Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the application filed on or reply to the remarks of 1/27/2026. The instant application has claims 1-2, 4, 6-7, 9-12, 14, 16, 19- 20 pending. The system, method and medium for determining similarity match between the username/ password stored and the with traffic . There a total of 16 claims.
Response to Arguments
The applicant argues that previous trends of username and password with study of previously studied trends of capital letters, numeral digits and symbols is absent in cited prior art.
The examiner respectfully disagrees. Hepburn discloses an password store having password digest, an hash of password see Fig. 1 item 40 & Col 2 Ln 39-53. That is, an hash represents an unique number that accounts for capital letters and numerals being used. And further also discloses an authentication policy that checks the password character, length and case sensitivity see Col 4 Ln 10-16. And it also checks past histories of user and dictionary attack based password, i.e. study of previous trends including checking for capital letters and numerals. And putting all this together with Jaferian discloses the study of audit logs of user actions, i.e. user’s password, to get an previous trends of capital letters, small letters, numeral digits, and symbols being used.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-2, 4, 6-7, 9-12, 14, 16-17, 19-20is/are rejected under 35 U.S.C. 103 as being unpatentable over US Patent 9967236 to Ashley in view of US Patent 9514294 to Hepburn and further in view of Heuristics for Evaluating IT Security Management Tools to Jaferian.
Claim 1, 11, Ashley discloses A system for information and visited links capturetraces(Col 7 Ln 4- 41, the credential data is extracted)detecting a login request by filtering for Post methods, Content-type headers including URL-encoded forms and JSON, and the target URL of the login(Fig. 9 item 906, POST method is used); and identifying potential obfuscated login credentials using heuristics and extracting parameters, including username and password parameters, by searching for parameter names that match keywords(Fig. 9 item 910, check or blacklisted credentials & Fig. 10 & Col 6 Ln 53-Col & ln 3, the encrypted credentials in SSL); wherein when the parameter name does not match a keyword, the parameter name will be passed to a heuristic engine to determine how related the parameter is to the respective credential, which is a username or password, and decide whether the parameter is a username, password(Fig. 9 item 910, check or blacklisted credentials & Fig. 10 & Col 6 Ln 53-Col & ln 3, the encrypted credentials in SSL).
Ashley disclose the heuristics being used for analysis. However, Heburn disclose the session being analyzed using heuristics, the predetermined heuristics respectively representing different observations for patterns of characters in actual usernames and passwords (Abstract & Col 2 LN 9-53, he credentials being matched and score Col 7 Ln 19-59 & Col 7 Ln 1-11); the previously studied trends include percentages of detected use for ordered combinations of capital letter characters, small letter characters, numerical digits, and symbols(Col 4 Ln 10-16 & Fig. 1 item 40 & Col 2 Ln 39-53, the password store has hash of password that accounts to capital letters, small letters, numeral digits and symbols used and therefore the study of password history to lead to getting percentages of capital letters, small letters, numeral digits and symbols)
It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Ashley invention to incorporate heuristics for the advantage of detecting close matches see Heburn Col 7 Ln 30-34.
Ashley nor Hepburn disclose the analyzes results of previously studied trends regarding types from different users on the network (Page 4 § Heuristic 2, historical information about user and other uses of system for getting trends that includes archive logs which can be passwords & §Heuristic 3, the certain patterns in network traffic& Page 2 § 2.3 Domain Specific Heuristics)
It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Ashley invention to incorporate analyzes results of previously studied trends regarding types from different users on the network for the advantage of providing an collective information for getting trends and inferential analysis as taught in Jaferian see Page 2 § 2.3 Domain Specific Heuristics.
Claim 2, 12, The combined system/method of Ashley Hepbrun, and Jaferian , mutatis mutandis, Ashley discloses the system of claim 1, wherein the session key log file environment is SSLKEYLOGFILE and the session KLF is a Transport Layer Security (TLS) session KLF, wherein the client computer is configured to retrieve data from TLS encrypted traffic as the captured computer network traffic traces and transfer the KLF and the captured traffic traces to the remote server(Fig/ 6 item 608, Flow & Fig. 10 item 1004 & 1106)
Claim 4, 14, The combined system/method of Ashley Hepbrun, and Jaferian , mutatis mutandis, Ashley discloses the system of claim 3, wherein the performing traffic mining includes extracting pieces of information including a sequence of visited links by a specific client using a specific browser without the client being idle for more than a predetermined period of time(Col 1 LN 60- Col 3 Ln 3, log of traffic).
Claim 6, 16, The combined system/method of Ashley Hepbrun, and Jaferian , mutatis mutandis, Ashley discloses the system of claim 3, wherein the performing traffic mining includes extracting session cookies from set-cookie headers((Fig. 6 item 608, Flow & Fig. 10 item 1004 & 1106)).
Claim 7, 17, The combined system/method of Ashley Hepbrun, and Jaferian , mutatis mutandis, Ashley discloses the system of claim 3, wherein the performing traffic mining includes extracting packets with activities from Hypertext Transfer Protocol (HTTP) requests, comments, reactions, posts creation, post modification, and post deletion(Fig. 9 item 906).
Claim 9, 19, The combined system/method of Ashley Hepbrun, and Jaferian , mutatis mutandis, Ashley discloses the system of claim 1, wherein the client computer obtains a session key based on user-level privileges(Col 4 ln 21-59, user has privileges based on policies)
Claim 10, 20, The combined system/method of Ashley Hepbrun, and Jaferian , mutatis mutandis, Ashley discloses the system of claim 1, wherein the client computer includes: an infection vector configured to handle the environment variable and close supported browsers (Fig. 6 item 608, Flow & Fig. 10 item 1004 & 1106); a scheduler configured to create a scheduled task to send the KLF and the captured network traffic traces; a transmitter configured to transmit the KLF and the captured traffic traces to the remote server(Fig. 6 item 608, Flow & Fig. 10 item 1004 & 1106)and a sniffer configured to sniff the client's network traffic(Fig. 6 item 608, Flow & Fig. 10 item 1004 & 1106)
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Venkat Perungavoor whose telephone number is (571)272-7213. The examiner can normally be reached 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492 Email: venkatanarayan.perungavoor@uspto.gov