Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendments / Arguments
Regarding the rejection(s) of claims under 35 USC 101:
Applicant’s arguments, filed 03/19/2026, have been fully considered and are persuasive. Therefore the rejection of the 101 has been withdrawn.
Regarding the rejection(s) of claims under 35 USC 112(b):
Applicant’s arguments, filed 03/19/2026, with respect to claim(s) 2-3, 7 and 9-10 have been fully considered and are persuasive. The rejection of claim(s) 2-3, 7 and 9-10 has been withdrawn.
Regarding the rejection(s) of claims under 35 USC 103:
Applicant's arguments filed 03/19/2026, have been fully considered but they are not persuasive.
Applicant argues that "Stokes does not augment known attack data" and that paragraph [0028] of Stokes describes the initial dataset as "free of compromises." In response, it is noted that the rejection does not rely on Stokes for the teaching of known attack data. As expressly set forth in the rejection, "Although Stokes teaches a dataset that is 'clean/trusted' it does not explicitly teach that the data is known attack data. However, Chen teaches: Wherein the known data is known attack data (Chen: [0052], [0058] and [0063])." Applicant's argument therefore attacks Stokes individually rather than addressing the combination of Stokes and Chen as set forth in the rejection.
Applicant further argues that Stokes does not produce data that lies "within the initial distribution of SQL statements and outside of the initial distribution of SQL statements and preserves the logic of the known attack data." In response, it is noted that at least paragraph [0073] of Stokes recites "leverage data augmentation to effectively increase the frequency of least-frequent patterns;" i.e., augmented data outside the initial distribution. At least paragraph [0040] of Stokes further recites producing augmented samples "having an unchanged ground-truth label;". It is further noted that the rejection relies on Klein for the SQL statements portion of the rejection which would be an obvious combination and was not argued or even mentioned in the remarks.
Therefore, the identified claim language is considered to be taught by the combined references, and the rejection is maintained. Further, since Applicant has not presented additional arguments concerning the dependent claims, their rejections are likewise maintained.
DETAILED ACTION
This is a reply to the application filed on 03/19/2026, in which, claims 1, 3-6, 8, and 10-13 are pending. Claims 1, and 8 are independent. Claims 2, 7 and 9 are cancelled
When making claim amendments, the applicant is encouraged to consider the references in their entireties, including those portions that have not been cited by the examiner and their equivalents as they may most broadly and appropriately apply to any particular anticipated claim amendments.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 4, 8 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Stokes et al. (US 20230148116 A1, referred to as Stokes), in view of Chen et al. (US 20190132343 A1, referred to as Chen) in further view of Klein et al. (US 20200097587 A1, referred to as Klein).
In reference to claim 1, A process for augmenting security-domain data for use in automated training and deployment of a machine learning (ML) model classification tool for classifying between benign and malicious Structured Text Input requests to a network or application, comprising (Stokes: [0006]-[0008] and [0027]-[0029] Provides for a process for augmenting data to train ML models for security purposes.)
Establishing, by an Structured Text Input engine, a first set of security-domain data including known data, wherein the first set of security-domain data establish an initial distribution of Structured Text Input statements (Stokes: [0028]-[0029], [0035]-[0036], [0054]-[0055] and [0089] Provides for an "initial dataset" that serves as a trusted baseline with a known distribution.)
applying multiple augmentation methodologies to at least a portion of the security-domain Structured Text Input statement data in the first set to establish a second set of security-domain Structured Text Input statement data, wherein the multiple augmentation methodologies produce multiple types of additional security-domain Structured Text Input statement data that lies within the initial distribution of Structured Text Input statements and outside of the initial distribution of Structured Text Input statements and preserves the logic of the known data (Stokes: [0029], [0036]-[0039], [0040], [0057], [0073], [0090] and [0101] Provides for applying augmentation methodologies (syntactic paraphrasing, synonym substitution, token insertion) to the initial dataset to create an augmented dataset.)
combining the first and second sets of security-domain Structured Text Input statement data to establish an extended set of security-domain Structured Text Input statement data (Stokes: [0040], [0042], [0059] and [0079]-[0080] Provides for combining the initial (trusted) dataset with the augmented dataset for training. The two-stage training process clearly involves using "both the initial dataset 102 and the augmented dataset 108" together.)
training the machine learning (ML) model classification tool using a portion of the extended set of security-domain Structured Text Input statement data to classify between benign and malicious Structured Text Input requests to a network or application (Stokes: [0029], [0040], [0045], [0059] and [0091] Provides for training the ML model using the combined/extended dataset.)
Deploying the trained ML model classification tool in a network or application environment, wherein the trained ML model classification tool identifies and allows benign Structured Text Input requests and blocks malicious Structured Text Input requests (Stokes: [0006], [0030]-[0033] and [0046] Provides for deployment in a live network/datacenter environment where the trained model identifies compromised inputs and either rejects them or activates security mechanisms.)
Although Stokes teaches a dataset that is "clean/trusted" it does not explicitly teach that the data is known attack data. However, Chen teaches: Wherein the known data is known attack data (Chen: [0052], [0058] and [0063] Provides for a a first set of security-domain data consisting of labeled attack data ("positive examples") that serves as input to the generative model. Chen explicitly states the positive examples (known attacks) are the input to the generative model.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes, which provides a process for augmenting security-domain data using various methodologies to create an extended dataset for training machine learning models to classify benign and malicious requests, with the teachings of Chen, which introduces using known attack data as the initial dataset for augmentation. One of ordinary skill in the art would recognize the ability to incorporate Chen's specific focus on known attack data into Stokes's augmentation framework to enhance the model's ability to detect malicious behavior. One of ordinary skill in the art would be motivated to make this modification in order to improve the ML model's capability to identify actual threats by training it on real attack patterns.
Stokes in view of Chen doesn’t explicitly teach that wherein the Structured Text Input comprises SQL statements. However, Klein Teaches:
Wherein the Structured Text Input comprises SQL statements (Klein: [0005], [0022], [0042], and [0050] Provides for the Structured Text Input being SQL statements, explicitly describes detecting malicious database activity, such as SQL injection attempts and states that the application 218 typically communicates with the database system 214 using a query language, such as the structured query language (SQL). Klein further teaches that dynamic SQL statements are processed by a SQL processor 246 responsible for parsing the dynamic SQL statement 222, generating a query plan, overseeing query execution, and returning query results.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes in view of Chen, which together provide a process for augmenting known attack data to train machine learning models for classifying benign and malicious structured text input requests, with the teachings of Klein, which introduces specifically applying this classification framework to SQL statements and SQL injection attack detection. One of ordinary skill in the art would recognize the ability to incorporate Klein's SQL-specific context into the combined security data augmentation and classification system to provide targeted protection against database-level attacks. One of ordinary skill in the art would be motivated to make this modification in order to address the persistent and widespread threat of SQL injection by training the ML classification tool specifically on augmented SQL attack patterns.
In reference to claim 4, The process according to claim 1, wherein the at least one of the one or more augmentation methodologies produces data that lie within the initial distribution (Chen: [0051], [0054], [0055] and [0063]-[0064] Provides for VAE-based methodology directly and explicitly teaches generating synthetic data that lies within (or approximates) the initial distribution of known attack data.)
In reference to claim 8, At least one non-transitory computer-readable medium storing instructions that, when executed by a computer, perform a process for augmenting security-domain data for use in automated training and deployment of a machine learning (ML) model classification tool for classifying between benign and malicious Structured Text Input requests to a network or application, comprising (Stokes: [0006]-[0008] and [0027]-[0029] Provides for a process for augmenting data to train ML models for security purposes.)
Establishing, by an Structured Text Input engine, a first set of security-domain data including known data, wherein the first set of security-domain data establish an initial distribution of Structured Text Input statements (Stokes: [0028]-[0029], [0035]-[0036], [0054]-[0055] and [0089] Provides for an "initial dataset" that serves as a trusted baseline with a known distribution.)
applying multiple augmentation methodologies to at least a portion of the security-domain Structured Text Input statement data in the first set to establish a second set of security-domain Structured Text Input statement data, wherein the multiple augmentation methodologies produce multiple types of additional security-domain Structured Text Input statement data that lies within the initial distribution of Structured Text Input statements and outside of the initial distribution of Structured Text Input statements and preserves the logic of the known data (Stokes: [0029], [0036]-[0039], [0040], [0057], [0073], [0090] and [0101] Provides for applying augmentation methodologies (syntactic paraphrasing, synonym substitution, token insertion) to the initial dataset to create an augmented dataset.)
combining the first and second sets of security-domain Structured Text Input statement data to establish an extended set of security-domain Structured Text Input statement data (Stokes: [0040], [0042], [0059] and [0079]-[0080] Provides for combining the initial (trusted) dataset with the augmented dataset for training. The two-stage training process clearly involves using "both the initial dataset 102 and the augmented dataset 108" together.)
training the machine learning (ML) model classification tool using a portion of the extended set of security-domain Structured Text Input statement data to classify between benign and malicious Structured Text Input requests to a network or application (Stokes: [0029], [0040], [0045], [0059] and [0091] Provides for training the ML model using the combined/extended dataset.)
Deploying the trained ML model classification tool in a network or application environment, wherein the trained ML model classification tool identifies and allows benign Structured Text Input requests and blocks malicious Structured Text Input requests (Stokes: [0006], [0030]-[0033] and [0046] Provides for deployment in a live network/datacenter environment where the trained model identifies compromised inputs and either rejects them or activates security mechanisms.)
Although Stokes teaches a dataset that is "clean/trusted" it does not explicitly teach that the data is known attack data. However, Chen teaches: Wherein the known data is known attack data (Chen: [0052], [0058] and [0063] Provides for a a first set of security-domain data consisting of labeled attack data ("positive examples") that serves as input to the generative model. Chen explicitly states the positive examples (known attacks) are the input to the generative model.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes, which provides a process for augmenting security-domain data using various methodologies to create an extended dataset for training machine learning models to classify benign and malicious requests, with the teachings of Chen, which introduces using known attack data as the initial dataset for augmentation. One of ordinary skill in the art would recognize the ability to incorporate Chen's specific focus on known attack data into Stokes's augmentation framework to enhance the model's ability to detect malicious behavior. One of ordinary skill in the art would be motivated to make this modification in order to improve the ML model's capability to identify actual threats by training it on real attack patterns.
Stokes in view of Chen doesn’t explicitly teach that wherein the Structured Text Input comprises SQL statements. However, Klein Teaches:
Wherein the Structured Text Input comprises SQL statements (Klein: [0005], [0022], [0042], and [0050] Provides for the Structured Text Input being SQL statements, explicitly describes detecting malicious database activity, such as SQL injection attempts and states that the application 218 typically communicates with the database system 214 using a query language, such as the structured query language (SQL). Klein further teaches that dynamic SQL statements are processed by a SQL processor 246 responsible for parsing the dynamic SQL statement 222, generating a query plan, overseeing query execution, and returning query results.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes in view of Chen, which together provide a process for augmenting known attack data to train machine learning models for classifying benign and malicious structured text input requests, with the teachings of Klein, which introduces specifically applying this classification framework to SQL statements and SQL injection attack detection. One of ordinary skill in the art would recognize the ability to incorporate Klein's SQL-specific context into the combined security data augmentation and classification system to provide targeted protection against database-level attacks. One of ordinary skill in the art would be motivated to make this modification in order to address the persistent and widespread threat of SQL injection by training the ML classification tool specifically on augmented SQL attack patterns.
In reference to claim 11, The at least one non-transitory computer-readable medium according to claim 8, the process further comprising: wherein the at least one of the one or more augmentation methodologies produces data that lie within the initial distribution (Chen: [0051], [0054], [0055] and [0063]-[0064] Provides for VAE-based methodology directly and explicitly teaches generating synthetic data that lies within (or approximates) the initial distribution of known attack data.)
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 3 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Stokes et al. (US 20230148116 A1, referred to as Stokes), in view of Chen et al. (US 20190132343 A1, referred to as Chen) in further view of Klein et al. (US 20200097587 A1, referred to as Klein) in further view of Miyamoto et al. (US 20240232704 A9, referred to as Miyamoto).
In reference to claim 3, The process according to claim 1, wherein the at least one of the one or more augmentation methodologies that produces data outside of the initial distribution and preserves logic of the known attack data is a reinforced learning (RL)-based augmentation methodology (Miyamoto: [0024] and [0104]-[0105] Provides for reinforcement learning-based augmentation that preserves reward-affecting elements (analogous to attack logic) while varying environmental conditions.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes in view of Chen, which together provide a process for augmenting known attack data to train machine learning models for security classification, with the teachings of Miyamoto, which introduces reinforcement learning-based augmentation methodologies that preserve essential logic while creating variations. One of ordinary skill in the art would recognize the ability to incorporate Miyamoto's RL-based augmentation approach into the combined security data augmentation system to generate more sophisticated and diverse attack variations. One of ordinary skill in the art would be motivated to make this modification in order to create more intelligent augmented samples.
In reference to claim 10, The at least one non-transitory computer-readable medium according to claim 8, the process further comprising: wherein the at least one of the one or more augmentation methodologies that produces data outside of the initial distribution and preserves logic of the known attack data is a reinforced learning (RL)-based augmentation methodology (Miyamoto: [0024] and [0104]-[0105] Provides for reinforcement learning-based augmentation that preserves reward-affecting elements (analogous to attack logic) while varying environmental conditions.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes in view of Chen, which together provide a process for augmenting known attack data to train machine learning models for security classification, with the teachings of Miyamoto, which introduces reinforcement learning-based augmentation methodologies that preserve essential logic while creating variations. One of ordinary skill in the art would recognize the ability to incorporate Miyamoto's RL-based augmentation approach into the combined security data augmentation system to generate more sophisticated and diverse attack variations. One of ordinary skill in the art would be motivated to make this modification in order to create more intelligent augmented samples.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 5-6 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Stokes et al. (US 20230148116 A1, referred to as Stokes), in view of Chen et al. (US 20190132343 A1, referred to as Chen) in further view of Klein et al. (US 20200097587 A1, referred to as Klein) in further view of Yin et al. (US 20230121812 A1, referred to as Yin).
In reference to claim 5, The process according to claim 4, wherein the at least one of the one or more augmentation methodologies that produces data that lie within the initial distribution is a random modification augmentation (Yin: [0023]-[0024] Provides for several augmentation techniques that involve random elements, including sample pairing with "randomly chosen" training data and "noise directed to color" which implies random noise injection.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes in view of Chen, which together provide a process for augmenting known attack data to train machine learning models for security classification, with the teachings of Yin, which introduces random modification augmentation techniques that create variations within the data distribution. One of ordinary skill in the art would recognize the ability to incorporate Yin's random modification approach into the combined security data augmentation system to generate diverse training samples that remain within the established attack pattern distribution. One of ordinary skill in the art would be motivated to make this modification in order to improve model robustness by exposing it to natural variations of attack patterns.
In reference to claim 6, The process according to claim 5, wherein the random modification augmentation is a Bayesian-based augmentation methodology (Yin: [0029] and [0035] Provides for "bayesian networks" as one of the artificial intelligence methods that can be used in both the data analyzer and data augment generator components.)
In reference to claim 12, The at least one non-transitory computer-readable medium according to claim 11, the process further comprising: wherein the at least one of the one or more augmentation methodologies that produces data that lie within the initial distribution is a random modification augmentation (Yin: [0023]-[0024] Provides for several augmentation techniques that involve random elements, including sample pairing with "randomly chosen" training data and "noise directed to color" which implies random noise injection.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Stokes in view of Chen, which together provide a process for augmenting known attack data to train machine learning models for security classification, with the teachings of Yin, which introduces random modification augmentation techniques that create variations within the data distribution. One of ordinary skill in the art would recognize the ability to incorporate Yin's random modification approach into the combined security data augmentation system to generate diverse training samples that remain within the established attack pattern distribution. One of ordinary skill in the art would be motivated to make this modification in order to improve model robustness by exposing it to natural variations of attack patterns.
In reference to claim 13, The at least one non-transitory computer-readable medium according to claim 12, the process further comprising: wherein the random modification augmentation is a Bayesian-based augmentation methodology (Yin: [0029] and [0035] Provides for "bayesian networks" as one of the artificial intelligence methods that can be used in both the data analyzer and data augment generator components.)
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892.
Applicant’s amendment necessitated the new ground(s) of rejection presented in this office action. Accordingly, THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AIDAN EDWARD SHAUGHNESSY whose telephone number is (703)756-1423. The examiner can normally be reached on Monday-Friday from 7:30am to 5pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson, can be reached at telephone number (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from Patent Center and the Private Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from Patent Center or Private PAIR. Status information for unpublished applications is available through Patent Center and Private PAIR for authorized users only. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/usptoautomated-interview-request-air-form.
/A.E.S./Examiner, Art Unit 2432
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432