Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 1-20 are presented for examination.
This action is in response to amendment filed on 10/27/25.
Response to Arguments
Applicant’s arguments filed 10/27/25, have been fully considered but they are not persuasive.
In that remarks, applicant argues in substance:
That: Nowhere in Crabtree is there discussion of initiating probing of a path by sending probe packets to hops along the path, receiving responses to the probe packets from the hops, or hops modifying said responses to include respective vulnerability information. Therefore, Crabtree does not disclose at least "initiating, by a device, probing of a path in a network by sending one or more probe packets along the path, wherein an individual hop of hops along the path responds with vulnerability score information for the individual hop" and "receiving, at the device, modified responses containing the vulnerability score information for individual ones of the hops along the path.
In response to applicant’s argument, under the broadest reasonable interpretation, the claims do not require traceroute-style hop discovery o in-transit packet modification. The claim broadly recites sending packets to network elements and receiving responses containing vulnerability information. Crabtree discloses interrogation agents that transmit authentication and security-related requests to network hosts and receive host-specific responses ([0110]-[0113]). Such requests constitute the claimed probe packets, and the host responses containing security/vulnerability information satisfy the recited responses containing vulnerability score information for individual hosts/hops. Accordingly, Crabtree discloses the claimed probing and response limitation.
Rejection is maintained.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1, 2, 4, 6-9, 11, 12, 14, 16-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Crabtree et al. US Patent Publication Number 2022/0060507, hereinafter Crabtree.
Referring to claim 1, Crabtree discloses a method (abstract, [0058]) comprising:
initiating, by a device (figure 1, DCG 155), probing of a path in a network by sending one or more probe packets along the path, wherein an individual hop (host) of hops (hosts) along the path responds with vulnerability score information (figure 15, step 1520, activity information logged are viewed as vulnerability score information which ultimately leads to the risk/vulnerability score based on previously risk attributes of the network host) for the individual hop ([0107], [0126], local session monitors/interrogation agents are installed along the path to monitor and log all interactions; [0110]-[0112] hosts along the path are hops; [0162], packets are sent and received from computers for interaction);
receiving, at the device, modified responses containing the vulnerability score information for individual ones of the hops along the path ([0107][0108],[0110][0111], a calculated risk score based on the previously-identified risk attributes of a network host and those of each connected neighboring host);
generating, by the device and based on the modified responses, a visual representation of the path that identifies vulnerability scores associated with the individual ones of the hops along the path ([0108][0111][0131], maps and graph are produced to display risk attributes and risk scores for the hosts in the path); and
providing, by the device, the visual representation to a user interface for display ([0128]-[0131], displaying graph and time series data to user based on queried information).
Referring to claim 2, Crabtree discloses the method as in claim 1, wherein initiating the probing of the path comprises: instructing one or more probing agents in the network to send the one or more probe packets along the path ([0113][0124], interrogation agents performs a series of LDAP queries on a domain controller to track and monitor hosts in the path).
Referring to claim 4, Crabtree discloses the method as in claim 1, further comprising: causing a routing decision (alternate pathway simulation) for the network to be made based on the vulnerability scores associated with the individual ones of the hops along the path ([0115], automated predictive decision making and planning and alternate pathway simulations).
Referring to claim 6, Crabtree discloses the method as in claim 1, further comprising: dynamically updating the vulnerability scores associated with the individual ones of the hops along the path based on a real-time threat intelligence feed ([0105], real-time collection of session information as new sessions are requested and as a live session is used while a user interacts with network endpoints; [0122], issuance of specialized alerts, updates and reports may significantly assist in getting the correct mitigating actions done in the most timely fashion).
Referring to claim 7, Crabtree discloses the method as in claim 1, further comprising: causing an automated remediation of identified vulnerabilities in the path based on the vulnerability scores associated with the individual ones of the hops along the path ([0115], automated predictive decision making and planning and alternate pathway simulations).
Referring to claim 8, Crabtree discloses the method as in claim 1, further comprising: incorporating the vulnerability scores associated with the individual ones of the hops along the path with network traffic pattern analysis to detect anomalies in the network (figure 2, step 205, [0120], continuously auto-poll for anomalous network traffic and user usage).
Referring to claim 9, Crabtree discloses the method as in claim 1, wherein the individual ones of the hops along the path obtains its vulnerability score information via an application programming interface (API) ([0117], data collected via API).
Referring to claims 11, 12, 14, 16-20, the claims encompass the same scope of the invention as that of the claims 1, 2, 4, 6-9. Therefore, claims 11, 12, 14, 16-20are rejected on the same ground as the claims 1, 2, 4, 6-9.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 3 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Crabtree in view of Hwang et al., US Patent Publication Number 2014/0156329, hereinafter Hwang.
Referring to claims 3 and 13, Crabtree discloses the invention as described in claims 1 and 11. Crabtree does not teach performing a software bill of materials analysis for the path; and incorporating results of the software bill of materials analysis for the path with the vulnerability scores associated with the individual ones of the hops along the path in the visual representation.
Hwang discloses a use of software bill of materials analysis on a plurality of network nodes to determine the status of at least one process in the process network, and comparing the status of the process to an associated node (abstract, [0003]).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the invention to incorporate the additional BOM analysis of Hwang into Crabtree, because both Crabtree and Hwang discloses tracking and monitoring network nodes and Hwang further suggests using BOM analysis.
A person with ordinary skill in the art would have been motivated to make the modification to Crabtree to enhance vulnerability identification and provide an extra layer of security.
Claims 5 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Crabtree in view of Ashlock et al., US Patent Number, 12,224,928, hereinafter Ashlock.
Referring to claims 5 and 15, Crabtree discloses the invention and the vulnerability score information as described in claims 1 and 11. Crabtree does not explicitly disclose wherein the individual hop of the hops along the path modifies a response to a time-to-live (TTL) header expiry by inserting the vulnerability score information into a TTL expiry message.
Ashlock disclose modifying the one or more probe packets by inserting the energy source information into a time-to-live (TTL) expiry message (Col 8 lines 10-23, Col 12 lines 38-49, step 715).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the invention to incorporate the TTL expiry message concept of Ashlock into Crabtree, because Crabtree and Ashlock both discloses inventions to monitor network path and Ashlock further suggests the use of TTL expiry message on the probing packets (Col 8 lines 10-23, Col 12 lines 38-49, step 715).
A person with ordinary skill in the art would have been motivated to make the modification to Crabtree to enhance network efficiency by preventing packet from endlessly circulating and improve network reliability.
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Crabtree in view of Oberheide et al., US Patent Number, 10,348,756, hereinafter Oberheide.
Referring to claim 10, Crabtree discloses the method as described in claim 1. Crabtree does not explicitly teach querying device information of a particular hop in the path that is unable to obtain the vulnerability score information; querying a third-party vulnerability assessment service using the device information for the vulnerability score information of the particular hop; and adding the vulnerability score information of the particular hop to the visual representation.
Oberheide discloses the use of third-party vulnerability assessment service using the device information (abstract, Col 6 lines 42-52).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the invention to incorporate the idea of using the third-party vulnerability assessment service of Oberheide as a backup vulnerability assessment service of Crabtree, because Crabtree discloses an invention to assess vulnerability for a network, and Oberheide suggests such vulnerability assessment could also be done by a remote third-party service (abstract, Col 6 lines 42-52).
A person with ordinary skill in the art would have been motivated to make the modification to Crabtree to improve reliability and improve device performance by reducing workload on local devices
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LIANGCHE A WANG whose telephone number is (571)272-3992. The examiner can normally be reached M-F 10:00am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached on 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Liang-che Alex Wang
February 23, 2026
/LIANG CHE A WANG/Primary Examiner, Art Unit 2447