Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
DETAILED ACTION
Remarks
This Final action is in response to communications filed on 03/30/2026 claim(s) 56, 71 and 74 are amended per Applicant's request. Therefore, claims 56-75 are presently pending in the application and have been considered as follows.
Examiner Note
The applicant amendment has overcome the 35 USC 101 rejection to claims 56-75.
Response to Arguments
Applicant’s arguments, see page 7 of Applicant’s response, filed 03/30/2026, with respect to the rejection(s) of claim(s) 56-75 under 103 have been fully considered and are persuasive. In particular, Applicant’s amendments to the claims has overcome the rejection on record. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made over US 20130036231 to Hulten et al. (hereinafter “Hulten .”) in view of US 20160373917 to Khesin et al. (hereinafter “Khesin”) and further in view of NPL “MockDroid: Trading Privacy for Application Functionality on Smartphones” to Beresford et al. (hereinafter “Beresford”).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 56-65 and 67-75 are rejected under 35 U.S.C. 103 as being unpatentable over US 20130036231 to Hulten et al. (hereinafter “Hulten .”) in view of US 20160373917 to Khesin et al. (hereinafter “Khesin”) and further in view of NPL “MockDroid: Trading Privacy for Application Functionality on Smartphones” to Beresford et al. (hereinafter “Beresford”).
Claim 56
Hulten teaches a computer-implemented method, comprising:
upon determining that an application has a non-benign reputation, selectively installing the application based on a user input; [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses determining that an application reputation is malicious or unknown (broadly these are non-benign) and allowing the user to selectively install the application] and
... running the application concurrently with a personalization engine to limit the application to benign behavior. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses that the application can run in a protected environment (e.g. personalization engine)]
While Hulten teaches the computer-implemented method of claim 56 Hulten fails to explicitly teach personalizing the application. More specifically Hulten fails to teach the claimed limitations of however, Khesin teaches:
personalizing the application by running the application concurrently with a personalization engine to limit the application to benign behavior. [e.g. Khesin; Abstract, Claim 3, Para. 0024-0054– Khesin discloses remediating (e.g. personalizing) the non-benign application and that user security and policy settings may be changed at runtime]
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to include, the above features in the invention as disclosed by Hulten in order to allow finer grain control of malicious applications with optimal security and improving the user experience as disclosed in paragraph 0054 of Khesin.
While the combination teaches the computer-implemented method of claim 56 the combination fails to explicitly teach personalizing the application thru API interception and modification of behavior of API calls. More specifically the combination fails to teach the claimed limitations of however, Beresford teaches:
wherein the personalization engine comprises executable software instructions to intercept runtime application programming interface (API) calls from the application and modifying behavior of the API calls according to personalization rules for the application. [e.g. Beresford; Abstract, Sec 1, Sec 2, Sec 3, Sec 3.1– Beresford discloses that Android applications “interact through the Android API”, that Mockdroid “modified the permission check performed at the start of each dangerous API call” and that “if a permission is mocked then the API call provides a plausible but incorrect result to the application” (e.g. intercepting runtime API calls and modifying behavior of the API calls according to mocked permission/personalization rules).]
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to include, the above features in the invention as disclosed by the combination in order to allow users to revoke access to particular resources at runtime and providing users improved fine grained control as disclosed in Sec 1 and Sec 6 of Beresford.
Claim 57:
Hulten teaches the method of claim 56, wherein the non-benign reputation is a grayware reputation. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses determining that an application reputation is malicious. Note Para. 0003 states malware encompasses spyware and adware which are grayware. Examiner takes the position that the malicious reputation includes malware (e.g. viruses, trojan horses) and grayware (e.g. spyware, adware).]
Claim 58:
Hulten teaches the method of claim 56, wherein the non-benign reputation is a malware reputation. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses determining that an application reputation is malicious. Note Para. 0003 states malware encompasses spyware and adware which are grayware. Examiner takes the position that the malicious reputation includes malware (e.g. viruses, trojan horses) and grayware (e.g. spyware, adware).]
Claim 59:
Hulten and Khesin teaches the method of claim 56, further comprising: if the non-benign reputation is malware, providing the application binary to a remediation server; and receiving a healed application binary from the remediation server. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses determining that an application reputation is malicious.] [e.g. Khesin; Abstract, Claim 1 Para. 0018, 0024-0054– Khesin discloses a remediation gateway server that receives malicious applications and provides remediated versions (e.g. healed application binary).]
Claim 60:
Hulten teaches the method of claim 59, further comprising inhibiting installation of the application until after receiving the healed application binary from the remediation server. [e.g. Khesin; Abstract, Claim 9 Para. 0001, 0018, 0024-0054– Khesin discloses a remediation gateway server that receives malicious applications and provides remediated versions (e.g. healed application binary) which is done prior to installation.]
Claim 61:
Hulten teaches the method of claim 56, wherein installing the application based on a user configuration input comprises providing an interactive user interface element requesting confirmation to install the application; and installing the application only if a positive response is received to the interactive user interface element. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses determining that an application reputation is malicious or unknown (e.g. non-benign) and allowing the user to selectively install the application.]
Claim 62:
Hulten teaches the method of claim 61, further comprising providing, along with the interactive user interface element, an actionable, human-readable description of behaviors of the application. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses providing the user with a warning that includes detailed information.]
Claim 63:
Hulten as modified by Khesin teaches the method of claim 56, wherein personalizing the application further comprises receiving input from a user interface element to selectively provide access to system services. [e.g. Khesin; Abstract, Claim 3, Para. 0024-0054– Khesin discloses remediating (e.g. personalizing) the non-benign application and that user security and policy settings may be changed at runtime]
Claim 64:
Hulten as modified by Khesin teaches the method of claim 63, wherein the system services are selected from the group consisting of geographic location, e-mail, short messaging service, telephony, contacts, internet access, camera, touchscreen, microphone, and speakers. [e.g. Khesin; Abstract, Claim 3, Para. 0016, 0022-0054– Khesin discloses the security and privacy settings exercise control over mobile device.]
Claim 65:
Hulten as modified by Khesin teaches the method of claim 56, further comprising providing a remediation engine to personalize the application. [e.g. Khesin; Abstract, Claim 9 Para. 0001, 0018, 0024-0054– Khesin discloses a remediation gateway server that receives malicious applications and provides remediated versions (e.g. healed application binary) which is done prior to installation.]
Claim 67:
Hulten as modified by Khesin teaches the method of method of claim 56, further comprising: creating an application logic model of the application binary; and creating personalization rules for the application binary based on the application logic model. [e.g. Khesin; Abstract, Claim 3, 10 and 20, Para. 0001, 0018, 0024-0054– Khesin discloses conversion of executable code to source code and parsing (e.g. creating an application logic model) and incorporating security and policy settings (e.g. creating personalization rules) based on the parsed code (e.g. application logic model).]
Claim 68:
Hulten and Khesin teaches the method of claim 56, further comprising providing closed-loop analysis with a global threat intelligence service. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses the determination is made with the utilization of a reputation service provider (e.g. global threat intelligence service).] [e.g. Khesin; Abstract, Para. 0018– Khesin discloses using established reputation systems.]
Claim 69:
Hulten as modified by Khesin teaches the method of claim 56, wherein the application binary is an authorized application binary from a software repository. [e.g. Khesin; Abstract, Para. 0018– Khesin discloses trusted application market (e.g. software repository).]
Claim 70:
Hulten and Khesin teaches the method of claim 56, further comprising performing deep static analysis on the application binary and presenting to an end user a report including human-readable results of the deep static analysis, with an actionable list of behavior of the application, wherein personalizing the application is based on an end user response to the report. [e.g. Hulten; Abstract, Para. 0011, 0013, 0021-0037, 0047-0056 – Hulten discloses providing the user with a warning that includes detailed information (e.g. report).] [e.g. Khesin; Abstract, Claim 6, 10 Para. 0001, 0018, 0024-0054– Khesin discloses analyzing converted source code (e.g. deep static analysis). Khesin further discloses the user being able to change (e.g. personalize) the application at runtime.]
Regarding claims 71-75 they are manufacture and device claims essentially corresponding to the above recitations, and they are rejected, at least, for the same reasons.
Claim 66 is rejected under 35 U.S.C. 103 as being unpatentable over US 20130036231 to Hulten et al. (hereinafter “Hulten .”) in view of US 20160373917 to Khesin et al. (hereinafter “Khesin”) and NPL “MockDroid: Trading Privacy for Application Functionality on Smartphones” to Beresford et al. (hereinafter “Beresford”) and further in view of US 20140040979 to Barton et al. (hereinafter “Barton”)
Claim 66:
Hulten as modified by Khesin teaches the method of claim 56, further comprising: ...; detecting malware behavior in the application binary; and healing the application binary by inserting or removing instructions to ameliorate the malware behavior. [e.g. Khesin; Abstract, Claim 6, 10 Para. 0001, 0018, 0024-0054– Khesin discloses converting executable code to source code, detecting malicious behavior and remediating the application by inserting replaceable code and removing malicious code.]
While the combination teaches the computer-implemented method of claim 56 the combination fails to explicitly teach that the application is disassembled explicitly, and only explicitly mentions decompiling. More specifically the combination fails to teach the claimed limitations of however, Barton teaches:
disassembling the application binary; detecting malware behavior in the application binary; and healing the application binary by inserting or removing instructions to ameliorate the malware behavior [e.g. Barton; Abstract, Para. 0127, 0290-0307– Barton discloses disassembling the binary, detecting malicious behavior and inserting or removing code within the binary and recompiling.].
Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to include, the above features in the invention as disclosed by the combination in order to show a simple substitution of the security enforcement mechanism (e.g. disassembling vs decompiling) to obtain the predictable result of proving security and/or removal or malicious behavior of an application.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER C HARRIS whose telephone number is (571)270-7841. The examiner can normally be reached Monday through Friday between 8:00 AM to 4:00 PM CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHRISTOPHER C HARRIS/Primary Examiner, Art Unit 2432