Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because:
At step 1:
Claims 1-20 is directed to a “active search based approach for sensor query in geographically” and thus directed to a statutory category.
At step 2A, Prong One:
The claims 1 and 11 recite the following limitation directed to an abstract ideas:
“generating a feature set for each node in a graph, wherein the feature set describes features of a corresponding device operating in a network” recites a mental process as drawing a feature set for each node in a graph, wherein the feature set describes features of a corresponding device operating in a network.
“performing a search based on the feature sets of the nodes to identify a set of nodes of a particular class based on a budget of K queries” recites a mental process as performing a search based on the feature sets of the nodes to identify a set of nodes of a particular class based on a budget of K queries.
“querying the devices associated with the set of nodes” recites the mental process searching the devices associated with the set of nodes.
“performing an action using data returned from querying the devices” recites the mental process for performing an action such as alert, etc. using data returned from querying the devices.
With respect to claims 2-10 and 12-20, claims 2-10 and 12-20 recite limitations directed to an abstract ideas.
At step 2A, Prong Two:
The claims recite the following additional elements:
That the content management system includes “processor” which is high level recitation of generic computer component s and functions and represent mere instruction to apply to a computer as in MPEP 2106.05 (f) which does not provide integration into a practical application.
At step 2B
The conclusions for the mere implementation using a generic computer and mere field of use are carried over and to not provide significantly more.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Regarding claims 1 and 11, the phrase "budget of K queries" renders the claim indefinite because it is unclear what is budget of K queries.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-7, 10-17 and 20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Noel et al. (U.S. Pub. 2023/01111177 A1).
With respect to claim 1, Noel et al. discloses a method comprising:
generating a feature set for each node in a graph, wherein the feature set describes features of a corresponding device operating in a network (i.e., “this data ingest may include, but not be limited to, data about network infrastructure 102, security posture 104, cyber-threats 106, and operational dependencies 108. Data ingested from these data sources may be aggregated by data broker 110 and mapped to nodes (entities) and edges (relationships) in a cyber-graph knowledge base 112.”(0026), fig. 1 show graph visualization 124 and “the system supports deep correlation of data to capture complex interdependencies within cyberspace and how operational elements depend on cyber-assets. It employs property graphs, i.e., attributed, multi-relational graphs with nodes and edges having arbitrary properties. ”(0031) i.e., “Based on a received graph query, cyber-asset knowledge of any requested group of mobile devices may be loaded into graph DB 338 for generating a cyber-graph. ”(0043)));
performing a search based on the feature sets of the nodes to identify a set of nodes of a particular class based on a budget of K queries (i.e., “Next, 406 represents the system receiving a user generated query about a particular kind of impact or risk with respect to one or more cyber events (e.g., alerts or known vulnerabilities). As previously discussed, natural language queries received from a user of the system (e.g., supervisor) are translated into graph queries to search the active data set (active knowledge database) for matching or similar graphs.”(0055) or “ platforms may be a category of an operational element that has latitude/longitude provided by groups). Therefore, the geographic location of a unit is derived from the locations of its platforms.”(0056)and impact or risk are feature sets of the node as claimed invention and active data set for matching or similar graph is set of nodes of a particular class as claimed invention. “In training….phrases refer to values to be matched for particular node or edge properties. There are also phrases that refer to multi-step paths to be matched, e.g., of a certain depth.”(0076) and certain depth is a budget of K queries as claimed invention);
querying the devices associated with the set of nodes (i.e., “Based on a received graph query, cyber-asset knowledge of any requested group of mobile devices may be loaded into graph DB 338 for generating a cyber-graph. ”(0043) “ platforms may be a category of an operational element that has latitude/longitude provided by groups). Therefore, the geographic location of a unit is derived from the locations of its platforms.”(0056)); and
performing an action using data returned from querying the devices (i.e.” In 410, the information from 408 (which includes risk/impact categories for each operation element along with geographic locations) is used to generate (render) the cyber situational understanding overlay. This graphical overlay provides a geographic view (graph visualization 124) of operational threads/services to inform operations”(0057) or “Continuing with the delivery vehicle example, any supervisor from any of the delivery areas may generate a query to determine potential cyberattacks within their respective”(0043) and “In element 412, specific cyber threats are identified as specific graphic icons using type or class identifiers such as, but not limited to, intelligence, command, control, attack elements, intrusions, malware, operational functions, tactics, services, unit structures, threats, etc.’(0058)).
With respect to claim 2, Noel et al. discloses wherein the action includes notifying at least one device, training a model, or generating an inference (i.e., “Such training sets are compiled from examples built manually by subject-matter experts. These baseline examples are then expanded through automated enumeration against base patterns for more comprehensive training coverage.”(0075)).
With respect to claim 3, Noel et al. discloses wherein generating a feature set includes collecting metadata from each of the devices (i.e., “With respect to claim 2, Noel et al. discloses”(0032)).
With respect to claim 4, Noel et al. discloses the method of claim 3, wherein generating a feature set includes storing the feature sets of the devices in respective nodes of the graph ( i.e., “the system supports deep correlation of data to capture complex interdependencies within cyberspace and how operational elements depend on cyber-assets. It employs property graphs, i.e., attributed, multi-relational graphs with nodes and edges having arbitrary properties. ”(0031)).
With respect to claim 5, Noel et al. discloses wherein performing a search includes training a model using a training data set (“In training….phrases refer to values to be matched for particular node or edge properties. There are also phrases that refer to multi-step paths to be matched, e.g., of a certain depth.”(0076) and certain depth is a budget of K queries as claimed invention);
With respect to claim 6, Noel et al. discloses The method of claim 5, wherein the training data set includes features from a set of nodes selected randomly from the graph, identified by performing a walk in the graph (“In training….phrases refer to values to be matched for particular node or edge properties. There are also phrases that refer to multi-step paths to be matched, e.g., of a certain depth.”(0076), or identified from a set of predetermined nodes.
With respect to claim 7, Noel et al. discloses the method of claim 6, wherein the set of nodes included in the training set represents multiple classes (i.e., “data broker 110 may include a centralized data streaming service using a publish/subscribe model, in which data is shared among multiple data producers and consumers.”(0029)).
With respect to claim 10, Noel et al. discloses wherein some of the devices are included in a different network (i.e., “he technology described herein ingests data from various network systems, and then transforms this data into useful information needed for a decision maker's situational understanding (SU) of a corresponding cyberspace. ”(0019)).
Allowable Subject Matter
Claims 8-9 and 18-19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims, since the prior art of record and considered pertinent to the applicant’s disclosure does not teach or suggest the claimed further comprising applying the model to identify nodes of the particular class, wherein a new search is performed when the identified nodes is less than a threshold number of nodes by adding information from the identified nodes to the training data set and retraining the model; wherein some of the devices are geographically overlapped devices.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HUNG T VY whose telephone number is (571)272-1954. The examiner can normally be reached M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi can be reached at (571)272-4078. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HUNG T VY/Primary Examiner, Art Unit 2163 March 5, 2026