Prosecution Insights
Last updated: July 17, 2026
Application No. 18/508,942

DEFANGING MALICIOUS ELECTRONIC FILES BASED ON TRUSTED USER REPORTING

Final Rejection §103
Filed
Nov 14, 2023
Priority
Apr 05, 2019 — continuation of 10/893,060 +1 more
Examiner
NGUYEN, DUSTIN
Art Unit
2446
Tech Center
2400 — Computer Networks
Assignee
Material Security Inc.
OA Round
2 (Final)
78%
Grant Probability
Favorable
3-4
OA Rounds
7m
Est. Remaining
91%
With Interview

Examiner Intelligence

Grants 78% — above average
78%
Career Allowance Rate
640 granted / 816 resolved
+20.4% vs TC avg
Moderate +12% lift
Without
With
+12.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 3m
Avg Prosecution
25 currently pending
Career history
853
Total Applications
across all art units

Statute-Specific Performance

§101
1.1%
-38.9% vs TC avg
§103
86.2%
+46.2% vs TC avg
§102
4.9%
-35.1% vs TC avg
§112
0.6%
-39.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 816 resolved cases

Office Action

§103
DETAILED ACTION Claims 1-6, 8-13, and 15-20 are presented for consideration. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-6, 8-13, and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Himler et al. [ US Patent No 9,774,626 ], in view of Higbee et al. [ US Patent Application No 2018/0191754 ]. As per claim 1, Himler discloses the invention as claimed including a method, comprising: accessing, by a computer system, an email addressed to an email address of an email system, wherein the email address is for a user of the email system [ i.e. receive an electronic message by client computing device ] [ 203, Figure 2; and col 7, lines 41047 ]; determining a behavior of the user with respect to the email [ i.e. the user has reported the received message as a potentially malicious message ] [ 204, Figure 2; Abstract; and col 7, lines 47-52 ]; based on the behavior of the user, using content of the email to update a database [ i.e. database containing identifying information about one or more users of the system that may receive messages and report the messages ] [ 116, Figure 1; and col 5, lines 51-67 ]; determining that a corrective action for the email is to be taken [ i.e. delete the message ] [ col 6, lines 66-col 7, lines 19; and col 8, lines 52-67 ]; Himler does not specifically disclose performing, by the computer system, an aggregate analysis of behavior of multiple users of the email system, wherein the aggregate analysis takes into account the determined behavior of the user, and wherein the corrective action comprises sending a message to a different user of the multiple users; and updating the database based on the aggregate analysis. Higbee discloses performing, by the computer system, an aggregate analysis of behavior of multiple users of the email system, wherein the aggregate analysis takes into account the determined behavior of the user [ i.e. cluster and analyze reports ] [ Figures 11, 12, and 15; and paragraphs 0080, 0085, and 0086 ], and wherein the corrective action comprises sending a message to a different user of the multiple users [ i.e. sending a message to all users who have reported messages ] [ paragraphs 0110, and 0143 ]; and updating the database based on the aggregate analysis [ i.e. reputation score of the report user is updated accordingly depending on the outcome of the message analysis ] [ paragraphs 0132, and 0144 ]. It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Himler and Higbee because the teaching of Higbee would enable to provide an integrated environment for automated processing of reports of suspicious messages, and to a network for distributing information about detected phishing attacks [ Higbee, paragraph 0002 ]. As per claim 2, Himler discloses wherein the email has been categorized as a legitimate email after passing through a malware detector [ Abstract ]. As per claim 3, Himler discloses wherein the email is a password reset email [ i.e. change password ] [ col 10, lines 47-64 ]. As per claim 4, Himlet discloses performing a matching analysis using the email [ i.e. matching the file ] [ col 12, lines 42-58 ]. As per claim 5, Himlet discloses wherein the matching analysis comprises a set of rules [ i.e. using rules ] [ col 8, lines 1-13 ]. As per claim 6, Himlet discloses wherein the database stores Internet activity of users [ i.e. URL or links ] [ col 11, lines 46-col 12, lines 41 ]. As per claims 8-13, they are rejected for similar reasons as stated above in claims 1-6. As per claims 15-20, they are rejected for similar reasons as stated above in claims 1-6. Response to Arguments Applicant's arguments filed 03/09/2026 have been fully considered but they are not persuasive. As per remarks, Applicants argued that (1) the rejection of Himlet does not amount to a determination that a corrective action for the email is to be taken. As to point (1), Examiner respectfully disagrees because Himlet clearly discloses when a user reports a potentially malicious message, if the message is determined to be potentially malicious, the client computing device may delete the message after sending it to the cybersecurity analyzer server, if the message is determined to be legitimate, the client computing device may release the message from quarantine and make it available to the user again [ i.e. broadly interpret as determination that a corrective action for the email is to be taken as claimed ] [ col 8, lines 52-66 ]. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Lowry et al. [ US Patent Application No 2018/0324201 ] discloses system and method for providing user interfaces based on actions associated with untrusted emails Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUSTIN NGUYEN whose telephone number is (571)272-3971. The examiner can normally be reached Monday-Friday 9-6 PST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian Gillis can be reached at 571-2727952. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /DUSTIN NGUYEN/Primary Examiner, Art Unit 2446
Read full office action

Prosecution Timeline

Nov 14, 2023
Application Filed
Dec 19, 2025
Non-Final Rejection mailed — §103
Mar 09, 2026
Response Filed
Jun 01, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683969
Machine-Learned Verification Pipeline for Sensor Inputs
3y 6m to grant Granted Jul 14, 2026
Patent 12676831
Systems and methods for uniquely labeling egress traffic from Secure Service Edge (SSE) platforms
2y 3m to grant Granted Jul 07, 2026
Patent 12659313
SYSTEMS AND METHODS FOR PROVIDING INSTANT PROVISIONING AND ACTIVATION OF A CLIENT DEVICE FOR A NETWORK
3y 3m to grant Granted Jun 16, 2026
Patent 12659343
Systems, Methods, And Storage Media For Conducting Security Penetration Testing
1y 11m to grant Granted Jun 16, 2026
Patent 12647396
INVENTORY MONITORING FOR CLOUD RESOURCE PROTECTION IN REAL TIME
2y 2m to grant Granted Jun 02, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
78%
Grant Probability
91%
With Interview (+12.3%)
3y 3m (~7m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 816 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month