminating a second memory of the cyberspace information system on an effect of non-random disturbance (wiping out code from memory based on exploit detected)), (Par. (0029-0031); eliminating a second memory (terminating and removing from main memory corresponding to portions of code from the memory)), (Examiner Note: In the instant application on Par. (0041) the specification states a non-random disturbance includes a virus that cause and error. Therefore it will be broadly and reasonably interpreted in light of the specification that non-random disturbance refers to a security detection of vulnerabilities in program code of the memory)) wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and (Par. (0008-0010); the second memory is a memory changed to be different (portion of code is removed and replaced with different portion of code) corresponding original contents on the effect of non-random disturbance (after vulnerability is detected a removal and replacing of portion of code)) wherein the second memory is an error on the effect of non-random disturbance; and (Par. (0045); second memory (code in memory) is an error (returned error code corresponding to code) on the effect of non-random disturbance (honeypot determining exploits and vulnerabilities ), (Par. (0008-0010)); on the effect of non-random disturbance (honeypot corresponding to detection of vulnerabilities and replacement of code from memory)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of detecting intrusion, reducing attacks and identifying code to prevent security failures by implementing more authentication measures during runtime before system restarts to remove memory possibly affected and identify software code more effectively. (Korotaev Par. (0003-0007)) In regards to Claim 6, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Bennett further teaches wherein the eliminating a memory of data in the cyberspace information system comprises: (Par. (0026); eliminating a first memory (erasing a block of memory), (Par. (0032-0033, 0056 and 0061); in a cyberspace information system (error correcting code of system associated with validation and verification)), initializing a storage space of the data. (Par. (0049); initializing a storage space of the data (permitting based on storage space bits of data) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Korotaev to incorporate the teaching of Bennett to utilize the above feature because of the analogous concept of memoryless technology and verification techniques over disturbances within data, with the motivation of implementing a process of permitting data into storage to create a check of redundancy data and effectively storing compressed or smaller number of bits to speed up computations and store more effectively. (Bennett Par. (0049)) In regards to Claim 7, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Bennett further teaches wherein the eliminating a memory of data in the cyberspace information system comprises: (Par. (0026); eliminating a first memory (erasing a block of memory), (Par. (0033, 0056 and 0061); in a cyberspace information system (error correcting code of system associated with validation and verification)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan to incorporate the teaching of Bennett to utilize the above feature because of the analogous concept of memoryless technology and verification techniques over disturbances within data, with the motivation of securely protecting data storage and mitigating received errors within hardware and software by over time implementing an erasing operation to protect worn out devices and create higher level of storage to ensure users files. By having a correction of errors associated with redundancy data the system is more enhanced to detect various disturbances. (Bennett Par. (0002, 0008-0009 and 0034-0035)) Yan and Bennett do not explicitly teach clearing a storage space of the data. Wherein Korotaev teaches clearing a storage space of the data. (Par. (0031 and 0045); wiping out code from memory)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating attempts of access and unused code by wiping out storages of memory as well as detecting vulnerabilities with appropriate measures of wiping out storage to prevent security issues. (Korotaev Par. (0031 and 0045-0046) In regards to Claim 10, Yan teaches a security defense apparatus applied to a network security defense system, comprising: (Par. (0031-0032); security defense apparatus (apparatus for detecting abnormal state) with system) (Figure 1 label 100; system)(Par. (0028); monitor occurrences of cyber-attacks in abnormal space; use data and create decision boundaries )), (Par. (0104); memoryless)) a memoryless processor, configured to use memoryless technology in a cyberspace information system, (Par. (0104); devices modules are memoryless)), (Par. (0045); modules), (Figure 1 label 100; system) wherein the memoryless technology comprises technology which is not affected by generalized disturbance; (Par. (0037); cyber attack detected program still running only portion to further investigate disturbance)) (Par. (0079); disturbances)) a first memory elimination processor, configured to eliminate an effect of time- related random disturbance on the cyberspace information system by using a redundancy and replacement mechanism before the first memory is used, wherein the first memory is a memory changed to be different from corresponding original contents on the effect of random disturbance, and wherein the first memory is an error on the effect of random disturbance; a second memory elimination processor, configured to eliminate an effect of non- random disturbance on the cyberspace information system by eliminating a memory of a program running in the cyberspace information system and/or data in the cyberspace information system before the second memory is used, wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and wherein the second memory is an error on the effect of non-random disturbance; and wherein the error comprises configuration data error, business data error, or user data error. Wherein Bennett teaches a first memory elimination processor, configured to (Par. (0089-0091); processor corresponding to steps of removing memory) eliminate an effect of time-related random disturbance on the cyberspace information system by using a redundancy and replacement mechanism before the first memory is used, (Par. (0026); eliminating random disturbance (erasing a block of memory), (Par. (0039 and 0064); eliminate an effect of time-related random disturbance (erase operations of memory corresponding to storage time, lifetime of module and erasing groups of blocks of memory at different time/ wear out times)) (Par. (0033, 0056 and 0061); of the cyberspace information system (system corresponding to error correcting code associated with validation and verification)), (Par. (0037, 0039); eliminate random disturbance (erasing the data/block in memory based on device wearing out)), (Par. (0063-0065); random disturbance by using a redundancy and replacement mechanism (erasing a block of memory that is degrading near wear out point)), (Par. (0052, 0054-0055); eliminate random disturbance by using a redundancy and replacement mechanism (RCC bit of memory is discarded and replaced based on redundancy data)), (Par. (0091); eliminating random disturbance on the cyberspace information system (pool of blocks of the memory are removed when error statistics are exhibited)) (Par. (0026); before the first memory is used (erasing the block of memory prior to being written again with different data)), (Examiner Note: In the instant application the specification defines on Par. (0037-0038) describing a redundancy and replacement mechanism to be hardware or software with decreased reliability and broken down hardware/software that is replace, therefore it will be broadly and reasonably interpreted in light of the specification that “a redundancy and replacement mechanism” refers to a removal or erasing of memory based on wearing down, degrading and error, followed by a replacing, refreshing or updating step)) wherein the first memory is a memory changed to be different from corresponding original contents on the effect of random disturbance, and (Par. (0026); the first memory is a memory changed to be different (erasing a block of memory prior to being written again with a different data) different from corresponding original contents (refreshed data stored in memory)), (Par. (0037, 0039 and 0062-0065); on an effect of random disturbance (erasing and replacing of the data/block in memory corresponding to the device wearing out and errors compared with original version of data)), wherein the first memory is an error on the effect of random disturbance; (Par. (0014); memory with errors)), (Par. (0063-0065); first memory is an error (error determined by memory, error characteristics of each block of flash memory) on the effect of random disturbance (memory and device degrading and wear out then erasing operation)) wherein the error comprises configuration data error, business data error, or user data error. (Par. (0034); wherein the error comprises user data error (inner error computed over user data)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan to incorporate the teaching of Bennett to utilize the above feature because of the analogous concept of memoryless technology and verification techniques over disturbances within data, with the motivation of securely protecting data storage and mitigating received errors within hardware and software by over time implementing an erasing operation to protect worn out devices and create higher level of storage to ensure users files. By having a correction of errors associated with redundancy data the system is more enhanced to detect various disturbances. (Bennett Par. (0002, 0008-0009 and 0034-0035)) Yan and Bennett do not explicitly teach a second memory elimination processor, configured to eliminate an effect of non- random disturbance on the cyberspace information system by eliminating a memory of a program running in the cyberspace information system and/or data in the cyberspace information system before the second memory is used, wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and wherein the second memory is an error on the effect of non-random disturbance; and Wherein Korotaev teaches a second memory elimination processor, configured to (Par. (0014); hardware processor that is configured to eliminate (remove) portions of code from software)) eliminate an effect of non- random disturbance on the cyberspace information system by eliminating a memory of a program running in the cyberspace information system and/or data in the cyberspace information system before the second memory is used, (Par. (0008-0010); eliminating an effect of non- random disturbance (removing a portion of program code)), (Par. (0007 and 0010); of the cyberspace information system (system with security hardening module and software detecting vulnerabilities)), (Par. (0008-0010); effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)), (Par. (0031 and 0045); eliminating an effect of non- random disturbance on the cyberspace information system by eliminating a memory of a program running (wiping out code from memory based on exploit detected)), (Par. (0029-0031); an effect of non- random disturbance on the cyberspace information system by eliminating a memory of a program running (terminating and removing from main memory corresponding to portions of code from the memory)), (Examiner Note: In the instant application on Par. (0041) the specification states a non-random disturbance includes a virus that cause and error. Therefore it will be broadly and reasonably interpreted in light of the specification that non-random disturbance refers to a security detection of vulnerabilities in program code of the memory)) wherein the second memory is a memory changed to be different from corresponding original contents on the effect of non-random disturbance, and (Par. (0008-0010); the second memory is a memory changed to be different (portion of code is removed and replaced with different portion of code) corresponding original contents on the effect of non-random disturbance (after vulnerability is detected a removal and replacing of portion of code)) wherein the second memory is an error on the effect of non-random disturbance; and (Par. (0045); second memory (code in memory) is an error (returned error code corresponding to code) on the effect of non-random disturbance (honeypot determining exploits and vulnerabilities ), (Par. (0008-0010)); on the effect of non-random disturbance (honeypot corresponding to detection of vulnerabilities and replacement of code from memory)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of detecting intrusion, reducing attacks and identifying code to prevent security failures by implementing more authentication measures during runtime before system restarts to remove memory possibly affected and identify software code more effectively. (Korotaev Par. (0003-0007)) In regards to Claim 11, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Yan further teaches a security defense device applied to a network security defense system, comprising a processor and a memory, wherein, (Par. (0031-0032); security defense device (system and devices corresponding detecting abnormal state)) (Figure 1 label 170, 100; system with device) (Par. (0028); monitor occurrences of cyber-attacks in abnormal space; use data and create decision boundaries )) (Par. (0093); processor and memory devices)) the memory is configured to store a program; and (Par. (0093); memory devices)) the processor is configured to run the program, to implement the security defense method applied to the network security defense system according to claim 1. (Par. (0093); processor and memory devices)), (Par. (0028); method applied to the network security defense system (system with nodes corresponding to preventing tampering in cyber attacks) In regards to Claim 12, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Yan further teaches a non-transitory computer-readable storage medium, storing a computer program, wherein, the computer program, when running on a computer, implements the security defense method applied to the network security defense system according to claim 1. ((Par. (0028); monitor occurrences of cyber-attacks in abnormal space; use data and create decision boundaries )), (Par. (0033); computer-readable medium)), (Figure 1 label 170; when running on a computer implements the security defense (computer with detection)) (Par. (0028); method applied to the network security defense system (system with nodes corresponding to preventing tampering in cyber attacks) In regards to Claim 13, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Yan further teaches a cyberspace information system, comprising: (Par. (0028); cyberspace information system (system with nodes corresponding to preventing tampering in cyber attacks), (Par. (0028); monitor occurrences of cyber-attacks in abnormal space; use data and create decision boundaries )), a logic processor, a storage device and (Par. (0093); storage device and processor with instruction to perform)) wherein, the logic processor is configured to implement a logic function based on memoryless technology or a running program; (Par. (0093); processor associated with feature functions)), (Par. (0067);memoryless)) the storage device is configured to store data; and (Par. (0093); storage device storing data)) Yan does not explicitly teach a memory elimination processor, the memory elimination processor is configured to perform the security defense method applied to the network security defense system according to claim 1, to eliminate an effect of generalized disturbance on the network security defense system. Wherein Bennett teaches a memory elimination processor, (Par. (0089-0091); processor corresponding to steps of removing memory) the memory elimination processor is configured to perform the security defense method applied to the network security defense system according to claim 1, (Par. (0089-0091); memory elimination processor (processor corresponding to steps of removing memory)) ((Par. (0033, 0056 and 0061); to perform the security defense method applied to the network security defense system according to claim 1 (error correcting code of system associated with validation and verification)), to eliminate an effect of generalized disturbance on the network security defense system. (Par. (0026); eliminating a first memory (erasing a block of memory), (Par. (0037, 0039); on an effect of generalized disturbance (erasing the data/block in memory based on device wearing out)), (Par. (0063-0065); an effect of generalized disturbance (erasing a block of memory that is degrading near wear out point)), (Par. (0052, 0054-0055); an effect of generalized disturbance (RCC bit of memory is discarded and replaced based on redundancy data)), (Par. (0091); eliminating an effect of generalized disturbance (pool of blocks of the memory are removed when error statistics are exhibited)) (Par. (Par. (0033, 0056 and 0061); on the network security defense system. (system corresponding to error correcting code associated with validation and verification)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Korotaev to incorporate the teaching of Bennett to utilize the above feature because of the analogous concept of memoryless technology and verification techniques over disturbances within data, with the motivation of adding network security to eliminate disturbances to create a verification process in which errors can be detected and steps performed to mitigate disturbances and possible harm on memory. (Bennett Par. (0056)) Claim(s) 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yan et al. (U.S Pub. No. 20190219994, hereinafter referred to as “Yan”), Bennett et al. (U.S Pub. No. 20130080862, hereinafter referred to as “Bennett”) and Korotaev et al. (U.S Pub. No. 20210026949, hereinafter referred to as “Korotaev”) further in view of Gu et al. (U.S Pub. No. 20200065480, hereinafter referred to as “Gu”) In regards to Claim 2, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Korotaev further teaches wherein the eliminating the memory of a program running in the cyberspace information system comprises: ((Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating and removing memory of software code in runtime to prevent vulnerabilities and to prevent malicious attackers exploiting the data. (Korotaev Par. (0008-0010 and 0041-0042)) Yan, Bennett and Korotaev do not explicitly teach solidifying the program in the cyberspace information system, to make logic of the program unchangeable. Wherein Gu teaches solidifying the program in the cyberspace information system, to make logic of the program unchangeable. (Par. (0125); solidifying the program (protected item of software)), (Par. (0084-0085); in the cyberspace information system (security checks associated with software from attackers in protection system 220)), (Par. (0125); solidifying the program to make logic of the program unchangeable. (verification and protected item of software and code comprising unchanged code to make harder for attackers)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan, Bennett and Korotaev to incorporate the teaching of Gu to utilize the above feature because of the analogous of detecting malware in cyberspace based on various disturbances associated with hardware and software, with the motivation of ensuring at runtime that attackers will not be able to exploit software by creating a checksum and various reverse engineering attacks to provide assurances to the user that the software functionality will not be affected and create a level of trust. (Gu Par. (0004-0006) Claim(s) 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yan et al. (U.S Pub. No. 20190219994, hereinafter referred to as “Yan”), Bennett et al. (U.S Pub. No. 20130080862, hereinafter referred to as “Bennett”) and Korotaev et al. (U.S Pub. No. 20210026949, hereinafter referred to as “Korotaev”) further in view of Chien et al. (U.S Pub. No. 20180146001, hereinafter referred to as “Chien”) In regards to Claim 3, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Korotaev further teaches wherein the eliminating the memory of a program running in the cyberspace information system comprises: ((Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating and removing memory of software code in runtime to prevent vulnerabilities and to prevent malicious attackers exploiting the data. (Korotaev Par. (0008-0010 and 0041-0042)) Yan, Bennett and Korotaev do not explicitly teach solidifying the program in the cyberspace information system for a user, logic of the program cannot be changed by the user. Wherein Chien teaches solidifying the program in the cyberspace information system for a user, logic of the program cannot be changed by the user. (Par. (0091); solidifying the program (authorized and “locked down” with software)), (Par. (0036-0037 and 0054-0056);in the cyberspace information system (system with tiers of security and access based on blocklist and whitelist)), (Par. (0091); for a user, logic of the program cannot be changed by the user. (users cannot modify low-level or boot code)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan, Bennett and Korotaev to incorporate the teaching of Chien to utilize the above feature because of the analogous of detecting various disturbances associated with hardware and software with counter-measures in a system, with the motivation of eliminating hackers and malicious parties attempting to penetrate and gain access through security holes by creating non-modifiable data and regulating access rights in a system to create an enhanced layer of authentication. (Chien Par. (0002-0003 and 0060) Claim(s) 4 and 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yan et al. (U.S Pub. No. 20190219994, hereinafter referred to as “Yan”), Bennett et al. (U.S Pub. No. 20130080862, hereinafter referred to as “Bennett”) and Korotaev et al. (U.S Pub. No. 20210026949, hereinafter referred to as “Korotaev”) further in view of Lakshmanan et al. (U.S Pub. No. 20190114166, hereinafter referred to as “Lakshmanan”) In regards to Claim 4, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Korotaev further teaches wherein the eliminating the memory of a program running in the cyberspace information system comprises: ((Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating and removing memory of software code in runtime to prevent vulnerabilities and to prevent malicious attackers exploiting the data. (Korotaev Par. (0008-0010 and 0041-0042)) Yan, Bennett and Korotaev do not explicitly teach comparing the program with a backup program of the program; and replacing the program with the backup program, in response to logic of the program being different from logic of the backup program. Wherein Lakshmanan teaches comparing the program with a backup program of the program; and (Par. (0107); comparing the program (matching temporary source code) with a backup program of the program (matched with working copy of source code)) replacing the program with the backup program, in response to logic of the program being different from logic of the backup program. (Par. (0107); replacing the program with the backup program (replacing lines of code in temporary source code/temporary file with lines of code in working copy), in response to logic of the program being different from logic of the backup program (when the match is different then replace)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan, Bennett and Korotaev to incorporate the teaching of Lakshmanan to utilize the above feature because of the analogous of detecting various disturbances associated with hardware and software and changes to code, with the motivation of determining changes made to software to prevent disturbances or error prone processes by identifying which entity made changes and having a backup program as a means of comparison in isolation to enhance the detecting of code. (Lakshmanan Par. (0001-0004 and 0076) In regards to Claim 8, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Korotaev further teaches wherein the eliminating a memory of data in the cyberspace information system comprises: ((Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating and removing memory of software code in runtime to prevent vulnerabilities and to prevent malicious attackers exploiting the data. (Korotaev Par. (0008-0010 and 0041-0042)) Yan, Bennett and Korotaev do not explicitly teach comparing the data with backup data of the data; and replacing the data with the backup data, in response to the data being different from the backup data. Wherein Lakshmanan teaches comparing the data with backup data of the data; and (Par. (0107); comparing the data (matching temporary source code) with a backup data of the data (matched with working copy of source code)) replacing the data with the backup data, in response to the data being different from the backup data. (Par. (0107); replacing the data with the backup data (replacing lines of code in temporary source code/temporary file with lines of code in working copy), in response to the data being different from the backup data (when the match is different then replacing)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan, Bennett and Korotaev to incorporate the teaching of Lakshmanan to utilize the above feature because of the analogous of detecting various disturbances associated with hardware and software and changes to code, with the motivation of determining changes made to software to prevent disturbances or error prone processes by identifying which entity made changes and having a backup program as a means of comparison in isolation to enhance the detecting of code. (Lakshmanan Par. (0001-0004 and 0076) Claim(s) 5 and 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yan et al. (U.S Pub. No. 20190219994, hereinafter referred to as “Yan”), Bennett et al. (U.S Pub. No. 20130080862, hereinafter referred to as “Bennett”) and Korotaev et al. (U.S Pub. No. 20210026949, hereinafter referred to as “Korotaev”) further in view of Fillingim et al. (U.S Pub. No. 20110307758, hereinafter referred to as “Fillingim”) In regards to Claim 5, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Korotaev further teaches wherein the eliminating the memory of a program running in the cyberspace information system comprises at least one of the following: ((Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating and removing memory of software code in runtime to prevent vulnerabilities and to prevent malicious attackers exploiting the data. (Korotaev Par. (0008-0010 and 0041-0042)) Yan, Bennett and Korotaev do not explicitly teach periodically or aperiodically recovering the program based on a preset recovery method in the program; checking the program in real time or in non-real time based on a preset checking method; and correcting the program in real time or in non-real time based on a preset encryption or error correction coding. Wherein Fillingim teaches periodically or aperiodically recovering the program based on a preset recovery method in the program; checking the program in real time or in non-real time based on a preset checking method; and correcting the program in real time or in non-real time based on a preset encryption or error correction coding. (Par. (0051-0052); correcting the program in real time (providing error correction to software in normal runtime) based on error correction coding (correcting bit errors using ECC of software)) (Examiner Note: By stating the phrase “at least one of the following” followed by “and correcting the program” Examiner broadly and reasonably interprets in light of the specification only one of following limitations must be met.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan, Bennett and Korotaev to incorporate the teaching of Fillingim to utilize the above feature because of the analogous of detecting various disturbances associated with hardware and software and error correction code, with the motivation of determining error characteristics of storage and validating data based on ECC operations to solve issues present in current data storage system. (Fillingim Par. (0005-0008) In regards to Claim 9, the combination of Yan, Bennett and Korotaev teach the method of claim 1, Korotaev further teaches wherein the eliminating a memory of data in the cyberspace information system comprises: (Par. (0008-0010); on an effect of non-random disturbance by eliminating a memory of a program running in the cyberspace information system (detecting a vulnerability and replacing and removing portion of source code within the program during runtime)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan and Bennett to incorporate the teaching of Korotaev to utilize the above feature because of the analogous concept of detecting disturbances over hardware and software components, with the motivation of eliminating and removing memory of software code in runtime to prevent vulnerabilities and to prevent malicious attackers exploiting the data. (Korotaev Par. (0008-0010 and 0041-0042)) Yan, Bennett and Korotaev do not explicitly teach checking or correcting the data based on a preset checking, encryption or error correction coding in the data; and initializing the data, in response to a checking result indicating the data is changed. Wherein Fillingim teaches checking or correcting the data based on a preset checking, encryption or error correction coding in the data; and (Par. (0051-0052); correcting the program in real time (providing error correction to software in normal runtime) based on error correction coding (correcting bit errors using ECC of software)) initializing the data, in response to a checking result indicating the data is changed. (Par. (0136); initializing the data, (further processing of the data) in response to a checking result indicating the data is changed (data is further processed after portions of ECC codeword are corrected), (Par. (0252); data retention and decreasing code rate in response to errors being corrected)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yan, Bennett and Korotaev to incorporate the teaching of Fillingim to utilize the above feature because of the analogous of detecting various disturbances associated with hardware and software and error correction code, with the motivation of determining error characteristics of storage and validating data based on ECC operations to solve issues present in current data storage system as well as having a processing or initializing of data once the errors are corrected to increase the capacity of the system. (Fillingim Par. (0005-0008 and 0253-0252)) Relevant Prior Art The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Robison; Charles D (U.S Pub. No. 20230237162) “SYSTEMS AND METHODS FOR REMOTE SECURE ERASURE OF FINGERPRINT DATA FROM INFORMATION HANDLING SYSTEMS”. Considered this reference because it addressed eliminating memory of software based devices. BHAGI; Sri Karthik (U.S Pub. No. 20220292196) “DETECTING RANSOMWARE IN MONITORED DATA”. Considered this application because it relates clearing or deleting memory once malware is detected. Diehl; David F. (U.S Pub. No. 20210329012) “DISTRIBUTED DIGITAL SECURITY SYSTEM”. Considered this application because it addressed detection of software that contains error and the clearing or elimination of the components on the system. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HASSAN A HUSSEIN/Examiner, Art Unit 2497