DETAILED ACTION
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 6-9 and 11-14 are rejected under 35 U.S.C. 103 as being unpatentable over CN111783100A in view of CN116361788A and Crabtree et al. (US20220210200A1).
Regarding claim 1, CN111783100A discloses a method for detecting code vulnerability attacks on a computing device, comprising ([Abstract] shows a source code vulnerability detection method):
executing, by a client computing device, a Graph Convolutional Neural Network (GCN) model ([Abstract] shows a source code vulnerability detection method based on a graph convolution network);
analyzing, by the GCN model, code structure and connections of code running on the computing device ([Abstract] shows extracting graph structure information related to the vulnerability; learning a vector representation for each node using a graph convolution network; [page 5 lines 35-37] shows in order to more accurately extract the vulnerability-related graph structure information, especially the vulnerability structure information of cross-function calls, the function call relationship and the inter-procedure program dependency relationship are introduced into the code attribute graph);
identifying, by the GCN model, any irregularities or patterns in the code structure that could be used to exploit vulnerabilities of the computing device ([page 5 lines 35-37] shows this represents a code attribute map of code attribute information in order to accurately extract the vulnerability-related graph structure information, especially the vulnerability structure information of cross-function calls).
CN111783100A fails to teach a Joint RoBERTa and Graph Convolutional Neural Network (GCN) model; and
outputting insights and suggested actions, by the GCN model, to a user or system administrator to remediate the vulnerabilities.
However, CN116361788A discloses a Joint RoBERTa and Graph Convolutional Neural Network (GCN) model ([Abstract] shows a software vulnerability prediction method based on machine learning; [page 3 line 69] shows extracting assembly language semantic features based on the RoBERTa model; [page 5 lines 43-44] shows using the GCN to process the structural features of the program).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of CN112560049A with the teaching of CN116361788A in order to first extract language semantic features based on the RoBERTa model, then use the GCN to process the structural features of the program (CN116361788A; [page 3 line 69; page 5 lines 43-44]).
CN112560049A-CN116361788A as combined fails to teach outputting insights and suggested actions, by the GCN model, to a user or system administrator to remediate the vulnerabilities.
However, Crabtree discloses outputting insights and suggested actions to a user or system administrator to remediate the vulnerabilities distribution of the vulnerability finding to the assigned technical owner for remediation (para [0071] shows vulnerabilities in software; para [0115] shows security appliances 361 to continuously probe existing network infrastructure and issue alerts to any changes which may make a breach more likely 364, suggest solutions to any weaknesses detected 365.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of CN112560049A-CN116361788A with the teaching of Crabtree in order to thwart or mitigate damage from cyber-attacks (Crabtree; para [0071]).
Regarding claim 2, CN112560049A-CN116361788A-Crabtree as applied to claim 1 discloses the Joint RoBERTa and GCN model is trained on a dataset of code samples and vulnerabilities to detect code vulnerabilities on the computing device (CN116361788A; [page 3 line 69] shows extracting assembly language semantic features based on the RoBERTa model; [page 5 lines 43-44] shows using the GCN to process the structural features of the program; page 4 shows this method first disassembles the binary to obtain assembly language, then processes the RoBERTa model based on natural language, and then converts the operation code and operand of the assembly instruction Recognize and train as tokens respectively, and strengthen the training effect by randomly generating instruction sequences through RandomWalk.)
Regarding claim 3, CN112560049A-CN116361788A-Crabtree as applied to claim 1 discloses the Joint RoBERTa and GCN model utilizes a pre-trained RoBERTa-based language model to encode text data and a graph-based model to capture relationships between entities in the code (CN116361788A; [page 1 lines 70-72; page 4 lines 56-57] shows based on the natural language processing RoBERTa model, the code and operand are identified and trained as tokens respectively to generate attribute control flow graph (ACFG), and generate graph embedding (graph embedding) representation; [page 4 lines 61-65] shows this method processes the RoBERTa model based on natural language. CN112560049A; [page 5 lines 35-37] shows in order to more accurately extract the vulnerability-related graph structure information, especially the vulnerability structure information of cross-function calls, the function call relationship and the inter-procedure program dependency relationship are introduced into the code attribute graph).
Regarding claim 4, CN112560049A-CN116361788A-Crabtree as applied to claim 1 discloses the GCN model is configured to continuously monitor the code running on the computing device and provide real-time feedback to the user or system administrator about potential vulnerabilities (Crabtree; [Abstract] shows the recommendation engine runs continuously, makes suggestions, and takes adjustably autonomous actions employing a distributed computational graph.)
Regarding claims 6-9, claims 6-9 are directed to a system. The system claims 6-9 require limitations that are similar to those recited in the method claims 1-4 to carry out the method steps. And since the references of CN112560049A-CN116361788A-Crabtree combined teach the method including limitations required to carry out the method steps, therefore claims 6-9 would have also been obvious in view of the structures disclosed in CN112560049A-CN116361788A-Crabtree combined.
Furthermore, CN112560049A-CN116361788A-Crabtree as combined discloses at least one processor of a client computing device; and memory configured to communicate with the at least one processor, wherein the memory stores instructions that, in response to execution by the at least one processor, cause the at least one processor to perform operations (CN116361788A; page 10).
Regarding claims 11-14, claims 11-14 are directed to a computer readable medium. Claims 11-14 require limitations that are similar to those recited in the method claims 1-4 to carry out the method steps. And since the references of CN112560049A-CN116361788A-Crabtree combined teach the method including limitations required to carry out the method steps, therefore claims 11-14 would have also been obvious in view of the structures disclosed in CN112560049A-CN116361788A-Crabtree combined.
Furthermore, CN112560049A-CN116361788A-Crabtree as combined discloses a computer readable medium comprising machine readable instructions executed by a processor of a client computing devices (CN116361788A; page 10).
Claims 5, 10 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over CN111783100A in view of CN116361788A and Crabtree et al. (US20190188390A1), further in view of CN113609488A.
Regarding claims 5, 10 and 15, CN112560049A-CN116361788A-Crabtree as applied to claim 1 fails to teach the GCN model utilizes a self-supervised learning algorithm to train the model on a dataset of code samples and vulnerabilities.
However, CN113609488A discloses the model utilizes a self-supervised learning algorithm to train the model on a dataset of code samples and vulnerabilities ([Abstract] shows self-supervised learning which has better interpretability and vulnerability detection effect.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of CN112560049A-CN116361788A-Crabtree with the teaching of CN113609488A in order to have better interpretability and vulnerability detection effect (CN113609488A; [Abstract]).
Citation of Relevant Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
CN115495755A discloses on page 4 a method for multi-classification detection of source code vulnerabilities based on CodeBERT (Pre-trained models for programming languages and natural languages) and R-GCN (Relational Graph Convolutional Neural Network); [Abstract] shows slicing the PDG (program dependency graph) graph structure containing a source code data stream.
An Unbiased Transformer Source Code Learning with Semantic Vulnerability Graph (by Nafis Tanveer Islam, Gonzalo De La Torre Parra, Dylan Manuel Elias Bou-Harb, Peyman Najafirad1). 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TAN DOAN whose telephone number is (571)270-0162. The examiner can normally be reached Monday - Friday 8am - 5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached at (571) 270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/TAN DOAN/Primary Examiner, Art Unit 2445