Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Independent claims 1, 8 and 15:
Claims 1 is drawn to “apparatus”, claim 08 is drawn to “a method”, and claim 15 is drawn to “a non-transitory computer readable medium”, therefore each of these claim groups falls under one of four categories of statutory subject matter (process/method, machines/products/apparatus, manufactures, and compositions of matter).
Claims 1, 8 and 15 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claims 1, 8 and 15 recites extract feature information indicating a characteristic item in a cyberattack from a news article, extract, from a database storing technical regarding a cyberattack information that has already occurred, technical information related to the extracted feature information and associate the extracted feature information and the extracted technical information with each other. The limitation steps under its broadest reasonable interpretation, covers performance of the limitation in the mind. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind then it falls within the mental process/human activity grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
This judicial exception is not integrated into a practical application because the claim does not recite additional elements that integrate the judicial exception into a practical application.
Claims 1, 8 and 15 recite the additional elements of “at least one memory” and “at least one processor” as recited in the claim. However, at least one memory and at least one processor are recited at a high level of generality and are generic computer components such that they amount to no more than mere instructions to apply the exception using a generic computer. Mere instructions to apply an exception using a generic computer cannot provide an inventive concept. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea.
Considering the claims as a whole, looking at the elements individually and in an ordered combination, does not integrate the abstract idea into a practical application using the considerations set forth above.
The claims does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of the processor and the memory including computer program codes are recited at a high level of generality and are generic computer components such that they amount to no more than mere instructions to apply the exception using a generic computer. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Thus, the claimed elements, either individually, or in the ordered combination do not add significantly more to the abstract idea.
Dependent claims 2-7, 9-14 and 16-21 further clarify the concept recited in independent claims, however this clarification still falls under the concept recited in the independent claims and do not amount to significantly more than the judicial exception.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-21 are rejected under 35 U.S.C. 103 as being unpatentable over Dey et al (2019/0065467) in views of Crabtree et al (2021/0019674).
For claim 1, Dey teaches that An information analysis apparatus (abstract) comprising: at least one memory storing instructions (Dey teaches memory (RAM) with storing instrauction as Dey teaches in par.28 and 111); and at least one processor configured to execute the instructions (Dey teaches CPU executes instructions as Dey teaches in par.28 and 108) to: extract feature information, from a news article (Dey teaches The Stanford NER extracts a set of named entities as Dey teaches in par.50); and extract, from a database storing technical information that has already occurred, technical information related to the extracted feature information (Dey teaches set of articles are crawled (302) are pre-processed (304) and a set of metadata associated with the set of articles are extracted. Further, a set of crime information components are extracted (306) from a set of articles by utilizing the metadata. Further, a plurality of similar news from the set of articles are aggregated (308) across on date, sources of information and languages as Dey teaches in par.36 and 73), and associate the extracted feature information and the extracted technical information with each other (Dey teaches that a set of crime components and a relationship associated with the set of crime components are imported form the crime ontology as Dey teaches in par.73 and 78).
Dey fails to teach indicating a characteristic item in a cyberattack and regarding a cyberattack.
Crabtree teaches, similar system, indicating a characteristic item in a cyberattack and regarding a cyberattack (Crabtree teaches segmenting cyberattack information to appropriate corporation parties as Crabtree teaches in par.94 and 95). It would have been obvious to one ordinary skill in the art to modify Dey to include cyberattack as taught and suggested by Crabtree for the purpose of producing most rapid and efficacious action throughout the enterprise during the attack and issue follow-up reports with and recommendations or information that may lead to long term changes afterward (Crabtree, par.95).
For claims 2, 9 and 16, Dey, as modified by Crabtree, further teaches that at least one processor configured to execute the instructions to: extract at least one of a victim name, damage details, and a damage cost as the feature information from the news article (Dey teaches that pattern learning Victim Name* Named Entity extraction as Dey teaches in par.36 and table 2A and table 2B).
For claims 3, 10 and 17, Dey, as modified by Crabtree, further teaches further at least one processor configured to execute the instructions to: determine whether or not the news article includes a case example of damage from a cyberattack, and extract the feature information from the news article if a result of the determination indicates that a case example of damage from a cyberattack is included (Dey teaches news article includes case example as Dey teaches in par.37).
Dey fails to teach cyberattack.
Crabtree further teaches cyberattack (Crabtree teaches segmenting cyberattack information to appropriate corporation parties as Crabtree teaches in par.94 and 95). It would have been obvious to one ordinary skill in the art to modify Dey to include cyberattack as taught and suggested by Crabtree for the purpose of producing most rapid and efficacious action throughout the enterprise during the attack and issue follow-up reports with and recommendations or information that may lead to long term changes afterward (Crabtree, par.95).
For claims 4, 11 and 18, Dey, as modified by Crabtree, further teaches at least one processor configured to execute the instructions to: store, in a storage region of a storage device, the technical information and the feature information associated therewith in a state where the technical information and the feature information are associated with each other (Dey teaches of storing information as Dey teaches in par.77).
For claims 5, 12 and 19, Dey, as modified by Crabtree, further teaches at least one processor configured to execute the instructions to: wherein the feature information associating means compares a date provided to the technical information in the database with a publication date and time of the news article, and associates the feature information extracted from the news article with the technical information if a difference between the date provided to the technical information and the publication date and time of the news article is within a set range (Dey teaches that wherein the plurality of news articles are aggregated across date, sources of information and languages as Dey teaches in par.76 and 93).
For claims 6, 13 and 20, Dey, as modified by Crabtree, further teaches wherein the technical information includes at least one of information regarding vulnerability of an attacked system, a name of software used in a cyberattack, and cyberattack TTPs (Dey teaches in par.32).
For claims 7, 14 and 21, Dey, as modified by Crabtree, further teaches at least one processor configured to execute the instructions to: specify, if the technical information includes information regarding vulnerability, an event that is caused by the vulnerability, and associate feature information that includes the specified event with the technical information that includes the information regarding vulnerability (Dey teaches in par.32 and 33).
For claim 8, Dey teaches An information analysis method (abstract) comprising: extracting feature information indicating a characteristic item, from a news article (Dey teaches The Stanford NER extracts a set of named entities as Dey teaches in par.50); and extracting, from a database storing technical information that has already occurred, technical information related to the extracted feature information (Dey teaches set of articles are crawled (302) are pre-processed (304) and a set of metadata associated with the set of articles are extracted. Further, a set of crime information components are extracted (306) from a set of articles by utilizing the metadata. Further, a plurality of similar news from the set of articles are aggregated (308) across on date, sources of information and languages as Dey teaches in par.36 and 73), and associating the feature information and the technical information with each other (Dey teaches that a set of crime components and a relationship associated with the set of crime components are imported form the crime ontology as Dey teaches in par.73 and 78).
Dey fails to teach indicating a characteristic item in a cyberattack and regarding a cyberattack.
Crabtree teaches, similar system, indicating a characteristic item in a cyberattack and regarding a cyberattack (Crabtree teaches segmenting cyberattack information to appropriate corporation parties as Crabtree teaches in par.94 and 95). It would have been obvious to one ordinary skill in the art to modify Dey to include cyberattack as taught and suggested by Crabtree for the purpose of producing most rapid and efficacious action throughout the enterprise during the attack and issue follow-up reports with and recommendations or information that may lead to long term changes afterward (Crabtree, par.95).
For claim 15, Dey teaches A non-transitory computer-readable recording medium that includes a program recorded thereon (Dey teaches a non-transitory computer readable medium having a computer readable program embodied therein as Dey teaches in par.8), the program including instructions that cause a computer to carry out the steps of: extracting feature information indicating a characteristic item from a news article (Dey teaches The Stanford NER extracts a set of named entities as Dey teaches in par.50), and extracting, from a database storing technical information that has already occurred, technical information related to the extracted feature information (Dey teaches set of articles are crawled (302) are pre-processed (304) and a set of metadata associated with the set of articles are extracted. Further, a set of crime information components are extracted (306) from a set of articles by utilizing the metadata. Further, a plurality of similar news from the set of articles are aggregated (308) across on date, sources of information and languages as Dey teaches in par.36 and 73), and associating the feature information and the technical information with each other (Dey teaches that a set of crime components and a relationship associated with the set of crime components are imported form the crime ontology as Dey teaches in par.73 and 78).
Dey fails to teach indicating a characteristic item in a cyberattack and regarding a cyberattack.
Crabtree teaches, similar system, indicating a characteristic item in a cyberattack and regarding a cyberattack (Crabtree teaches segmenting cyberattack information to appropriate corporation parties as Crabtree teaches in par.94 and 95). It would have been obvious to one ordinary skill in the art to modify Dey to include cyberattack as taught and suggested by Crabtree for the purpose of producing most rapid and efficacious action throughout the enterprise during the attack and issue follow-up reports with and recommendations or information that may lead to long term changes afterward (Crabtree, par.95).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYUB A MAYE whose telephone number is (571)270-5037. The examiner can normally be reached Monday-Friday 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached at 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AYUB A MAYE/Examiner, Art Unit 2436 /SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436