DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed 3/11/2026 have been fully considered but they are not persuasive.
Applicant argues that claims 1-8, 15-17, 30, 33, and 37 that the steps of the method require significantly more than and can’t be performed by the human mind.
Claim 1 recites: (Currently Amended) A method performed by a first network node performing a spoofing detection, the method comprising:
receiving a request in accordance with a protocol;
establishing a new session with a second network node, the second network node being identified as a sender of the received request;
sending a modified copy of the request to the second network node via the new session; and
receiving a response from the second network node, the response indicating whether the request is a valid request.
In claim 1, the “structure” is intentionally left blank as in a “network node” which could literally mean anything. For example, in a social network a “node” may be an individual.
The steps “receiving a request in accordance with a protocol” reads on being asked a question in turn.
“establishing a new session with a second network node” reads on a separate conversation. “Sending” and “receiving” require only ordinary skill in the art, but read on giving a version of a story.
Thus a mental process.
Applicant argues integration into a practical application, but as can be seen above, the claims are so broad as to read on a “social network” and lack any actual structure or technology. The record is clear that claims 9-14 on the other hand are considered to be integrated into a practical application because they are limited to specific field of endeavor thereby giving context (and therewith limits) to terms such as protocol and session.
Regarding the art rejection, Applicant argues against Efrati, stating: Efrati does not describe forwarding a modified copy of the original request. Instead, the validation server of Efrati sends its own query to the apparent sender device to obtain logs or confirmation. There is no teaching that the server takes the original protocol request and sends a copy thereof (modified or otherwise) to the sender. As such, Efrati fails to teach all features of claim 1. Therefore, claim 1 is allowable over Efrati.
First, claim 1 is a method performed by a first network node comprising steps of receiving a request and sending a modified copy of the request, however there are no steps of modifying the request and absolutely no parameters on how or what would constitute a modification or the result thereof – a modified copy. Therefore the broadest reasonable interpretation (BRI) of a modified copy would be anything more than a blank slate, as its just not reasonable for a blank slate to confused for a modified copy but anything more is at least subject to interpretation.
Second, looking at the limitation “sending a modified copy of the request”, the language “modified copy of the request” is considered a nonfunctional descriptive limitation not carrying patentable weight, as it does not interact with any other step of the claim, such as a step of modifying. Therefore the BRI of “modified copy of the request” is merely “data”.
Third, Efrati discloses sending (step 509) in [0028] which reads on the claim based on the BRI of either first or second rationale above and in [0035], sending a hash of received message which reads on “modified copy of the request”. A “hash” thereby meeting a “modified copy”.
Therefore the arguments are not persuasive.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-8, 15-17, 30, 33, and 37 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea (mental process) without significantly more. The claim(s) recite(s) the mental process of “spoofing detection” which amounts to the mental process of determining if a source can be trusted. This goes way back to the playground when a person wants to verify a story allegedly from a third person. This judicial exception is not integrated into a practical application because the devices recited are generic and the steps of “receiving a request”, “establishing a new session”, “sending”, and “receiving” are both generic and well-understood, routine conventional activity. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because:
receiving a request in accordance with a protocol, or Diameter protocol (claims 5,8), merely requires routine skill in the art; establishing a new session with a second network node (reads on making any conventional connection); sending a modified copy of the request to the second network node and receiving a response from the second network node, the response indicating whether the request is a valid request read on conventional exchanging of information. Claims 2-4 and 6-7 merely recite generic / conventional activity.
Claims 15-16 merely recite more generic / conventional activity.
Claims 17, 30, 33, and 37 are to reciprocal / corresponding methods and generic apparatus to claim 1.
Claims 9-14 add significant structure to tie the invention to the telecommunications field and the instant specification provides an improvement in the technology such that abstract idea is limited to the process in a specific telecom entity (first network node) as recited and thus gives meaning to the protocol, new session, and second network node. Application/Control Number: 18/279,958 Page 4 Art Unit: 2649
Claim Rejections - 35 USC § 102
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 1, 3-4, 15, 17, 30, 33, and 37 is/are rejected under 35 U.S.C. 102((a)(1) & (a)(2)) as being anticipated by Efrati (2015/0121480).
As to claims 1/33, (Currently Amended) Efrati discloses A method performed by a first network node (of 110 with inherent processing circuitry) performing a spoofing detection, the method comprising:
receiving a request (121b / step 501) in accordance with a protocol (see [0026]-[0027]), ;
establishing (step 505) a new session with a second network node (out of band via validation server 350 / “in-band” but distinct), the second network node (201) being identified as a sender of the received request, (see [0026], [0028]);
sending (step 509) a modified copy of the request to the second network node via the new session (see [0028] & [0035]; and
receiving a response (see [0029]) from the second network node, the response indicating whether the request is a valid request. Also see Fig 3 [0022]-[0023].
As to claim 3, (Currently Amended) Efrati discloses The method of claim 1 wherein the method further comprises:
determining that the request is a valid request based on the response (see [0022]), and executing the request (Fig 3: 123).
As to claim 4, (Currently Amended) Efrati discloses The method of claim 1 wherein, in the modified copy of the request, the first network node is identified as a sender of the modified copy of the request and the second network node is identified as a recipient of the modified copy of the request. See [008],[009], [0028],[0035].
As to claim 15, (Currently Amended) Efrati discloses The method of claim 1 further comprising:
determining whether the request satisfies one or more criteria for validating the request (see [0025] block 407); and
wherein performing the steps of establishing the new session with the second network node, sending the modified copy of the request to the second network node via the new session, and receiving the response from the second network node are performed responsive to determining that the request satisfies any of the one or more criteria. See [0025] wherein block 409 is performed responsive to step 407.
As to claims 17/37, (Currently Amended) Efrati discloses A method (Fig 3) performed by a second network node (201 with inherent processing circuitry) performing a spoofing detection, the method comprising:
receiving a request (125) from a first network node (110/350);
determining that the request is a modified copy of a request ([0035]: hash of actual message… may then be compared to messages actually sent) that has been received by the first network node and for which the first network node is requesting validation that the request that has been received by the first network node was sent by the second network node;
responsive to determining that the request is a modified copy of the request that has been received by the first network node and for which the first network node is requesting validation, determining whether the request that has been received at the first network node is valid [0022]-[0023]; and sending (126) a response to the first network node, the response indicating
whether the request that has been received by the first network node is a valid request. Also see Figs 4-6 and citations above to reciprocal method of claim 1.
As to claim 30, (Currently Amended) Efrati discloses A method performed by a first network node (350) performing a testing of a spoofing detection, the method comprising:
establishing a new session (see [0026],[0028]: out of band via validation server 350 / “in-band” but distinct) with a second network node (201); sending a test request (125 / 509) to the second network node via the new session; and
receiving a response (126 / 511) from the second network node (see [0029]). Efrati further discloses comparing the response to a log file which implies “saving” the response in a log file, as a computer cannot make a comparison without saving the data, at least temporarily. Thus it is considered that saving is inherent to comparing.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 2 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Efrati as applied to claim 1 above, and further in view of Jacobsson (2018/0091453).
As to claim 2, (Currently Amended) Efrati discloses The method of claim 1 wherein the method further comprises:
determining that the request is not a valid request based on the response, (see [0023]).
Efrati fails to explicitly recite yet in an analogous art Jacobsson discloses wherein it was known to disregarding the request responsive to determining that the request is not a valid request (see [0051]: problem messages removed). Before the effective filing date of the instant invention it would have been obvious to one of ordinary skill in the art to modify the method of Efrati by disregarding the request responsive to determining that the request is not a valid request as taught by Jacobsson for the purpose of aiding the user in disposing of a spoofed message.
As to claim 16, (Original) Efrati discloses The method of claim 15 is silent to yet in an analogous art Jacobsson discloses wherein the one or more criteria comprise at least one of the following:
(a) a criterion that the request has a high risk of occurrence; (b) a criterion that the request is classified as having a high attack impact; (c) a criterion that the request is a first request exchanged on a respective session; or (d) a combination of any two or more of (a)-(c). See Figs 5-6 [0022],[0023], etc. ). Before the effective filing date of the instant invention it would have been obvious to one of ordinary skill in the art to modify the method of Efrati wherein the one or more criteria comprise at least one of the following:
(a) a criterion that the request has a high risk of occurrence; (b) a criterion that the request is classified as having a high attack impact; (c) a criterion that the request is a first request exchanged on a respective session; or (d) a combination of any two or more of (a)-(c) as taught by Jacobsson for the purpose of applying resources to higher potential problems.
Claim(s) 5-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Efrati as applied to claim 1 above, and further in view of Peylo et al. (2017/0295201) hereinafter “Peylo”.
As to claim 5, (Currently Amended) The method of claim 1 wherein the protocol is a Diameter protocol. See [0064], etc. Before the effective filing date of the instant invention it would have been obvious to one of ordinary skill in the art to modify the method of Efrati by utilizing a Diameter protocol as taught by Peylo by increasing reliability by using a known standard.
As to claims 6-8, (Currently Amended) the combination of Efrati and Peylo discloses everything claimed as applied above to The method of claim 5, additionally the examiner takes official notice that an origin-host, an origin-realm, a destination-realm, and diameter success / limited success were all well known in the art before the effective filing date of the instant invention such that it would have been obvious to one of ordinary skill in the art to modify Efrati such that wherein an origin-host and an origin-realm of the modified copy of the request are set to those of the first network node (claim 6), wherein a destination-realm and a destination-host of the modified copy of the request are set to those of the second network
node (claim 7), wherein the received response is a Diameter Success message if the request is a valid request or a Diameter Limited Success message if the request is a spoofed request (claim 8) for the purpose of identifying the spoofing with the known protocols.
As to claim 9, (Currently Amended) Efrati discloses The method of claim 1 is silent to yet in an analogous art Peylo discloses wherein the first network node is a Mobility Management Entity, MME; a Serving General Packet Radio Services Support Node, SGSN; or a Visited Location Register, VLR. See [0064]-[0067], etc. Before the effective filing date of the instant invention it would have been obvious to one of ordinary skill in the art to modify the method of Efrati wherein the first network node is a Mobility Management Entity, MME; a Serving General Packet Radio Services Support Node, SGSN; or a Visited Location Register, VLR as taught by Peylo in order to implement in a state of the art system.
As to claim 10, (Currently Amended) Efrati deiscloses The method of claim 1 is silent to yet in an analogous art Peylo discloses wherein the second network node is a Home Subscriber Server, HSS; a Home Location Register, HLR; a Mobility Management Entity, MME; or a Serving General Packet Radio Services Support Node, SGSN. See [0064]-[0067], etc. Before the effective filing date of the instant invention it would have been
obvious to one of ordinary skill in the art to modify the method of Efrati wherein the second network node is a Home Subscriber Server, HSS; a Home Location Register, HLR; a Mobility Management Entity, MME; or a Serving General Packet Radio Services Support Node, SGSN as taught by Peylo in order to implement in a state of the art system.
As to claim 11, (Currently Amended) Efrati discloses The method of claim 1 is silent to yet in an analogous art Peylo discloses wherein:
the first network node is comprised in a first Public Land Mobile Network, PLMN; and the second network node is comprised in a second PLMN. See Figs 1-3 and [0057] which speaks of multiple networks. Before the effective filing date of the instant invention it would have been obvious to one of ordinary skill in the art to modify the method of Efrati wherein: the first network node is comprised in a first Public Land Mobile Network, PLMN; and the second network node is comprised in a second PLMN for the purpose of implementation in the real world.
As to claim 12, (Currently Amended) the combination of Efrati and Peylo discloses The method of claim 11 wherein:
receiving the request comprises receiving the request via an edge node of the first PLMN that is communicatively coupled to an edge node of the second PLMN. See Peylo Fig.3, etc.
As to claim 13, (Original) the combination of Efrati and Peylo discloses The method of claim 12 wherein the edge node of the first PLMN is communicatively coupled to the edge node of the second PLMN via a General Packet Radio Services Roaming Exchange, GRX, provider and/or an Internet Packet Exchange, IPX, provider. See Peylo Fig.3, etc.
As to claim 14, (Currently Amended) Efrati discloses The method of claim 1 is silent to yet in an analogous art Peylo discloses wherein the first network node and the second network node are comprised in a Public Land Mobile Network, PLMN. See Figs 1-3 and [0057] which speaks of a single network. Before the effective filing date of the instant invention it would have been obvious to one of ordinary skill in the art to modify the method of Efrati wherein the first network node and the second network node are comprised in a Public Land Mobile Network, PLMN for the purpose of implementation in the real world.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LESTER KINCAID whose telephone number is (571)272-7922. The examiner can normally be reached M-Th: 7-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yuwen Pan can be reached at 571-272-7855. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov.
Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
LESTER G. KINCAID
Primary Patent Examiner
Art Unit 2649
/LESTER G KINCAID/Primary Examiner, Art Unit 2649