DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 1-7, 9-12 are rejected in the Instant Application.
Claim 8 is objected to.
Priority
Examiner acknowledges Applicant’s claim to priority benefits of IN 202211042861 filed 1/26/2023.
Claim Objections
Claim 8 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims..
Claim Rejections
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claim(s) 1-7, 9 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
Claims 3 and 9 refer to “prior to the segregation” but depend from the independent claims. Segregation is not introduced until Claims 2 and 8 and therefore the claims have an antecedent basis problem. Examiner assumes the intent was to have Claims 3/9 depend from Claims 2/8 and treats the claims for prior art purposes as if they depended therefrom.
Claim limitation “node configured to” in Claim 1 invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Node functions as a nonce term similar to “module for” that does not convey any particular structure. The nodes are then “configured to” perform functions and therefore invoke 112(f). The specification fails to provide an algorithm of sufficient specificity for performing each of the functions performed by the nodes. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph. Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph;
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
The above cited rejections are merely exemplary.
The Applicant(s) are respectfully requested to correct all similar errors.
Claims not specifically mentioned are rejected by virtue of their dependency.
Claim Rejections - 35 USC § 103
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 4-7, and 10-12 are rejected under 35 U.S.C. 103 as being unpatentable over Kaznocha (US Pub. 2024/0098118) in view of Cummings (US Pub. 2018/0368007).
With respect to Claim 1, Kaznocha teaches a system (100) comprising: a plurality of nodes (102) comprising: a first set of nodes (102a); (Figs. 1-2, paras. 17, 25-26; network endpoints 203)
a second set of nodes (102b) (Figs. 1-2, paras. 17, 25-26; security controllers 101)
configured to (i) detect a type of attack on each node of the first set of nodes (102a), (paras. 22-23, 44-48; distributed security controllers share traffic data such as number of requests from a client. A security controller compares the state of the traffic data to rules to determine if the node is under a defined or undefined attack. The security controller classifies the type and severity of the attack.)
(ii) generate a set of attack patterns for the first set of nodes (102b), (para. 48; the security controller identifies that a volumetric attack is underway and determines whether the attack is of a lower or greater severity.)
(iii) select one or more attack patterns from the generated set of attack patterns having a matching score value higher than a pre-defined threshold value, (para. 48; the system at first determines that the attack is of a lower severity, but then identifies the attack as having reached a higher severity when the traffic count exceeds a threshold value)
(iv) generate a first set of protocols for the one or more attack patterns having the matching score value higher than the pre-defined threshold value, (para. 48; when the attack is of the greater severity, the protocol is to block future requests from the client)
and (v) generate a second set of protocols for one or more attack patterns having the matching score value lower than the pre-defined threshold value; (para. 48; the security controller will rate limit future requests from a client when the attack is of lower severity. Rate limiting is a second protocol for the same attack (volumetric attack) with a less-matched pattern because the state is a high severity attack and rate limiting is a protocol for lower severity.)
and a third set of nodes (102c) (Figs. 1-2, paras. 25-26; configuration controller 201. To the extent that a “set of nodes” implies more than one, simple duplication or making separable are obvious, see MPEP 2144. It would have been obvious to one of ordinary skill prior to the effective filing date to duplicate the configuration functionality in order to allow for high availability in the event that a first configuration controller fails.)
and (ii) distribute the set of valid protocols to each node of the plurality of nodes (102). (paras. 31-33; configuration controller distributes rules to security controllers. Validators will be taught later and it would have been obvious to one of ordinary skill prior to the effective filing date to have the validators distribute the protocols to the nodes after the validation in order to check the protocols for errors prior to distribution to protect all the nodes.)
But Kaznocha does not explicitly teach validation.
Cummings, however, does teach configured to (i) check a validity of each protocol of the first set of protocols and a validity of each protocol of the second set of protocols, to generate a set of valid protocols, (paras. 103-104; system validates a proposed remediation of a security breach.)
It would have been obvious to one of ordinary skill prior to the effective filing date to combine system of Kaznocha with the validity check in order to prevent unintended consequences to the system. (Cummings, para. 103)
With respect to Claim 4, modified Kaznocha teaches the system (100) as claimed in claim 1, and Kaznocha also teaches wherein, prior to the detection of the type of attack on the on each node of the first set of nodes (102a), the plurality of nodes (102) are configured to detect a cyber-attack on each node of the first set of nodes (102a), (paras. 22-23, 44-48; system determines a violation of a rule)
wherein, to detect the cyber-attack on each node of the first set of nodes (102a), the plurality of nodes (102) are configured to compare the traffic data of each node of the plurality of nodes (102) with pre-defined traffic data corresponding to the category of service of each node of the plurality of nodes (102). (paras. 67-70; Rules are defined by using artificial intelligence or machine learning to model regular usage or access patterns for an endpoint. Paras. 17, 34-35, 40; An endpoint is unique for a service regardless of where the service is distributed. Para. 46; rules may be different for different endpoints. Therefore, each category of service has its own set of rules based upon the regular usage of that service.)
With respect to Claim 5, modified Kaznocha teaches the system (100) as claimed in claim 1, and Kaznocha also teaches wherein, prior to the selection of the one or more attack patterns from the generated set of attack patterns, the second set of nodes (102b) are configured to (i) compare each of the generated attack pattern of the set of attack patterns with a set of pre-defined attack patterns, and (ii) generate the matching score value for each attack pattern for the set of attack patterns. (para. 48; system determines that a given state matches either a low or high severity attack based on the traffic state meeting a rule threshold)
With respect to Claim 6, modified Kaznocha teaches the system (100) as claimed in claim 1, and Kaznocha also teaches wherein, upon the distribution of the one or more valid protocols, the second set of nodes (102b) are configured to mitigate the cyber-attack on one or more node of the first set of nodes (102a) using the set of valid protocols. (para. 48; nodes mitigate volumetric attack by rate limiting request or blocking request.)
With respect to Claim 7, it is substantially similar to Claim 1 and is rejected in the same manner, the same art and reasoning applying.
With respect to Claims 10-12, they are substantially similar to Claims 4-6, respectively, and are rejected in the same manner, the same art and reasoning applying.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NICHOLAS P CELANI whose telephone number is (571)272-1205. The examiner can normally be reached on M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on 571-272-7304. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/NICHOLAS P CELANI/Examiner, Art Unit 2449