Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Detailed Action
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 02/04/2026 has been entered.
Claim 1 has been amended
Claims 2, 5, 12, and 19 have been cancelled
Claims 1, 3, 4, 6-11, 13-18, and 20 are pending
Priority
This application claims benefit of priority to U.S. Provisional Patent Application No. 63/625,773, filed on January 26, 2024. Therefore, the effective filing date of this application is January 26, 2024.
Response to Arguments
Applicant’s arguments filed 02/04/26 have been fully considered.
With respect to the USC 112(b) rejection for claim 1. The rejection has been overcome due to applicant’s amendments. However, the rejection for claim 7 remains due to the claim not being amended to overcome the rejection.
With respect to the USC 103 rejection for independent claims 1, 3, 4, 6, and 7. The rejection has been overcome due to applicant’s amendments and remarks.
Examiner is now rejecting independent claims 1, 3, 4, 6-11, 13-18, and 20 under a new USC 112(b) due to the claims being indefinite for failing to particularly point out and distinctly claim the subject matter.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1, 3, 4, 6-11, 13-18, and 20 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claims 1, 3, 4, and 6 recite the limitation " the exploit ". There is insufficient antecedent basis for this limitation in the claim. Furthermore, the claim recites of detecting exploit related content by analyzing network content. The claim further recites “an application layer protocol session being associated with the exploit; and dropping traffic associated with the exploit”. It is unclear what is the link between network content, exploit related content, the exploit, and the application layer protocol session. The claims states dropping traffic associated with the exploit. However, the detection is done based on exploit related content not the exploit. Examiner suggests amending claim 1 to recite “… an application layer protocol session of the network content being associated with an exploit, wherein the exploit related content is associated with the exploit; and dropping traffic associated with the exploit …”. Appropriate correction is required.
Claims 3, 4, 6, and 7 depend on claim 1 and therefore inherit the rejection.
Claims 8, and 15 recite the limitations detecting “exploit related content” by analyzing “network content” and then dropping traffic associated with “an exploit”. The claim further recites of the ML model outputting a prediction value of a likelihood an application layer protocol session being associated with the exploit. It is unclear what is the link between network content, exploit related content, the exploit, and the application layer protocol session. The claims states dropping traffic associated with an exploit. However, the detection is done based on exploit related content not the exploit. Examiner suggests amending claim 8 as “detecting, via analysis of the network content by a neural network machine learning (ML) model using a one-dimensional convolution algorithm, exploit related content, wherein the exploit related content is associated with an exploit; and dropping traffic associated with the exploit identified in the network content”. Examiner suggests amending claim 15 as “detecting exploit related content via analysis of the network content by a neural network machine learning (ML) model using a one-dimensional convolution algorithm, wherein the exploit related content is associated with an exploit; and dropping traffic associated with the exploit identified in the network content”. Furthermore, examiner suggests amending the limitation of claims 8 and 15 as “an application layer protocol session of the network content being associated with the exploit” to provide a clear link between the application layer protocol session and the network content. Appropriate correction is required.
Claims 9-11, 13, 14, 16-18, and 20 depend on claims 8 and 15. Therefore, they also inherit the rejection.
Claim 4 recites the limitation “a targeted system”. However, independent claim 1 already recites of a targeted system. Examiner suggests amending claim 4 to recite “the targeted system”. Appropriate correction is required.
Claims 7 and 14 recites the limitation " the model ". There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination examiner is interpreting this as “the ML model”. Appropriate correction is required.
Claims 7 recites the limitation " the exploit that includes a SQL injection attack". There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination examiner is interpreting this as “an exploit that includes a SQL injection attack”. Appropriate correction is required.
Allowable Subject Matter
Claims 1, 3, 4, 6-11, 13-18, and 20 are considered allowable due to independent claims 1, 8, and 15 being amended with limitations of objected to claims 5, 12, and 19. However, the claims are still rejected under USC 112(b). A reason for allowance will be noted in a notice of allowance once all rejections have been overcome.
Pertinent Art
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
El-MOUSSA (US-10771483-B2): This prior art teaches of a computer implemented method to identify an attacked computing device in a system of network-connected computing devices providing a plurality of computing services, the method including receiving a first data structure including data modeling relationships between vulnerabilities of computing services in a first proper subset of the plurality of computing services and exploitation of such vulnerabilities to identify one or more series of exploits involved in a network attack; receiving a second data structure including data modeling the computing devices in the system including the network connections of each computing device; and comparing the first and second data structures to identify the attacked computing device as an intermediate device in communications between at least two computer services in any of the one or more series of exploits.
JAJODIA (US-20120233699-A1): This prior art teaches of methods for determining a safety level of a network vulnerable to attack from at least one origin to at least one target are described. Machines, components, and vulnerabilities in a network may be associated to one another. Degrees of similarity among the vulnerabilities may be determined and subsets of vulnerabilities may be grouped based on their determined degrees of similarity to one another. This data may be used to generate an attack graph describing exploitation of vulnerabilities and grouped vulnerabilities and defining vulnerability exploit condition relationships between at least one origin and at least one target. The attack graph may be analyzed using a k-zero day metric function to determine a safety level.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AFAQ ALI whose telephone number is (571)272-1571. The examiner can normally be reached Mon - Fri 7:30am - 5:30pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ALI SHAYANFAR can be reached at (571) 270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/A.A./
02/19/2026
/AFAQ ALI/Examiner, Art Unit 2434
/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434