DETECTION OF RANSOMWARE

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant's arguments filed April 9, 2026 have been fully considered but they are not persuasive. In pages 1-2, claims 1-4, 7-10, and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Palisse et al. (U.S. 2020/0342104), hereinafter "Palisse", in view of Pohl et al. (U.S. 10,839,072), hereinafter "Pohl". Applicant states that Palisse does not teach or suggest the limitation of “if the determined entropy value exceeds the first predetermined threshold, information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation and contains cryptographic artefacts” as recited in claims 1 and 7. Applicant states that Palisse does not fully teach or suggest the limitation above, but the Office Action (“OA”) dated January 12, 2026 refers to Pohl, and uses the description of Pohl’s ‘copy-on-write’ (“CoW”) process and a CoW storage area, but does not cure the deficiencies of Palisse with respect to amended claims 1 and 7. Applicant states, in page 2 of the remarks, Pohl’s CoW process makes a copy of an original file to be modified, instead of modifying the original file and overwriting the original file, and the CoW storage area is a special rea only used for file created by the CoW process. As described in Pohl, when a potential ransomware attack is identified, it creates a copy of the file by the CoW process in the CoW storage area to ensure that the original copy of the file exists, in the same way it was before the analysis, and does not operates in the same way as the claimed limitation of “if the determined entropy value exceeds the first predetermined threshold… extract at least one section of a memory that relates to the file write operation and contains cryptographic artefacts”, and that the invention of the Applicant writes to the file, extracts at least one section of memory containing cryptographic artefacts, and as a result, any encryption of the file can be reversed using the cryptographic artefacts. Applicant states that Palisse fails to disclose each and every element of claims 1 and 7. Because claims 1 and 7 are believed to be allowable, claims 2-4, 8-10, and 14-16 are believed to be allowable because they depend on claims 1 and 7. Examiner disagrees with the Applicant’s arguments regarding the claim limitation of “if the determined entropy value exceeds the first predetermined threshold… extract at least one section of a memory that relates to the file write operation and contains cryptographic artefacts”, as while indeed, Palisse does not fully teach of suggest the above limitation, in particular, the “extract at least one section of a memory that relates to the file write operation and contains cryptographic artefacts”, the reference of Pohl teaches this limitation in [Col. 3, lines 60-62], a copy-on-write process creates a copy of the original file that can be modified, instead of overwriting it, corresponding to extracting at least one section of memory relating to file write operation, the write operation is performed to a copy-on-write storage area for the file, with the entropy of the file in memory corresponding to cryptographic artefacts, as the entropy of a value is considered as the randomness of the file, in which a completely encrypted file has a high entropy value, as described in [Col. 3, lines 43-56]. Furthermore, it is not stated in the claims or in the Specification that the file that is to be written needs to be the original file itself, and as the copied file is in the copied-on-write storage area is written to. With regards to the statement of the Applicant that the invention be performed so that “any encryption of the file can be reversed using the cryptographic artefacts”, it is not recited anywhere in the claims achieve the result of “any encryption of the file can be reversed”, only what is recited in the claims. It is stated in MPEP § 2111.02(II), that during “examination, statements in the preamble reciting the purpose or intended use of the claimed invention must be evaluated to determine whether or not the recited purpose or intended use results in a structural difference (or, in the case of process claims, manipulative difference) between the claimed invention and the prior art. If so, the recitation serves to limit the claim. See, e.g., In re Otto, 312 F.2d 937, 938, 136 USPQ 458, 459 (CCPA 1963) (The claims were directed to a core member for hair curlers and a process of making a core member for hair curlers. The court held that the intended use of hair curling was of no significance to the structure and process of making.); In re Sinex, 309 F.2d 488, 492, 135 USPQ 302, 305 (CCPA 1962) (statement of intended use in an apparatus claim did not distinguish over the prior art apparatus). To satisfy an intended use limitation which is limiting, a prior art structure which is capable of performing the intended use as recited in the preamble meets the claim”. As the claims do not recite, in the preamble of the claims or otherwise, that “any encryption of the file can be reversed using the cryptographic artefacts”, it is not considered in the rejections for prior art, and as a result, claims 1 and 7 remain rejected under Palisse in view of Pohl, and claims 2-4, 8-10, and 14-16 also remain rejected because they depend on claims 1 and 7. In page 2 of the remarks, it is stated that claims 5 and 11 were rejected under 35 U.S.C. 103 as being unpatentable over Palisse in view of Pohl, further in view of Stolfo (U.S. 10,673,884), hereinafter "Stolfo". Applicant states that the rejection is traversed, as it is stated that claims 1 and 7 is believed to be allowable, and Stolfo fails to cure the deficiencies of Palisse and Pohl for claims 5 and 11. As the Examiner has maintained the rejections for the independent claims 1 and 7 above, and the arguments for claims 5 and 11 do not add substantial information as to why the claims are believed to be allowable, claims 5 and 11 will also have their rejections maintained. In pages 2-3 of the remarks, it is stated that claim 15 was rejected under 35 U.S.C. 103 as being unpatentable over Palisse in view of Pohl, further in view of Stolfo (U.S. 10,673,884), hereinafter "Stolfo". Applicant states that the rejection is traversed, as it is stated that claims 1 and 7 is believed to be allowable, and Stolfo fails to cure the deficiencies of Palisse and Pohl for claim 15. As the Examiner has maintained the rejections for the independent claims 1 and 7 above, and the arguments for claim 15 do not add substantial information as to why the claims are believed to be allowable, claim 15 will also have its rejection maintained. In page 3 of the remarks, it is stated that claims 13 and 18 were rejected under 35 U.S.C. 103 as being unpatentable over Palisse in view of Pohl, further in view of LeCrone et al. (U.S. 2021/0103490), hereinafter "LeCrone". Applicant states that the rejection is traversed, as it is stated that claims 1 and 7 is believed to be allowable, and LeCrone fails to cure the deficiencies of Palisse and Pohl for claims 13 and 18. As the Examiner has maintained the rejections for the independent claims 1 and 7 above, and the arguments for claims 13 and 18 do not add substantial information as to why the claims are believed to be allowable, claims 13 and 18 will also have their rejections maintained. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-4, 7-10, and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Palisse et al. (US 20200342104 A1), hereinafter Palisse, in view of Pohl et al. (US 10839072), hereinafter Pohl. Regarding claim 1, Palisse discloses ‘a method of detecting a file encrypted by ransomware in a computing device, comprising’ ([0026]-[0041] Process of encryption detection method is described in this section of Palisse, with [0026] stating an 'encryption detection method' and listing the process in order.): ‘identifying a file write operation for a file on the computing device’ ([0028] File write requests are retrieved, and the requests comprise a character string to be written as an argument.); ‘determining if a predetermined number of bytes of the file is stored in a memory buffer on the computing device’ ([0028]-[0029] As a file write request is being emitted from a thread 20 in Fig. 1 or Fig. 2 to a file identified by IdF, as stated in paragraph [0095], in an instruction 22 in a user thread 20, wherein the user thread corresponds to a memory buffer on the computing device of the applicant, as the user thread 20 sends a write request to a memory manager 16 as the user thread holds the instructions, and then receives a request return 26 as to whether or not the request has been executed as explained in paragraph [0072], and file identifier IdF 36 designates the file 8 to be written to by write request 24. [0130] Fig. 3, which is the behavioral analysis module 302 of Fig. 2, comprises an extraction operation 318 in paragraph [0128], has an extraction operation 318 ensure that the write request takes effect in the header Ent00 of the file identified as IdF, and the header Ent00 is in an identified file IdF that is in a user thread 20, which corresponds to a memory buffer of the applicant.); ‘determining an entropy value of the predetermined number of bytes in the memory buffer’ ([0029] A first deviation quantity is calculated according to a part of a character string which relates to a header of the file identified as IdF, along with a statistical model for header writing. [0034] A critical quantity is derived from a first deviation quantity, to which the critical quantity corresponds to the entropy value of the predetermined number of bytes in a memory buffer of the applicant, as paragraph [0047]-[0048] state that a second deviation quantity is derived from a first deviation quantity and quantification quantity of the randomness, and using a second deviation as a critical quantity. Therefore, a critical value corresponds to the entropy value of the applicant.); ‘comparing the determined entropy value of the predetermined number of bytes to a first predetermined threshold’ ([0035] A user thread 20 is neutralized if a critical quantity exceeds a first threshold, to which the first threshold corresponds to the first predetermined threshold of the applicant. [0203] Fig. 5 shows a diagram of decision module 304, wherein behavioral value S, wherein in step 340, the behavioral value S is compared with a first threshold, and if it exceeds the first threshold, the thread is neutralized.); Palisse does expressly disclose, but Pohl teaches ‘and wherein if the determined entropy value exceeds the first predetermined threshold, information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation and contains cryptographic artefacts’ ([Col. 6, lines 52-56] Fig. 1, step 106, if entropy value is greater than or equal to a threshold, perform copy-on-write process to copy-on-write storage area. As stated in [Col. 3, lines 60-62], a copy-on-write process creates a copy of the original file that can be modified, instead of overwriting it, corresponding to extracting at least one section of memory relating to file write operation, the write operation is performed to a copy-on-write storage area for the file, with the entropy of the file in memory corresponding to cryptographic artefacts, as the entropy of a value is considered as the randomness of the file, in which a completely encrypted file has a high entropy value, as described in [Col. 3, lines 43-56]. The copy-on-write storage area corresponds to a memory extract component, in conjunction with the copy-on-write process.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse and Pohl before them, to include Pohl’s “information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation and contains cryptographic artefacts” in Palisse’s method performing “detecting a file encrypted by ransomware in a computing device”. One would have been motivated to make such a combination to increase efficiency by having the file continue to be in existence, even if the ransomware attack has occurred that would modify the files, as taught by Pohl [Col. 4, lines 26-35]. Regarding claim 2, Palisse in view of Pohl teach the method of claim 1 as recited above. Palisse also discloses the limitation of ‘monitoring an operation of the computing device to identify the file write operation’ ([0073] Kernel of a system executes a system probe 30, or HIDS probe. The HIDS probe duplicates the system calls of the user threads 20 without being detectable by a user thread 20, and will not execute the requests, including the write requests identified by Palisse.). Regarding claim 3, Palisse in view of Pohl teach the method of claim 1 as recited above. Palisse also discloses the limitation of ‘in which determining the entropy value is based on a Shannon entropy or a modified Shannon entropy’ ([0170] Fig. 4, behavioral analysis module 302 can comprise a second branch, and in block 332, the calculation of randomness is determined to be behavioral value S in a request-value pair 314, denoted as (RE, S), as shown in Fig. 5 as well. It includes a calculation of chi-square (χ_2) as well based on randomness. [0187] Chi-square (χ_2) is preferred to Shannon's entropy, but Shannon's entropy can be used nevertheless in some cases.). Regarding claim 4, Palisse in view of Pohl teach the method of claim 1 as recited above. Palisse also discloses the limitation of ‘in which if the determined entropy value does not exceed the first predetermined threshold, the method further comprises: comparing the determined entropy value to a second predetermined threshold, wherein the second predetermined threshold is lower than the first predetermined threshold’ ([0203] Fig. 5, decision module 304 has a test operation 348 contains a comparison for a second threshold 350, where behavioral value S fails to exceed the first threshold 342 in operation 340, as stated in paragraph [0208]. Critical value is compared to a second threshold, with the second threshold in paragraph [0014], and a second threshold is less than a first threshold in paragraph [0011]. [0214] First and second thresholds can be utilized for the indicator chi-square (χ_2), and corresponds to comparing the entropy values of the applicant with a second predetermined threshold.). Regarding claim 7, Palisse in view of Pohl recites similar limitations to claim 1 as recited above. Palisse also discloses ‘a computing device comprising:’ ([0063]-[0064] Computer 1 of the invention). ‘a processor’ ([0063]-[0064] Computer 1 of the invention comprises a machine 2, comprising a central processing unit (CPU) 4 and a mass memory 6 for storing files, and CPU cooperates with an operating system 10, comprising core or kernel, and programs. Claim 1 states that the encryption detection device comprise a computer with a CPU, and cooperates with the kernel, and executing by the CPU, carries out the functions of the invention.); ‘and a memory buffer’ ([0028] A user thread 20, wherein the user thread corresponds to a memory buffer on the computing device of the applicant, as the user thread 20 sends a write request to a memory manager 16 as the user thread holds the instructions, and then receives a request return 26 as to whether or not the request has been executed as explained in paragraph [0072].); Regarding claim 8, Palisse in view of Pohl teach the computing device of claim 7 as recited above. Palisse also discloses the limitations also present in dependent claim 2 recited above. Regarding claim 9, Palisse in view of Pohl teach the computing device of claim 7 as recited above. Palisse also discloses the limitations also present in dependent claim 3 recited above. Regarding claim 10, Palisse in view of Pohl teach the computing device of claim 7 as recited above. Palisse also discloses the limitations also present in dependent claim 4 recited above. Regarding claim 14, Palisse in view of Pohl teach the method of claim 1 as recited above. Palisse also discloses “which the information provided may include one or more of the process name, the process identifier (PID), the filename of file being written, and the determined entropy value” ([0034] A critical value corresponds to the determined entropy value. [0095] File identifier (idF) designates the file concerned by a write request 24, corresponding to a filename of file being written in Fig. 2. Process identifier (PID) idP can also be provided, stated in [0098], which can also name the process.). Regarding claim 16, Palisse in view of Pohl teach the computing device of claim 7 as recited above. Palisse also discloses the limitations also present in dependent claim 14 recited above. Claims 5 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Palisse in view of Pohl, further in view of Stolfo (US 10673884 B2), and LeCrone et al. (US 20210103490 A1), hereinafter LeCrone. Regarding claim 5, Palisse in view of Pohl teaches the method of claims 1 and 4 as recited above. Palisse in view of Pohl does not appear to disclose, but Stolfo teaches “determining an ASCII frequency count to the predetermined number of bytes” ([Col. 10, lines 49-Col. 11, line 11] Fig. 2, step S216 has a statistical distribution that is generated for each of the partitions created from length distribution, where the frequency distribution of ASCII characters is contained in a payload, and is described as a file in section [Col. 7, lines 35-40].) “comparing the determined ASCII frequency count to a predetermined ASCII frequency count threshold” ([Col. 16, lines 59-62] Character frequency distribution is taken into account when determining computation being larger than a threshold.) “wherein if the determined ASCII frequency count exceeds the predetermined parameter threshold” ([Col. 16, lines 59-62] Character frequency distribution is taken into account when determining computation/distance being larger than a threshold. [Col. 17, lines 21-24] Fig. 10, S432, when server determines the distance exceeds threshold, payload is identified as anomalous.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse and Stolfo before them, to include Stolfo’s “determining an ASCII frequency count to the predetermined number of bytes” and “comparing the determined ASCII frequency count to a predetermined ASCII frequency count threshold” in Palisse’s method performing “detecting a file encrypted by ransomware in a computing device”. One would have been motivated to make such a combination to increase efficiency as a frequency count chart can show which characters show up most frequency, with the most frequent character showing up on the left side of the chart in a rank order, as stated in [Col. 11, lines 30-43]. Palisse in view of Stolfo does not appear to disclose, but Pohl teaches ‘and wherein if the determined value exceeds the first predetermined threshold, information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation’ ([Col. 6, lines 52-56] Fig. 1, step 106, if entropy value is greater than or equal to a threshold, perform copy-on-write process to copy-on-write storage area. As stated in [Col. 3, lines 60-62], a copy-on-write process creates a copy of the original file that can be modified, instead of overwriting it, corresponding to extracting at least one section of memory relating to file write operation. The copy-on-write storage area corresponds to a memory extract component, in conjunction with the copy-on-write process). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse and Pohl before them, to include Pohl’s “information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation” in Palisse’s method performing “detecting a file encrypted by ransomware in a computing device”. One would have been motivated to make such a combination to increase efficiency by having the file continue to be in existence, even if the ransomware attack has occurred that would modify the files, as taught by Pohl [Col. 4, lines 26-35] Palisse in view of Pohl and Stolfo does not appear to disclose, but LeCrone teaches the method of ‘do not exceed the predetermined parameter threshold’ ([0121] Fig. 27, if entropy of a file is less than a threshold, go to step 1006, but then the invention determines if an encrypt flag is set, and if it is set, when data is not meant to be encrypted as determined by step 1004, an encryption anomaly is indicated in step 1008.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse, Pohl, Stolfo and LeCrone before them, to include LeCrone’s ‘do not exceed the predetermined parameter threshold’ in Palisse’s limitation of ‘and wherein if the determined one or more parameters exceed the predetermined parameter threshold, flagging the file associated with the file write operation indicated that the file is encrypted by ransomware’ in claim 5 and method performing ‘detecting a file encrypted by ransomware in a computing device’. One would have been motivated to make such a combination to enhance security by verifying a file that the indication of step 1004 in Fig. 27 is correct, as otherwise, a file that has an encrypt flag set and has a low entropy can infiltrate the system and proceed to execute the ransomware in the system of a user, as stated in LeCrone [0122]. Regarding claim 11, Palisse in view of Pohl teach the computing device of claim 7 as recited above. Palisse in view of Pohl further in view of LeCrone also teach the limitations also present in dependent claim 5 recited above. Claims 15 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Palisse in view of Pohl, further in view of Stolfo. Regarding claim 15, Palisse in view of Pohl teach the method of claims 1 and 4 as recited above. Palisse also discloses “wherein if a length does not exceed the predetermined parameter threshold” ([0203] Fig. 5, decision module 304 has a test operation 348 contains a comparison for a second threshold 350, where behavioral value S fails to exceed the first threshold 342 in operation 340.); Palisse does not disclose, but Stolfo teaches “in which if the determined entropy value exceeds the second predetermined threshold, the method further comprises: determining a maximum ASCII string length related to the predetermined number of bytes” ([Col. 12, lines 1-2] Fig. 6A, payload signature string 150 includes plurality of ASCII characters. [Col. 18, lines 52-57] String edit distance tests for equivalence of strings and signature string.); “and comparing the determined maximum ASCII string length to a predetermined maximum ASCII string length threshold” ([Col. 17, lines 15-19] Fig. 10, S428, a comparison is made if string edit distance is greater than the threshold, being the signature string. In this case, a payload signature string is compared to a payload received.); “wherein if the determined maximum ASCII string length exceeds the predetermined parameter threshold” ([Col. 17, lines 21-24] Fig. 10, S432, when server determines the distance exceeds threshold, payload is identified as anomalous.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse and Stolfo before them, to include Stolfo’s “determining a maximum ASCII string length related to the predetermined number of bytes” and “comparing the determined maximum ASCII string length to a predetermined maximum ASCII string length threshold” in Palisse’s method performing “detecting a file encrypted by ransomware in a computing device”. One would have been motivated to make such a combination to enhance security as the longest common string will be found in payloads or files that are considered anomalous, as it can indicate a malicious action in the payload, as stated in [Col. 17, lines 39-52]. Palisse in view of Stolfo does not appear to teach, but Pohl teaches ‘information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation’ ([Col. 6, lines 52-56] Fig. 1, step 106, if entropy value is greater than or equal to a threshold, perform copy-on-write process to copy-on-write storage area. As stated in [Col. 3, lines 60-62], a copy-on-write process creates a copy of the original file that can be modified, instead of overwriting it, corresponding to extracting at least one section of memory relating to file write operation.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse and Pohl before them, to include Pohl’s “information associated with the file write operation is provided to a memory extraction component to identify and extract at least one section of a memory that relates to the file write operation” in Palisse’s method performing “detecting a file encrypted by ransomware in a computing device”. One would have been motivated to make such a combination to increase efficiency by having the file continue to be in existence, even if the ransomware attack has occurred that would modify the files, as taught by Pohl [Col. 4, lines 26-35]. Regarding claim 17, Palisse in view of Pohl teach the method of claims 7 and 10 as recited above. Palisse in view of Pohl further in view of Stolfo also teach the limitations also present in dependent claim 15 recited above. Claim 13 and 18 is rejected under 35 U.S.C. 103 as being unpatentable over Palisse in view of Pohl, further in view of LeCrone. Regarding claim 13, Palisse in view of Pohl recites similar limitations to claim 1 as recited above. Palisse in view of Pohl does not appear to disclose, but LeCrone teaches the method of ‘computer program product comprising computer readable executable code for implementing the method comprising:’ ([0129] Software implementations of the invention include executable code stored in a non-transitory computer-readable medium, which is execute by one or more processors, which corresponds to a computer program product of the applicant to perform the processes of the invention.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Palisse, Pohl, and LeCrone before them, to include LeCrone’s ‘computer program product comprising computer readable executable code’ in Palisse’s function of performing ‘identifying a file write operation for a file on the computing device’. One would have been motivated to make such a combination to increase efficiency by having a physical media such as a disk, SD card, hard drive, or otherwise a tangible or non-transitory computer-readable medium to store the invention and have the instructions be executed by a processor of the invention, as taught by LeCrone [0129]. Regarding claim 18, Palisse in view of Pohl and LeCrone teach the computer program product of claim 13 as recited above. Palisse also discloses the limitations also present in dependent claim 14 recited above. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to TOMMY MARTINEZ whose telephone number is (703)756-5651. The examiner can normally be reached Monday thru Friday 8AM-4PM ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached at (571) 272-7624 on Monday thru Friday 7AM-7PM ET. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /T.M./ Examiner, Art Unit 2496 /JORGE L ORTIZ CRIADO/ Supervisory Patent Examiner, Art Unit 2496