DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is responsive to communication filed on 2/16/2016.
Claims 1-20 are subject to examination.
This amendment and applicant’s arguments have been fully considered and entered by the Examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over DiFonzo et al. U.S. Patent Publication # 2022/0414228 (hereinafter DiFonzo) in view of Morin et al. U.S. Patent Publication # 2020/0145816 (hereinafter Morin) further in view of Manchanda et al. U.S. Patent Publication # 2021/0182709 (hereinafter Manchanda)
With respect to claim 1, DiFonzo teaches a method comprising:
-receiving a natural language query from a client device (i.e. receiving natural language query from a system operator or service (Fig. 6 element 604) (Paragraph 64);
processing, by a processing device executing artificial intelligence model (i.e. cyber security intelligence model & intelligent auto-complete function which uses machine learning models), the natural language query to identify elements of cybersecurity intelligence to monitor (i.e. user entering the query centrality in the panel, the system returns a list of top five most influential nodes wherein the user then provides query with centrality of 10.1.0.179 a specific node which the system returns a response) (Paragraph 64, 69);
monitoring cybersecurity intelligence for a match to the identified elements from the natural language query(Fig. 6 element 606)(i.e. monitoring a particular node and then providing an entity match)(Paragraph 47, 48, 55, 113, 115); and
transmitting a notification (Fig. 6 element 606)(Fig. 5, 10) to the client device in response to the matching of the identified elements to one or more items of cybersecurity intelligence (Paragraph 61, 64, 69).
DiFonzo does not explicitly teaches wherein the cybersecurity intelligence includes both structured data and unstructured data and the AI model is a generative AI model to process both the structured data and the unstructured data.
Morin teaches wherein the cybersecurity intelligence (i.e. security) includes both structured data (i.e. structured data which is data organized into pre-defined repository for effective processing) and unstructured data (i.e. unstructured data which is not predefined data format) and the AI model is a generative AI model that receives as an input both the structured data and the unstructured data (i.e. security process may apply an AI expert system that uses ontology data to relate other structured data to various domain and may also do this for binary data that is unstructured) (Paragraph 73, 136). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement DiFonzo’s teaching in Morin’s teaching to come up with having AI model is generative AI model to process both structured and unstructured data. The motivation for doing so would be so the ontologies encompass a representation, formal naming, and definition of the categories, properties and relations between the concepts, data and entities that substantiate one or many or all domains.
DiFonzo and Morin does not explicitly show wherein the match is determined by identifying keywords within the structured data and the unstructured data and comparing a context of the identified keywords to a context of the natural language query.
Manchanda teaches wherein the match is determined by identifying keywords within the structured data and the unstructured data and comparing a context of the identified keywords to a context of the natural language query (Paragraph 21). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Manchanda’s teaching in DiFonzo and Morin’s teaching to come up with having the match is determined by identifying words within the structured data and the unstructured data and comparing a context of the identified keywords to a context of the natural language query. The motivation for doing so would be to decide the action to be performed for extraction of the contextual information (Paragraph 21).
With respect to claim 2, DiFonzo teaches the method of claim 1, further comprising: generating a workflow from the natural language query (i.e. Example 1)(Fig. 3), the workflow comprising one or more steps for identifying the elements of cybersecurity intelligence (i.e. top 5 most influential nodes) and monitoring the identified elements (monitoring/tracking) (Paragraph 104, 69, 51)
With respect to claim 3, DiFonzo teaches the method of claim 2, wherein monitoring the cybersecurity intelligence comprises applying, by the AI model, the generative workflow to the cybersecurity intelligence (Paragraph 50, 52, 53)
With respect to claim 4, DiFonzo teaches the method of claim 1, wherein the cybersecurity intelligence comprises one or more of cybersecurity intelligence reports or cybersecurity intelligence databases (i.e. cygraph cybersecurity system and graph database system) comprising the unstructured data (Paragraph 64-65, 68, 74-77)
With respect to claim 5, DiFonzo teaches the method of claim 1, further comprising: generating a notification request entry corresponding to the client device, wherein the notification request entry comprises the identified elements for monitoring (i.e. providing alerts and events and providing node sizing larger in the visualization in scale with their betweenness centrality values as well as providing network events based on the monitoring (Paragraph 53, 52, 70, 73, 76, 69)
With respect to claim 6, DiFonzo teaches the method of claim 1, wherein the notification to the client device comprises an indication of cybersecurity intelligence matching the identified elements and a summary of the matched cybersecurity intelligence (Fig. 6, 8, 10)(Paragraph 64, 65-68)
With respect to claim 7, DiFonzo teaches the method of claim 1, wherein monitoring cybersecurity intelligence for a match to the identified elements comprises: determining whether new cybersecurity intelligence has been received (Paragraph 52-53); and in response to determining that new cybersecurity intelligence has been received, processing the new cybersecurity intelligence to determine whether the new cybersecurity intelligence comprises one or more of the identified elements (Paragraphs 52-53, 67-69)
With respect to claims 8-14 respectively, teaches same limitations as claims 1-7 respectively, therefore, rejected under same basis.
With respect to claims 15-18, 19-20 respectively, teaches same limitations as claims 1-4, 6-7 respectively, therefore, rejected under same basis.
Response to Arguments
Applicant’s arguments with respect to newly added claim limitation for claim(s) 1, 8, 15 have been considered but are moot because in view of new grounds of rejection.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A). Yaswi et al. U.S. Patent Publication # 2021/0336889 which teaches about AI-based QoS engine tracking and analyzing various types of external information including vulnerability databases that document previous or future threats.
B). Eyal et al. U.S. Patent # 11,271,959 which teaches about combining a firewall and a forensics agents to detect and prevent malicious software activity.
C). Krebs et al. U.S. Patent Publication # 2020/0396231
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DHAIRYA A PATEL whose telephone number is (571)272-5809. The examiner can normally be reached M-F 7:30am-4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kamal B Divecha can be reached at 571-272-5863. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
DHAIRYA A. PATEL
Primary Examiner
Art Unit 2453
/DHAIRYA A PATEL/ Primary Examiner, Art Unit 2453