Office Action Predictor
Last updated: April 17, 2026
Application No. 18/593,851

AI-BASED FILE MALICIOUSNESS CLASSIFICATION WITH AN EXPLANATION OF REASONING

Final Rejection §103
Filed
Mar 01, 2024
Examiner
ZHAO, DON GORDON
Art Unit
2493
Tech Center
2400 — Computer Networks
Assignee
microsoft technology licensing LLC
OA Round
2 (Final)
87%
Grant Probability
Favorable
3-4
OA Rounds
2y 5m
To Grant
99%
With Interview

Examiner Intelligence

Grants 87% — above average
87%
Career Allow Rate
674 granted / 774 resolved
+29.1% vs TC avg
Strong +17% interview lift
Without
With
+16.9%
Interview Lift
resolved cases with interview
Typical timeline
2y 5m
Avg Prosecution
21 currently pending
Career history
795
Total Applications
across all art units

Statute-Specific Performance

§101
11.0%
-29.0% vs TC avg
§103
41.0%
+1.0% vs TC avg
§102
4.5%
-35.5% vs TC avg
§112
27.8%
-12.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 774 resolved cases

Office Action

§103
DETAILED ACTION Responsive to the Applicant’s reply filed on 12/08/2025, Applicant’s amendments to claims have been entered and respective arguments carefully considered and responded in the following. Claims 1-22 are pending with claims 1, 12, and 22 being in independent form. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Examiner's Instructions for filing Response to this Office Action When the Applicant submits amendments regarding to the claims in response the Office Action, the Examiner would like Applicant to provide a clean copy of the claims to facilitate the prosecution which otherwise requires extra time in editing the marked-up claims from OCR. Please submit two sets of claims: Set #1 as in a typical filing which includes indicators for the status of claim and all marked amendments to the claims; and Set #2 as an appendix to the Arguments/Remarks for a clean version of the claims which has all the markups removed for entry by the Examiner. Response to Arguments The claim amendments and remarks filed by the Applicant on 12/08/2025, have been carefully considered and are responded in the following. In response to the Applicant arguments, page(s) 17, regarding claim objections for informality, the amendments have resolved the issues. Accordingly, the objections are withdrawn. In response to the Applicant arguments, page(s) 17-20, regarding claim rejections under 35 U.S.C. 112(b) because of insufficient antecedent basis or lack of clarity, the arguments in view of the amendments are persuasive. Therefore, the rejections are withdrawn. It should be noted that, at page 18, Applicant argues the broadness of the AI prompts referencing the Specification, par. 0004 and 0016. As discussed in par. 0016, “examples of an AI prompt include but are not limited to a zero-shot prompt, a one-shot prompt, and a few-shot prompt. A zero-shot prompt is a prompt for which the prompt and/or its corresponding contextual information, which are to be processed by the AI model, is not included in pre-trained knowledge of the AI model. A one-shot prompt is a prompt that includes a target prompt along with a single example prompt and a single example answer that is responsive to the single example prompt. The example prompt and the example answer provide guidance as to how the AI model is expected to respond to the target prompt. A few-shot prompt is a prompt that includes a target prompt along with multiple example prompts and multiple example answers that are responsive to the respective example prompts. The example prompts and the example answers provide guidance as to how the AI model is expected to respond to the target prompt. The broadness of the AI prompt in the claims suggests that AI models can work with prompts generated by themselves. In other words, the Al prompt may be generated and provided by the AI model to bring the target file as inputs to the Al model. Applicant’s arguments, page(s) 8-9 of the Remarks, with regards to claim rejections under 35 U.S.C. § 103 have been considered carefully. First, regarding claim 1, Applicant argues that the Al prompt requesting that the Al model choose between the malicious class and the non- malicious class and further requesting the explanation that describes the reasoning used by the Al model in choosing the malicious class or the non-malicious class, and further states Healy, Grobman, and Mori do not teach or suggest "cause an Al model to classify a target file in a malicious class or a non-malicious class and to provide an explanation…” See pages 21-25. In response, the Examiner respectfully disagrees because, the claim specifies that it is the computer-executable instructions that are executed to cause an Al model to classify a target file in a malicious class or a non-malicious class and to provide an explanation that describes reasoning used by the Al model in choosing the malicious class or the non-malicious class. That means, the AI model when programed and executed cause itself to classify a target file in a malicious class or a non-malicious class and to provide an explanation. Claim 1 further describes “an Al prompt together with the target file as inputs to the Al model” for the classification of the target file. It is noted that the Al prompt is broadly defined to include AI model generated prompt that may autonomously locate the target file to feed the AI model as input for file classification in which the target file may be classified into a malicious class or a non-malicious class with an explanation. With this understanding, Healy teaches an AI model (e.g., a deep learning model and a malware classification machine learning model) that performs classification of a portable executable file; par. 0025-0026. Healy’s AI model uses classification rules along with identified tactics and techniques (par. 0031-0032) to identify and classify malware with explainability; par. 0033-0035. Healy discloses an AI model that may prompt itself to filter a portable executable file and extract a number of string features to train a malware classification machine learning model for forming the malware classifier 150 for classification; par. 0048-0049. As discussed earlier, the AI prompt in the claim, when given broadest reasonable interpretation, includes prompts generated by AI model autonomously processing the target file as inputs to the Al model. However, Healy does not explicitly disclose the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class, although it is known an AI model can prompt itself. This aspect of the claim is identified as a further difference in the Office Action. As such, Mori is cited to teach: the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class. Mori’s phase-classifying the time-series information is performed in accordance with the prompt; par. 0026. When the time-series information and the prompt are input, the generative AI outputs the description content together with the phase-classified phase classification result. See par. 0027. Furthermore, Mori discloses perform[ing] phase classification and generation of the description content by inputting, to the generative AI, a prompt including a directive instructing to classify phases depending on changes in behaviors of a plurality of users. For example, the information processing apparatus 100 may perform phase classification and generation of description content by using a prompt including a directive with content such as “perform phase classification at timing when a user's behavior changes.” See par. 0030-0031. For further examples in Mori, see par. 0055-0056: for example, the processing unit 134 causes the generative AI to execute phase classification by inputting, to the generative AI, a prompt instructing to perform phase classification. Evidently, Mori discloses an Al prompt requesting that the Al model to perform classification of input and provides output results. Applicant’s arguments are therefore not persuasive. Secondly, the Applicant argues, at pages 25-28, that claims 12-14 and 21 contain features not disclosed by Healy, Grobman, and Mori or the combinations thereof. In response, the Examiner respectfully disagrees. For the similar aforementioned reasons, the rejections of claims 12-14 and 21 are sustained. Thirdly, the Applicant argues, at pages 29-30, that Healy, Grobman, and Mori do not teach or suggest the feature of “the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class and further requesting the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non-malicious class ... , wherein the target file comprises context regarding the AI prompt," as recited by independent claim 22. Applicant notes that independent claimrecites feature(s) that are not included in independent claim 1. For example, Healy, Grobman, and Mori also do not teach or suggest "causing an AI model to classify a target file in a malicious class or a non-malicious class and to provide an explanation that describes reasoning used by the AI model in choosing the malicious class or the non-malicious class and to provide an indication of a confidence associated with a classification of the target file in the malicious class or the non-malicious class by providing an AI prompt together with the target file as inputs to the AI model, the AI prompt ... further requesting the indication of the confidence associated with the classification of the target file in the malicious class or the non-malicious class, wherein the target file comprises context regarding the AI prompt," as recited by independent claim 22. In response, the Examiner respectfully disagrees. The limitation for providing an indication of a confidence associated with a classification of the target file in the malicious class or the non-malicious class is an obvious variant of providing an indication or a result of classification of the target file in the malicious class or the non-malicious class. Healy discloses that explainability helps to verify and/or assign a confidence level or score to an identification and/or classification of malware; see par. 0033. Healy discusses that an explainable AI model enables a user, another system, a process, etc., to understand how the model determined its output. Explainability provides a basis to justify a decision (e.g., an identification and/or classification), track and verify the decision, and improve related processes. A defensive action taken or a ransom negotiation can be informed by identification of a malware actor and type of malware. As such, Healy implies the AI model can be configured for obtaining the indication of the confidence associated with the classification of the target file in the malicious class or the non-malicious class. Applicant’s arguments are therefore not persuasive. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-6, 11-14, and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Healy (US 20230401314 A1) in view of Grobman (US 20250117476 A1), and further in view of Mori (US 20250238426 A1; note the date of reference reaches back to 2024-01-19 of JP 2024-006887). As per claim 1, Healy teaches a system (see the title: to classify malware with explainability with artificial intelligence models) comprising: a processor system; and a memory that stores computer-executable instructions that are executable by the processor system to at least: cause an AI model to classify a target file in a malicious class or a non-malicious class and to provide an explanation that describes reasoning used by the AI model in choosing the malicious class or the non-malicious class by providing an AI prompt together with the target file as inputs to the AI model, … and further requesting the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non-malicious class in which to classify the target file, wherein the target file comprises context regarding the AI prompt (Healy par. 0031-0033: malware identification and/or classification rules; an explainable AI model enables a user; Healy teaches an AI model (e.g., a deep learning model and a malware classification machine learning model) that performs classification of a portable executable file; par. 0025-0026. Healy’s AI model uses classification rules along with identified tactics and techniques (par. 0031-0032) to identify and classify malware with explainability; par. 0033-0035. Healy discloses an AI model that may prompt itself to filter a portable executable file and extract a number of string features to train a malware classification machine learning model for forming the malware classifier 150 for classification; par. 0048-0049.); receive a response to the AI prompt from the AI model, the response comprising an indication of a selected class in which the AI model classifies the target file and further comprising the explanation that describes the reasoning used by the AI model in choosing the selected class in which to classify the target file, wherein the selected class is the malicious class or the non-malicious class (Healy par. 0033-0036: output from a classifier with CNN and/or other deep learning constructs); provide the explanation, which describes the reasoning used by the AI model in choosing the selected class in which to classify the target file, to the user via a user interface (Healy par. 0033-0034: explainability; par. 0038: forming an explainable AI (XAI); see FIG. 7, step 730 for outputting a prediction of malware classification associated with the input; par. 0082); However, Healy does not explicitly disclose performing a security operation with regard to the target file based on the selected classes or classifications. This aspect of the claim is identified as a further difference. In a related art, Grobman teaches: based at least on the indication of the selected class in which the AI model classifies the target file, perform a security operation with regard to the target file (Grobman, par. 0039-0041: to mitigate malicious activities. par. 0060: perform a security operation based on the classification 116). Healy and Grobman are analogous art to the claimed invention, because they are in the same field of endeavor in improving AI models for security classifications as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to modify Healy’s system with Grobman’s teachings of “perform a security operation” based on determined classes. For this combination, the motivation would have been to improve the level of security with timely security actions based on AI. However, Healy and Grobman as combined above do not explicitly disclose the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class. This aspect of the claim is identified as a further difference. In a related art, Mori teaches: the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class … (Mori, par. 0030-0031: 100 inputs, to the generative AI, as a prompt; par. 0055-0056: for example, the processing unit 134 causes the generative AI to execute phase classification by inputting, to the generative AI, a prompt instructing to perform phase classification) Mori is analogous art to the claimed invention in the same field of endeavor in improving AI models for security classifications as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to modify the Healy-Grobman system with Mori’s teachings of the AI prompt requesting classification at the AI model. For this combination, the motivation would have been to improve triggering and interacting of the AI classification engine. As per claim 2, the references as combined above teach the system of claim 1, wherein the computer-executable instructions are executable by the processor system to at least: cause the AI model to classify the target file in the malicious class or the non-malicious class by providing the AI prompt together with the target file and contextual information regarding the target file as inputs to the AI model (Mori, par. 0026-0027: a phase classification result based on these pieces of information, which are provided for classification); and wherein the contextual information comprises at least one of the following: an indication of a location from which the target file is downloaded; a process path associated with the target file; a process command line associated with the target file; a parent process command line associated with the target file; or a real time process name associated with the target file (Mori, par. 0026-0027: a prompt to the generative AI as input information together with the time-series information generated in step S104; phase classification result; the time-series information and the prompt are input). As per claim 3, the references as combined above teach the system of claim 1, wherein the explanation in the response to the AI prompt indicates a plurality of attributes of the target file that contributed to the AI model choosing the selected class (Healy, 0023-0026: malware classification with machine learning model that forms a multi-class classifier for selection and assignment). As per claim 4, the references as combined above teach the system of claim 1, and Healy also discloses: wherein the computer-executable instructions are executable by the processor system to at least: in response to the classification information being stored in the store, determine that the target file is to be classified among a plurality of classes that comprises the malicious class and the non-malicious class (Healy, par. 0045, 0051, and 0115: provide a malware classification with explainability in response to a second input; the malware classifier to provide a malware classification with explainability in response to a second input); and cause the AI model to classify the target file in the malicious class or the non-malicious class and to provide the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non-malicious class by providing the AI prompt together with the target file and the classification information to the AI model (Healy, par. 0045 and 0115: malware classification with explainability; the malware classifier to provide a malware classification with explainability in response to a second input.). Grobman further discloses: store classification information in a store, wherein the classification information comprises a reference identifier that identifies a reference file, reference content of the reference file, a reference AI prompt requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the reference file and further requesting a reference explanation that describes reference reasoning used by the AI model in choosing the malicious class or the non-malicious class in which to classify the reference file, and a reference response to the reference AI prompt (Grobman, par. 0029 and 0060: the classification 116 is stored within the model database 110 for use in a future corpus of comparison webpages), and Mori discloses: wherein the reference response comprises an indication of a reference class in which the reference file is classified and further comprises the reference explanation that describes the reference reasoning for classifying the reference file in the reference class, wherein the reference class is the malicious class or the non-malicious class (Mori, par. 0027-0028: The generative AI further outputs description content describing the phase for each phase classified on the basis of the phase classification result; par. 0045-0046: classification result or the description content); As per claim 5, the references as combined above teach the system of claim 4, wherein the classification information further comprises a confidence indicator that indicates a confidence associated with a classification of the reference file in the malicious class or the non-malicious class (Healy, par. 0033: assign a confidence level or score to an identification and/or classification of malware). As per claim 6, the references as combined above teach the system of claim 4, wherein the classification information further comprises a second reference identifier that identifies a second reference file, second reference content of the second reference file, a second reference AI prompt requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the second reference file and further requesting a second reference explanation that describes second reference reasoning used by the AI model in choosing the malicious class or the non-malicious class in which to classify the second reference file, and a second reference response to the second reference AI prompt (Healy, par. 0019 and 0038-0041: Additional features can be extracted from a portable executable associated with the malware analysis; to form additional features in the set of features (also referred as a feature set); and wherein the second reference response comprises an indication of a second reference class in which the second reference file is classified and further comprises the second reference explanation that describes the second reference reasoning for classifying the second reference file in the second reference class, wherein the second reference class is the malicious class or the non-malicious class (Healy, par. 0041 and 0044-0047: classification rules (e.g., YARA rules, etc.), attack techniques (e.g., Mitre ATT&CK techniques, etc.) … are used as additional features in the set of features (also referred as a feature set). For classification). As per claim 11, the references as combined above teach the system of claim 1, wherein the computer-executable instructions are executable by the processor system to at least: cause the AI model to classify the target file, to provide the explanation, and to provide an indication of a confidence associated with a classification of the target file in the malicious class or the non-malicious class, wherein the AI prompt further requests the indication of the confidence associated with the classification of the target file in the malicious class or the non-malicious class, and wherein the response further comprises the indication of the confidence associated with the classification of the target file in the selected class (Healy, par. 0033-0034: assign a confidence level or score to an identification and/or classification of malware; indications are outputted; that Explainability helps suggests output to presenting the confidence level; file features to identify and classify malware with explainability); and provide the indication of the confidence, which is associated with the classification of the target file in the selected class, to the user via the user interface (Healy, par. 0087-0088: One or more output devices 824 are also connected to the interface circuitry 820 of the illustrated example. The output devices 824 can be implemented, for example, by display devices (e.g., a light emitting diode (LED),). Regarding claim 12, it is similar to claim 1 in terms of the inventive features recited, and thus claim 12 is similarly rejected using the same rationale. As per claim 13, the references as combined above teach the method of claim 12, wherein causing the AI model to perform the classification of the target file with regard to maliciousness comprises: providing the AI prompt together with the target file and contextual information regarding the target file as inputs to the AI model (Healy par. 0031-0033: malware identification and/or classification rules; an explainable AI model enables a user; par. 0019 and 0038-0041: analysis of malware), wherein the contextual information comprises at least one of the following: an indication of a signor that signs the target file (Healy, par. 0019 and 0038-0041: Additional features can be extracted from a portable executable associated with the malware analysis; to form additional features in the set of features (also referred as a feature set); an indication of a publisher that publishes the target file (Note: omitted as an optional limitation); a certificate associated with the target file (Note: omitted as an optional limitation); at least one of a header byte associated with the target file or a footer byte associated with the target file (Note: omitted as an optional limitation); or an indication of behavior associated with the target file (Note: omitted as an optional limitation). As per claim 14, the references as combined above teach the method of claim 12, and also teach further comprising: storing classification information in a store, wherein the classification information comprises a reference identifier that identifies a reference file, reference content of the reference file, a reference AI prompt requesting classification of the reference file with regard to maliciousness and further requesting a reference explanation that describes reference reasoning used by the AI model in performing the classification of the reference file, and a reference response to the reference AI prompt (Grobman, par. 0029 and 0060: the classification 116 is stored within the model database 110 for use in a future corpus of comparison webpages), wherein the reference response comprises an indication of a reference class in which the reference file is classified and further comprises the reference explanation that describes the reference reasoning for classifying the reference file in the reference class, wherein the reference class is the malicious class or the non-malicious class (Mori, par. 0027-0028: The generative AI further outputs description content describing the phase for each phase classified on the basis of the phase classification result; par. 0045-0046: classification result or the description content); and in response to storing the classification information in the store, determining that the target file is to be classified among a plurality of classes that comprises the malicious class and the non-malicious class (Healy, par. 0045, 0051, and 0115: provide a malware classification with explainability in response to a second input; the malware classifier to provide a malware classification with explainability in response to a second input); wherein causing the AI model to perform the classification of the target file comprises: causing the AI model to perform the classification of the target file with regard to maliciousness and to provide the explanation that describes the reasoning used by the AI model in performing the classification of the target file by providing the AI prompt together with the target file and the classification information to the AI model (Healy, par. 0045 and 0115: malware classification with explainability; the malware classifier to provide a malware classification with explainability in response to a second input.). Regarding claim 21, the claim is similar to claim 11 and is therefore rejected using a similar rationale. As per claim 22, Healy teaches a computer program product comprising a computer-readable storage medium having instructions recorded thereon for enabling a processor-based system to perform operations, the operations comprising: causing an AI model to classify a target file in a malicious class or a non-malicious class and to provide an explanation that describes reasoning used by the AI model in choosing the malicious class or the non-malicious class and to provide an indication of a confidence associated with a classification of the target file in the malicious class or the non-malicious class (Healy, par. 0031-0033: malware identification and/or classification rules; an explainable AI model enables a user; par. 0033: Explainability helps to verify and/or assign a confidence level or score to an identification and/or classification of malware.), further requesting the indication of the confidence associated with the classification of the target file in the malicious class or the non- malicious class, wherein the target file comprises context regarding the AI prompt (Healy, par. 0033: Explainability helps to verify and/or assign a confidence level or score to an identification and/or classification of malware; Healy teaches an AI model (e.g., a deep learning model and a malware classification machine learning model) that performs classification of a portable executable file; par. 0025-0026. Healy’s AI model uses classification rules along with identified tactics and techniques (par. 0031-0032) to identify and classify malware with explainability; par. 0033-0035. Healy discloses an AI model that may prompt itself to filter a portable executable file and extract a number of string features to train a malware classification machine learning model for forming the malware classifier 150 for classification; par. 0048-0049.); receiving a response to the AI prompt from the AI model, the response comprising an indication of a selected class in which the AI model classifies the target file and further comprising the explanation that describes the reasoning used by the AI model in choosing the selected class Healy par. 0033-0036: output from a classifier with CNN and/or other deep learning constructs; par. 0033: assign a confidence level or score); providing the explanation, which describes the reasoning used by the AI model in choosing the selected class class, to [[the]] a user via a user interface (Healy par. 0033-0034: explainability; par. 0038: forming an explainable AI (XAI); see FIG. 7, step 730 for outputting a prediction of malware classification associated with the input; par. 0082; par. 0033: assign a confidence level or score); and However, Healy does not explicitly disclose performing a security operation with regard to the target file based on the selected classes or classifications. This aspect of the claim is identified as a further difference. In a related art, Grobman teaches: based at least on the indication of the selected class in which the AI model classifies the target file, performing a security operation with regard to the target file (Grobman, par. 0039-0041: to mitigate malicious activities. par. 0060: perform a security operation based on the classification 116). Healy and Grobman are analogous art to the claimed invention, because they are in the same field of endeavor in improving AI models for security classifications as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to modify Healy’s system with Grobman’s teachings of “perform a security operation” based on determined classes. For this combination, the motivation would have been to improve the level of security with timely security actions based on AI. However, Healy and Grobman as combined above do not explicitly disclose the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class. This aspect of the claim is identified as a further difference. In a related art, Mori teaches: the AI prompt requesting that the AI model choose between the malicious class and the non-malicious class and further requesting the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non- malicious class (Mori, par. 0030-0031: 100 inputs, to the generative AI, as a prompt; par. 0055-0056: for example, the processing unit 134 causes the generative AI to execute phase classification by inputting, to the generative AI, a prompt instructing to perform phase classification) Mori is analogous art to the claimed invention in the same field of endeavor in improving AI models for security classifications as the claimed invention, or reasonably pertinent to the problem faced by the inventor, which may be in a different field. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to modify the Healy-Grobman system with Mori’s teachings of the AI prompt requesting classification at the AI model. For this combination, the motivation would have been to improve triggering and interacting of the AI classification engine. Allowable Subject Matter Claim 7-10 and 15-20 objected to as being dependent upon a rejected base claim, but would be allowable over the prior art if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Claim 7 recites elements of “wherein the computer-executable instructions are executable by the processor system to at least: generate a target vector based at least on an identifier that identifies the target file, content of the target file, and the AI prompt; determine extents to which historical vectors associated with historical files, which are previously classified by the AI model, correspond to the target vector by comparing the historical vectors to the target vector, wherein the historical vectors are based at least on identifiers that identify the historical files, contents of the historical files, and AI prompts requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the historical files and further requesting explanations that describe reasonings used by the AI model in choosing the malicious class or the non-malicious class in which to classify the historical files; select a first historical vector from the historical vectors based at least on the extent to which the first historical vector corresponds to the target vector being greater than or equal to an extent threshold; and cause the AI model to classify the target file in the malicious class or the non-malicious class and to provide the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non-malicious class by providing the AI prompt together with the target file and classification information to the AI model, wherein the classification information comprises a first identifier that identifies a first historical file of the historical files that is associated with the first historical vector, first content of the first historical file, a first AI prompt requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the first historical file and further requesting a first explanation that describes a first reasoning used by the AI model in choosing the malicious class or the non-malicious class in which to classify the first historical file, and a first response to the first AI prompt from the AI model, and wherein the first response comprises an indication of a first class in which the AI model classifies the first historical file and further comprises the first explanation that describes the first reasoning used by the AI model in choosing the first class in which to classify the first historical file, wherein the first class is the malicious class or the non-malicious class.”. These elements and the features thereof in combination with the other limitations in the claim 1, are not anticipated by, nor made obvious over the prior art of record. Claims 8-9 are allowed by virtue of their dependencies on claim 7 as they further limit the scope of the claimed invention. Claim 10 recites elements of “generate a target vector based at least on an identifier that identifies the target file, content of the target file, and the AI prompt; determine extents to which historical vectors associated with historical files, which are previously classified by the AI model, correspond to the target vector by comparing the historical vectors to the target vector, wherein the historical vectors are based at least on identifiers that identify the historical files, contents of the historical files, and AI prompts requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the historical files and further requesting explanations that describe the reasonings used by the AI model in choosing the malicious class or the non-malicious class in which to classify the historical files; select N first historical vectors, which are associated with historical files that are classified in the malicious class, and N second historical vectors, which are associated with historical files that are classified in the non-malicious class, from the historical vectors to provide 2N sample historical vectors based at least on the extents to which the N first historical vectors and the N second historical vectors correspond to the target vector being greater than or equal to an extent threshold, wherein N is a positive integer; select P sample historical vectors from the 2N sample historical vectors, wherein P is a positive integer that is less than 2N; and cause the AI model to classify the target file in the malicious class or the non-malicious class and to provide the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non-malicious class by providing the AI prompt together with the target file and classification information to the AI model, wherein the classification information comprises P identifiers that identify P historical files of the historical files that are associated with the P sample historical vectors, contents of the P historical files, P AI prompts requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the P historical files and further requesting explanations that describe reasonings used by the AI model in choosing the malicious class or the non-malicious class in which to classify the P historical files, and P responses to the P AI prompts from the AI model, and wherein the P responses comprise indications of selected classes in which the AI model classifies the P historical files and further comprise the explanations that describe the reasonings used by the AI model in choosing the selected classes in which to classify the P historical files, wherein a selected class is the malicious class or the non-malicious class”. These elements and the features thereof in combination with the other limitations in the claim 1, are not anticipated by, nor made obvious over the prior art of record. Claim 15, which is similar to claim 7, recites elements of “wherein the computer-executable instructions are executable by the processor system to at least: generate a target vector based at least on an identifier that identifies the target file, content of the target file, and the AI prompt; determine extents to which historical vectors associated with historical files, which are previously classified by the AI model, correspond to the target vector by comparing the historical vectors to the target vector, wherein the historical vectors are based at least on identifiers that identify the historical files, contents of the historical files, and AI prompts requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the historical files and further requesting explanations that describe reasonings used by the AI model in choosing the malicious class or the non-malicious class in which to classify the historical files; select a first historical vector from the historical vectors based at least on the extent to which the first historical vector corresponds to the target vector being greater than or equal to an extent threshold; and cause the AI model to classify the target file in the malicious class or the non-malicious class and to provide the explanation that describes the reasoning used by the AI model in choosing the malicious class or the non-malicious class by providing the AI prompt together with the target file and classification information to the AI model, wherein the classification information comprises a first identifier that identifies a first historical file of the historical files that is associated with the first historical vector, first content of the first historical file, a first AI prompt requesting that the AI model choose between the malicious class and the non-malicious class in which to classify the first historical file and further requesting a first explanation that describes a first reasoning used by the AI model in choosing the malicious class or the non-malicious class in which to classify the first historical file, and a first response to the first AI prompt from the AI model, and wherein the first response comprises an indication of a first class in which the AI model classifies the first historical file and further comprises the first explanation that describes the first reasoning used by the AI model in choosing the first class in which to classify the first historical file, wherein the first class is the malicious class or the non-malicious class”. These elements and the features thereof in combination with the other limitations in the claim 12, are not anticipated by, nor made obvious over the prior art of record. Claims 16-19 are allowed by virtue of their dependencies on claim 15 as they further limit the scope of the claimed invention. Claim 20 recites elements of “generating a target vector based at least on an identifier that identifies the target file, content of the target file, and the AI prompt; determining extents to which historical vectors associated with historical files, which are previously classified by the AI model, correspond to the target vector by comparing the historical vectors to the target vector, wherein the historical vectors are based at least on identifiers that identify the historical files, contents of the historical files, and AI prompts requesting classifications of the historical files with regard to maliciousness and further requesting explanations that describe reasonings used by the AI model in performing the classifications; selecting N first historical vectors, which are associated with historical files that are classified in the malicious class, and N second historical vectors, which are associated with historical files that are classified in the non-malicious class, from the historical vectors to provide 2N sample historical vectors based at least on the extents to which the N first historical vectors and the N second historical vectors correspond to the target vector being greater than or equal to an extent threshold, wherein N is a positive integer; and selecting P sample historical vectors from the 2N sample historical vectors, wherein P is a positive integer that is less than 2N; wherein causing the AI model to perform the classification of the target file comprises: causing the AI model to perform the classification of the target file with regard to maliciousness and to provide the explanation that describes the reasoning used by the AI model in performing the classification of the target file with regard to maliciousness by providing the AI prompt together with the target file and classification information to the AI model, wherein the classification information comprises P identifiers that identify P historical files of the historical files that are associated with the P sample historical vectors, contents of the P historical files, P AI prompts requesting classifications of the P historical files with regard to maliciousness and further requesting explanations that describe reasonings used by the AI model in performing the classifications of the P historical files, and P responses to the P AI prompts from the AI model, and wherein the P responses comprise indications of selected classes in which the AI model classifies the P historical files and further comprise the explanations that describe the reasonings used by the AI model in performing the classifications of the P historical files, wherein a selected class is the malicious class or the non-malicious class”. These elements and the features thereof in combination with the other limitations in the claim 12, are not anticipated by, nor made obvious over the prior art of record. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Don Zhao whose telephone number is (571)272-9953. The examiner can normally be reached on 9 am to 5 pm Monday thru Friday. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Don G Zhao/ Examiner, Art Unit 2493 1/20/2026
Read full office action

Prosecution Timeline

Mar 01, 2024
Application Filed
Sep 04, 2025
Non-Final Rejection — §103
Nov 10, 2025
Examiner Interview (Telephonic)
Nov 10, 2025
Examiner Interview Summary
Dec 08, 2025
Response Filed
Jan 20, 2026
Final Rejection — §103
Mar 17, 2026
Examiner Interview Summary
Mar 17, 2026
Applicant Interview (Telephonic)
Apr 14, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12603879
PROGRESSIVELY INCREASING A LOGIN INFORMATION LENGTH
2y 5m to grant Granted Apr 14, 2026
Patent 12598209
DEVICE VULNERABILITY RISK ASSESSMENT SYSTEM
2y 5m to grant Granted Apr 07, 2026
Patent 12596801
METHOD AND APPARATUS FOR DETECTING COMMAND CONTROL SERVER OF MALICIOUS APPLICATION
2y 5m to grant Granted Apr 07, 2026
Patent 12596802
MALWARE DETECTION TECHNIQUES
2y 5m to grant Granted Apr 07, 2026
Patent 12585735
SYSTEMS AND METHODS FOR GENERATING AND DISTRIBUTING NFTs BASED ON USER INTERACTION
2y 5m to grant Granted Mar 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
87%
Grant Probability
99%
With Interview (+16.9%)
2y 5m
Median Time to Grant
Moderate
PTA Risk
Based on 774 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month