SYSTEM AND METHOD FOR CONTROLLING AND SECURING NETWORK CONNECTIVITY USING SWARM INTELLIGENCE

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This action is responsive to communication received on 12/24/2025. Claims 1, 3-8, 10-15 and 17-20. The Examiner recommends filing a written authorization for Internet communication in response to the present action. Doing so permits the USPTO to communicate with Applicant using Internet email to schedule interviews or discuss other aspects of the application. Without a written authorization in place, the USPTO cannot respond to Internet correspondence received from Applicant. The preferred method of providing authorization is by filing form PTO/SB/439, available at: https://www.uspto.gov/patent/forms/forms. See MPEP § 502.03 for other methods of providing written authorization. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1,3-5, 7-8, 10-12,14-15 and 1720 are rejected under 35 U.S.C. 103 as being unpatentable over Stahlberg US 2013/0040603 and further in view of Ikeda US 2006/0171388. Regarding claims 1, 8 and 15, Stahlberg a system, method and non-transitory CRM implementing the method for controlling and securing network connectivity using swarm intelligence, comprising: at least one processing device; at least one memory device; and a module stored in the at least one memory device comprising executable instructions that when executed by the at least one processing device, cause the at least one processing device to: determine initiation of a network connection from a user device of a user with a network device( user device start wireless connection program to detect wireless access points and initiate wireless connection,¶s127,128) [0127] FIG. 4 is a flow diagram illustrating a method or process performed by a client device 106 for detecting whether a wireless access point is a suspect wireless access point in a communication network 102. As described with reference to FIG. 1, the communication network 102 includes wireless access point 110, the client device 106, a plurality of wireless access points 114 and a multiplicity of client devices 112. The steps performed at the client device 106, for detecting a suspect wireless access point in communication network 102, are outlined as follows [0128] C1. Detecting an available wireless access point 110. The client device 106 may detect or connect with the available wireless access point 110 extract one or more identifiers associated with the network device, wherein the one or more identifiers comprise Basic Service Set Identifier (BSSID)(mac address for a wireless access point is known to be the BSSID, ¶87) or media access control address (MAC Address)(¶87), channel the network device is broadcasting on, type of encryption used, and Extended Service Set Identification (ESSID) or Service Set Identifier (SSID)(¶110); [0087] For example, if significant identity information such as public IP and MAC addresses of the received identity information are significantly different when compared with the identity information stored in the record or in the sets of identity information associated with wireless access points, then the reputation system 108 determines that the indication of trust of the wireless access point 110 is unknown, suspect or untrusted. [0110] Pieces or portions of the identity information associated with each wireless access point are considered to be significant if these pieces can be used to substantially identify the wireless access point. For example, the significant identity information may include an identity code of the wireless access point, an address or cell identifier of the wireless access point, a hardware identifier of the wireless access point, and/or an identifier of the wireless access point. Alternatively or in addition to, the significant identity information may include at least one of a wireless access point identity code, a base station identity code, public internet protocol (IP) address of the wireless access point, a Media Access Control (MAC) address of the wireless access point, a service set identifier (SSID) of the wireless access point, a cell identifier of the wireless access point, and/or a base station identifier of the wireless access point. This provides the advantage of rapidly identifying a suspect wireless access point if certain significant portion of the important identity information about an available wireless access point changes. [0128]C1. Detecting an available wireless access point 110. The client device 106 may detect or connect with the available wireless access point 110. determine if the network device and network provided by the network device is secure, via an artificial swarm intelligence engine by (determine if SSID reputation is trusted, i.e. not a rogue access point by querying the reputation system, ¶133-135) determining if a local network provided by another user device associated with another user exists(determine if wireless access point connection is fake or in other words suspect and untrustworthy, ¶s19 20) [0019] As an option, the method includes receiving one or more of the reputation requests over a second communication network different to the communication network including the wireless access points. Preferably, the method includes updating the collected identity information with the received identity information associated with the available wireless access point. [0020] According to a second aspect of the invention there is provided a method for use by a client device in detecting a suspect wireless access point. The method including detecting an available wireless access point providing access services to the client device and transmitting to a reputation system a reputation request including identity information associated with the available wireless access point. From the reputation system, receiving a reputation associated with the available wireless access point, connecting with the available wireless access point or maintaining a connection with the available wireless access point when the indication of trust or reputation indicates the available wireless access point as trusted, and/or disconnecting from the available wireless access point and/or detecting another available wireless access point when the indication of trust or reputation indicates the available wireless access point as suspect. extracting information associated with the network device from the local network(information such as wifi network’s MAC address also known as BSSID and SSID are used as information to evaluate trustworthiness of wifi network, ¶87,110) [0087] For example, if significant identity information such as public IP and MAC addresses of the received identity information are significantly different when compared with the identity information stored in the record or in the sets of identity information associated with wireless access points, then the reputation system 108 determines that the indication of trust of the wireless access point 110 is unknown, suspect or untrusted. [0110] Pieces or portions of the identity information associated with each wireless access point are considered to be significant if these pieces can be used to substantially identify the wireless access point. For example, the significant identity information may include an identity code of the wireless access point, an address or cell identifier of the wireless access point, a hardware identifier of the wireless access point, and/or an identifier of the wireless access point. Alternatively or in addition to, the significant identity information may include at least one of a wireless access point identity code, a base station identity code, public internet protocol (IP) address of the wireless access point, a Media Access Control (MAC) address of the wireless access point, a service set identifier (SSID) of the wireless access point, a cell identifier of the wireless access point, and/or a base station identifier of the wireless access point. This provides the advantage of rapidly identifying a suspect wireless access point if certain significant portion of the important identity information about an available wireless access point changes. communicating with third party entity systems to determine if any misappropriation data exists or the network device and the network provided by the network device based on the information extracted from the local network(client utilizes a second connection to contact a host reputation system that is cloud based, thus it is a third party with respect to the client and the wifi network, ¶101) [0101] The above communication system 100 was described, for simplicity, with respect to a reputation system 108 and a client device 106. It is to be appreciated that the suspect Wi-Fi detection process or methods performed by reputation system 108 could be hosted in a cloud based system or cloud computing arrangement, where the functions of reputation system 108 are distributed within the cloud based system or arrangement. The process of detecting suspect Wi-Fi access points could be shared amongst several or a multiplicity of servers, computer systems, and/or databases of varying size and memory. This ensures that if reputation system 108 suddenly receives multiple reputation requests from the plurality of client devices 112 or simply the suspect wireless access point detection becomes more popular, the cloud based system can automatically direct more individual processors, servers, or databases to work on serving and processing the incoming reputation requests and the necessary outgoing responses. The cloud computing arrangement may include a plurality of servers and databases for receiving reputation requests associated with wireless access points from a multiplicity of client devices, storing and updating the identity information received, determining data representing the reputation of the associated wireless access points, and transmitting responses to each of the multiplicity of client devices over a network. and determining if the network device is associated with misappropriation based on the information extracted from the local network and communicating with the third party entity systems(hosted reputation system used to detect suspect/fake(i.e. misappropriated) local wifi network, ¶102) [0102] FIG. 2 is a flow diagram illustrating a method of detecting a suspect wireless access point in a communication network 102 including wireless access points 110 and 114 for providing access services to client devices 106 and 112. As described with reference to FIG. 1, the communication network 102 includes available wireless access point 110, client device 106, a plurality of wireless access points 112, and a multiplicity of client devices 112. The method for detecting a suspect wireless access point in communication network 102 is outlined by the following steps: [0103] A1. Collecting identity information associated with the wireless access points 106 and 114 from a multiplicity of client devices 112. The reputation system 108 may collect and store the identity information. The identity information can be received and collected from multiple sources, such as being received in reports from the multiplicity of client devices 106 and/or 112 and/or collected from reputation requests from the client devices 106 and/or 112. Proceed to step A2. and perform an action comprising: establishing the network connection based on determining that the network device and the network provided by the network device is secure to connect, via the artificial swarm intelligence engine; or denying the network connection based on determining that the network device and the network provided by the network device is not secure to connect, via the artificial swarm intelligence engine(if reputation of the access point is deemed trusted maintain connection with access point otherwise disconnect from access point, ¶131-138) [0131]C4. The client device 106 checks whether the indication of trust or reputation indicates the available wireless access point 110 is trusted. If it does, then the method proceeds to step C5, otherwise, proceed to step C6. [0132] C5 The client device 106 either: [0133] a) connects with the available wireless access point 110 if it has not already done so; or [0134] b) maintains its connection with the available wireless access point 110 for accessing the communication network 102. The process then proceeds to step C3, where it may receive further information associated with the reputation of the available wireless access point 110 from reputation system 108, due to subsequent identity information received at reputation system 108 that may change the reputation indication of the available wireless access point 110. [0135] C6. As the reputation received from reputation system 108 indicates the available wireless access point 110 is untrusted or suspect, i.e. potentially rogue, the method proceeds to step C7. [0136] C7. The client device 106 performs the following operations: [0137] a) disconnect from the available wireless access point 110; and/or [0138] b) detecting or searching for another available wireless access point for access to the communication network. Stalhberg teaches obtaining network device identifiers but does not teach sending an encrypted request thus Stahlberg does not teach perform encryption of data packets associated with the initiation of the network connection before transmitting the data packets to the network device transmit encrypted data packets associated with the initiation of the network connection to the network device extract one or more identifiers associated with the network device. Ikeda in the same fields of endeavor teaches a system for performing wireless access point connection with a access point in stealth mode. Ikeda teaches perform encryption of data packets associated with the initiation of the network connection before transmitting the data packets to the network device(generate and send probe encrypted probe request message to obtain hidden SSID, ¶s 155, 156) transmit encrypted data packets associated with the initiation of the network connection to the network device(generate and send probe encrypted probe request message to obtain hidden SSID, ¶s 155, 156) [0155] The probe request message M2102 contains an encrypted specific character string (SSID="REGREQ") indicating a registration request, which is preliminarily determined between the wireless terminal 101 and the AP 103. More particularly, the specific character string representing the registration request is coded into a group identifier (SSID) 2215. Then, the group identifier (SSID) 2215 together with the length 2214 thereof is encrypted with a shared key used for the AP 103 and is contained in the probe request message M2102 as an SSID information element 2217. Subsequently, the wireless terminal 1091 transmits the probe request message M2102. Then, a probe response timer is started in step S2303. [0156] When the AP 103 receives the probe request message M2102 in step S2401 (see FIG. 24), the group identifier (SSID) 2215 included in the SSID information element 2217 of this message and the length 2214 are decoded by using a secret key in step S2402. If it is confirmed (YES in step S2403) that the decoded group identifier (SSID) 2215 is a special character string (for example, "REGREQ"), which is stored in the storage area unit 205 and which means a registration request, the process proceeds to step S2407. extract one or more identifiers associated with the network device(probe response from access point AP includes SSID, ¶157) [0157] Then, the value designated by the field of the data length 2214 included in the SSID information element frame 2210 of the SSID information element 2216 is set to be a predetermined value other than "0." Predetermined SSID information (SSID="ABC123") is set in the area of the group identifier information 2215. Further, the AP 103 transmits a probe response message M2103 including the SSID information element 2216 obtained by encrypting the length 2214 and the group identifier (SSID=ABC123) information 2215 with a shared key in a unicast form to the wireless terminal 101 in step S2407. Subsequently, a terminal access table stored in the storage area unit 205 is referred to according to the terminal identification information (the MAC address or the like) of the wireless terminal 101. The number of times of accesses 2802 corresponding to the associated terminal identification information is updated. Information representing "OK" is set in the connection check 2803. It would have been obvious to a person of ordinary skill in the art at the time of the effective filing of the instant application to modify Stahlberg with sending an encrypted request for access point information as taught by Ikeda. The reason for this modification would be to improve security when connecting to a wireless access point that allows an access point to operate in a stealth mode(no SSID broadcast) but still allow discovery of the wireless access point SSID. Regarding claims 3,10 and 17, Stahlberg teaches wherein the executable instructions cause the at least one processing device to determine if the network device is associated with misappropriation based on the information extracted from the local network and the one or more identifiers associated with the network device( detect that behavior from an access point identified by IP address has changed behavior… no longer requiring credit card info and thus user is now communicating with rogue access point that is trying to intercept the user’s data, ¶s70,71) [0070] As an example, a heuristic rule could be set to determine the indication of trust or reputation of a wireless access point to trusted if the wireless access point is used by many users and has a well known internet protocol address (eg the wireless access point has had 1000 users and has an IP associated with a large or well known internet service provider). a wireless access point having a large number of users could be identified when there is a large set of collected identity information associated with the wireless access point. In addition, another heuristic rule could be to set the indication of trust or reputation of a wireless access point to untrusted if the wireless access point is identified to be routed over an end user digital subscriber line regardless of the number of users or size of the set of identity information. [0071] Another example of a heuristic rule could be set to determine the ability to send reputation requests over a wireless access point. If the wireless access point normally does not allow traffic to be routed until after the user of a client device 106 or 112 connecting to a wireless access point 110 or 114 gives their credit card details, but then if the wireless access point 110 or 114 suddenly starts to pass traffic without requiring credit card information, it may be considered to be untrusted or rogue. Regarding claims 4,11 and 18, Stahlberg teaches wherein the executable instructions cause the at least one processing device to determine if the network device and the network provided by the network device is secure, via the artificial swarm intelligence engine, based on communicating with one or more third party entities to determine if any misappropriation data exists for the network device and the network provided by the network device based on the one or more identifiers extracted from the network device(determination of whether a access point utilizes a reputation system on the cloud that is separate (i.e. third party) with respect to access point and user device, ¶s61,101) [0061] The reputation system 108 includes one or more servers 120, each server 120 including a transmitter/receiver unit 122, a processor 124, and a memory unit or memory 126 connected to each other. The transmitter/receiver unit 122 may be configured for communicating with a multiplicity of client devices 106 and 112 over the communication network 102 or the second communication network 104. The memory 126 can be for use in collecting and storing data and applications, and the processor 124 may execute the applications, and among other things, applications or processes for detecting a suspect wireless access points in communication network 102, which includes available wireless access point 110 and client device 106. The one or more servers 120 are in communication with each other. The reputation system 108 may also include or have access to a database 128 for collecting and/or storing identity information. The database 128 may also include maintaining a record of trusted information or sets of identity information associated with wireless access points. The reputation system 108 can also include other processing resources (eg a neural network) or storage media for storing, processing and accessing data or information required by said one or more servers 120, applications, or processors 122. [0101] The above communication system 100 was described, for simplicity, with respect to a reputation system 108 and a client device 106. It is to be appreciated that the suspect Wi-Fi detection process or methods performed by reputation system 108 could be hosted in a cloud based system or cloud computing arrangement, where the functions of reputation system 108 are distributed within the cloud based system or arrangement. The process of detecting suspect Wi-Fi access points could be shared amongst several or a multiplicity of servers, computer systems, and/or databases of varying size and memory. This ensures that if reputation system 108 suddenly receives multiple reputation requests from the plurality of client devices 112 or simply the suspect wireless access point detection becomes more popular, the cloud based system can automatically direct more individual processors, servers, or databases to work on serving and processing the incoming reputation requests and the necessary outgoing responses. The cloud computing arrangement may include a plurality of servers and databases for receiving reputation requests associated with wireless access points from a multiplicity of client devices, storing and updating the identity information received, determining data representing the reputation of the associated wireless access points, and transmitting responses to each of the multiplicity of client devices over a network. Regarding claim 5, 12 and 19, Stahlberg teaches wherein the executable instructions cause the at least one processing device to: in response to determining that the network device and the network provided by the network device is secure to connect, via the artificial swarm intelligence engine, create a local network for the user device; and notify other user devices connecting to the network device, via the local network of the user device, that the network device is secure to connect( method includes transmitting indication of trust/reputations to all client devices associated with access point, ¶18). [0018] Optionally, the method includes receiving a report from one of the client devices indicating the available wireless access point as untrusted or suspect and defining the indication of trust of the available wireless access point to be untrusted or suspect. In addition, maintaining the record of trusted identity information includes removing the portion of the trusted information associated with the identity information of the available wireless access point from the record. The method may optionally include transmitting the indication of trust or reputation of the available wireless access point to the client devices associated with the available wireless access point. Regarding claims 7, 14 and 20, Stahlberg teaches wherein the network is a public network. [0081] As an example, the available wireless access point 110 may be a "Free public WiFi" that is new and resolves to home digital subscriber line (DSL) internet protocol (IP) address of a third generation internet protocol address (3G IP). The wireless access point 110 may initially have a low reputation or is considered untrusted (i.e. it is considered to be suspect such as a potentially rogue wireless access point) until a sufficient quantity of identity information associated with the available wireless access point 110 has been received by the reputation system 108 from the multiplicity of client devices 106 and/or 112. On receipt of more identity information from the client devices 106 and/or 112 associated with the available wireless access point 110, the reputation system 108 may "raise" its indication of trust or reputation from untrusted or suspect (i.e. potentially rogue) to trusted. Claims 6 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Stahlberg/Ikeda as applied to claims 1 and 8 above, and further in view of Rivlin US 2024/0340161. Regarding claim 6 and 13, the combination of Stahlberg/Ikeda teaches encryption of the connection request message but does not teach the specific encryption algorithm and thus does not specifically teach wherein the encryption used for encrypting the data packets is homomorphic encryption. Rivlin in the same field of endeavor as the invention teaches a system for data transmission over a network. Rivilin teaches wherein the encryption used for encrypting the data packets is homomorphic encryption. [0055] In other words, the distributed collaborative privacy preserving technique sharing of data for centralized computation as described above enables distributed individual clients to anonymously connect (represented as a generated random ID per client and/or changing ID per sharing session) to a centralized server. It further enables to upload/share anonymized and encrypted information for shared computation (using homomorphic encryption and the requesting-client's public key). Any participant client may also download the aggregated results computed from all participants data in that session and use it for its own benefit. The centralized authority maintains that network and benefits from those insights as well. This assures the privacy of the clients even if the shared data as any other information on the participants entities can identify them (even if they are not directly disclosed). Further, the technique as describe above may involve a combination of the following security architecture patterns and technologies: Separation, Segregation, Anonymization of entities, moving targets and central computation on encrypted data. It would have been obvious to a person of ordinary skill in the art at the time of the effective filing of the instant application to modify Stahlberg/Ikeda with encryption of data requests using homomorphic encryption. The reason for this modification would be to utilize a known specific encryption scheme that is a well known in the art and that can be implemented in a predictable manner leading to predictable results. Applicant Remarks Applicant amendments have obviated 101 rejection directed to claims reciting an abstract idea with without significantly more. The rejection is withdrawn. Applicant amendments have obviated 112 1st paragraph rejection. Claims recite determination of trust using third party reputation determination. Such a broader interpretation of what is intended by determination of whether a connection is secure rather than determination of whether a connection is secured by encryption shall be used by the examiner. Applicant arguments with respect to obviousness based rejection of claims 1m 8 and 16 have been considered and found unpersuasive. The applicant on page 9 of the remarks alleges that Stahlberg does not teach a BSSID and or mac address as part of the identifiers used to determine if a connection is secure. The examiner contends that Stahlberg teaches a in ¶87,110 a BSSID and mac address . Stahlberg in such ¶s discusses use of a access points identifying information including the mac address in identifying whether the access point is fraudulent. Mac addresses as used in wifi access points is known in the art to be used as the BSSID of an access point. Thus, Stahlberg teaches both a BSSID and mac address , contrary to the applicant’s allegation that Stahlberg is deficient with respect to BSSID. Applicant argues on page 10 of the remarks that Stahlberg does not each a third party system for determining via swarm intelligence engine …. By communication with a third party entity system because the applicant alleges that Stahlberg merely relies on heuristics. The examiner contends that the applicant inappropriately narrows the scope of what Stahlberg teaches ignoring that Stahlberg teaches use of a reputation system host in embodiments on the cloud(¶101). Thus the examiner contends that Stahlberg is not limited to heuristics but teaches use of the third party entity. Prior Art Cited But Not Used In Rejection US-2021/0282014-A1 - IDENTIFYING TRUSTED SERVICE SET IDENTIFIERS FOR WIRELESS NETWORKS Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tom Y. Chang whose telephone number is 571-270-5938. The examiner can normally be reached on Monday-Friday from 9am to 5pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emmanuel Moise, can be reached on (571)272-3865. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form. /TOM Y CHANG/ Primary Examiner, Art Unit 2455