Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 10-13 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim limitation “a model health analysis component configured to” invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure is devoid of any structure that performs the function in the claim. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph;
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Claim limitation “a model refinement component” invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure is devoid of any structure that performs the function in the claim. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph;
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1, 3, 4, 7, 8, 10, 1, 13, 14- 17, 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Poliakov (US 20200082097 A1).
Regarding claim 1, Poliakov teaches a non-transitory storage medium including software configured, when executed by one or more processors, to adjust content within an Artificial Intelligence (AI) model or create a new AI model, the software comprising:
a model health analysis component configured, when executed by the one or more processors, to analyze content associated with a model breach alert, the model breach alert corresponds to a determination in which a set of conditions has been met to denote that an event or a series of events violates a threshold associated with the AI model (Para [0039]. Para [0043]. [0183]: the protection engine 103 identifies parameters of an AI application 109 running on a computing device 110, upon a trigger event (e.g., a new AI application becoming available or a new security concern 113 being identified by the vulnerability database 112). At block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.); and
a model refinement component configured, when executed by one or more processors, to receive analytic results from the model health analysis component and at least one of i) determine adjustments to the threshold associated with the AI model (Para [0132]. Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.) or ii) generate a new AI model in substitution of the AI model in order to avoid an over-breaching condition or improve cyber threat detection.
Regarding claim 3, Poliakov teaches the non-transitory storage medium of claim 2, wherein the model health analysis component is further configured to access a misconfiguration data store including contextual information associated with a plurality of potential misconfigurations of the AI model and determine whether one of the plurality of potential misconfigurations appears to have occurred based on the set of conditions met to cause the model breach alert (Para [0043]-[0046]: The defense database 114 represents one or more databases that provide solutions, sometimes referred to herein as defenses 115, to different AI security vulnerabilities. Stated differently, the defense database 114 is a source of different solutions that may be applied to one or more AI application security attacks. To that end, the protection engine 103 identifies parameters of an AI application 109 running on a computing device 110, at predetermined intervals or upon a trigger event (e.g., a new AI application becoming available or a new security concern 113 being identified by the vulnerability database 112). In one embodiment, there is a rules database 118 that is operative to provide the goal (e.g., purpose) of an AI application to the protection engine 103 by way of a data packet 119 sent over the network 106.).
Regarding claim 4, Poliakov teaches the non-transitory storage medium of claim 1, wherein the model refinement component is configured to determine the adjustments to the threshold associated with the AI model including at least one or more exceptions to increase a model breath threshold associated with at least one type of model breach alert to address the over-breaching condition corresponding to a condition where a number or a frequency of detections of model breach alerts corresponding to the model breach alert is greater than a prescribed number or a prescribed frequency that causes an administrator to ignore a notification of the model breach alert (Para [0179]: the protection engine 200 suggests metrics for the remaining 45 combinations of defense that are left (that were not previously selected). Finally, the protection engine 200 chooses the combination of defenses and dataset and having the best metric and this combination will be the universal defense suitable for our AI application. Then we check it and see if this potential metric value equals to the metric value calculated by manual tests of this combination of attacks and defenses. For example, the assessment module 220 is run and attacks are executed on the AI solution with the selected defenses and dataset. If the results are within a predetermined threshold tolerance, the protection engine 103 concludes that the AI model for the subject AI application to be the appropriate one. Upon determining that the metric is not within a predetermined threshold tolerance, the protection engine 200 select additional (e.g., three) combinations from the dataset and runs the model once again. This process continues iteratively until a determination is made that the metric is within a predetermined threshold tolerance of an expected result.).
Regarding claim 7, Poliakov teaches the non-transitory storage medium of claim 1 further comprising:
a model logic evaluator configured to determine information associated with one or more devices or one or more events relevant to each AI model for use in determining whether the set of conditions associated with the AI model have been met (Para [00181]-[0183]: At block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.).
Regarding claim 8, Poliakov teaches the non-transitory storage medium of claim 7, further comprising a data store to retain content associated with a plurality of model breach alerts detected by a cyber threat detection engine deployed as part of a cybersecurity appliance, wherein the data store is accessible by the model health analysis component (Para [0043]-[0046]: The defense database 114 represents one or more databases that provide solutions, sometimes referred to herein as defenses 115, to different AI security vulnerabilities. Stated differently, the defense database 114 is a source of different solutions that may be applied to one or more AI application security attacks. To that end, the protection engine 103 identifies parameters of an AI application 109 running on a computing device 110, at predetermined intervals or upon a trigger event (e.g., a new AI application becoming available or a new security concern 113 being identified by the vulnerability database 112). In one embodiment, there is a rules database 118 that is operative to provide the goal (e.g., purpose) of an AI application to the protection engine 103 by way of a data packet 119 sent over the network 106.).
As per claims 10, 13, the claims claim a cybersecurity system essentially corresponding to the non-transitory storage medium claims 1, 4 above, and they are rejected, at least for the same reasons.
Regarding claim 11, Poliakov teaches the cybersecurity system of claim 10, wherein the model health analysis component comprises (i) an alert model breach parser adapted to extract information from the content of the model breach alert to determine how or why the set of conditions associated with the AI model were met (Para [0043]-[0046]. Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.) and (ii) a model logic parser adapted to conduct analytics on the content of the model breach alert to determine an intended operability of the AI model (Para [0043]-[0046]. Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.).
Regarding claim 14, Poliakov teaches a method for adjusting content within an Artificial Intelligence (AI) model or creating a new AI model based on analysis of a model breach alert, the method comprising:
analyzing content associated with a model breach alert by a model health analysis component utilizing one or more large language models to produce analytic results, the model breach alert corresponds to a determination in which a set of conditions has been met to denote that an event or a series of events violates a threshold associated with the AI model (Para [0043]-[0046]: The defense database 114 represents one or more databases that provide solutions, sometimes referred to herein as defenses 115, to different AI security vulnerabilities. Stated differently, the defense database 114 is a source of different solutions that may be applied to one or more AI application security attacks. To that end, the protection engine 103 identifies parameters of an AI application 109 running on a computing device 110, at predetermined intervals or upon a trigger event (e.g., a new AI application becoming available or a new security concern 113 being identified by the vulnerability database 112). In one embodiment, there is a rules database 118 that is operative to provide the goal (e.g., purpose) of an AI application to the protection engine 103 by way of a data packet 119 sent over the network 106.);
receiving the analytic results by a model refinement component (Para [0043]-[0046]. Para [0179]: the protection engine 200 suggests metrics for the remaining 45 combinations of defense that are left (that were not previously selected). Finally, the protection engine 200 chooses the combination of defenses and dataset and having the best metric and this combination will be the universal defense suitable for our AI application. Then we check it and see if this potential metric value equals to the metric value calculated by manual tests of this combination of attacks and defenses. For example, the assessment module 220 is run and attacks are executed on the AI solution with the selected defenses and dataset. If the results are within a predetermined threshold tolerance, the protection engine 103 concludes that the AI model for the subject AI application to be the appropriate one. Upon determining that the metric is not within a predetermined threshold tolerance, the protection engine 200 select additional (e.g., three) combinations from the dataset and runs the model once again. This process continues iteratively until a determination is made that the metric is within a predetermined threshold tolerance of an expected result.); and
determining adjustments to the threshold associated with the AI model or generating a new AI model in substitution of the AI model in response to over-breaching condition associated with the AI model (Para [0132]. Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.).
As per claims 15, the claims claim method essentially corresponding to the cybersecurity system claims 11 above, and they are rejected, at least for the same reasons.
As per claims 16, 17, the claims claim method essentially corresponding to the non-transitory storage medium claims 3, 4 above, and they are rejected, at least for the same reasons.
Regarding claim 20, Poliakov teaches the method of claim 14, wherein prior to analyzing content associated with the model breach alert, the method further comprising:
determining information from one or more classifiers for use in determining whether the set of conditions associated with the AI model have been met (Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.)
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 2, 12 are rejected under 35 U.S.C. 103 as being unpatentable over in
view of Poliakov (US 20200082097 A1) in view Thirumalachar (US 20240143776 A1).
Regarding claim 2, Poliakov teaches the non-transitory storage medium of claim 1, wherein the model health analysis component includes (i) an alert model breach parser adapted to extract information from the content of the model breach alert to understand how or why the set of conditions associated with the AI model were met (Para [0043]-[0046]. Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.), and (iii) a model logic parser adapted to conduct analytics on the content of the model breach alert to understand an intended operability of the AI model (Para [0043]-[0046]. Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.).
Poliakov does not explicitly disclose (ii) an Application Programming Interface (API) interaction module adapted to query logic within a cybersecurity system including the non-transitory storage medium for additional information associated with the model breach alert.
Thirumalachar does disclose (ii) an Application Programming Interface (API) interaction module adapted to query logic within a cybersecurity system including the non-transitory storage medium for additional information associated with the model breach alert (Claim 8. Para [0044]: vulnerability insight module 118 may generate the alert notification including the vulnerability information and present the alert notification including the vulnerability information on a graphical user interface.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov with the teachings of Thirumalachar to include (ii) an Application Programming Interface (API) interaction module adapted to query logic within a cybersecurity system including the non-transitory storage medium for additional information associated with the model breach alert in order to present the alert notification on a graphical user interface so that the user is aware of the impacted applications and initiates appropriate actions (Thirumalachar Para [0060]).
Regarding claim 12, Poliakov teaches the cybersecurity system of claim 11.
Poliakov does not explicitly disclose wherein the model health analysis component further comprises (iii) an Application Programming Interface (API) interaction module adapted to query logic for additional information associated with the model breach alert.
Thirumalachar does disclose wherein the model health analysis component further comprises (iii) an Application Programming Interface (API) interaction module adapted to query logic for additional information associated with the model breach alert (Claim 8. Para [0044]: vulnerability insight module 118 may generate the alert notification including the vulnerability information and present the alert notification including the vulnerability information on a graphical user interface.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov with the teachings of Thirumalachar to include wherein the model health analysis component further comprises (iii) an Application Programming Interface (API) interaction module adapted to query logic for additional information associated with the model breach alert in order to present the alert notification including the vulnerability information on a graphical user interface so that the user is aware of the impacted critical applications and initiates appropriate actions (Thirumalachar Para [0060]).
Claims 5, 6, 9, 18, 19 are rejected under 35 U.S.C. 103 as being unpatentable over in view of Poliakov (US 20200082097 A1) in view of YE (CN 114443556 A) in view of XU (US 20240073722 A1).
Regarding claim 5, Poliakov teaches the non-transitory storage medium of claim 1.
Poliakov does not disclose wherein the model refinement component is configured to (i) initiate a first message to an administrator identifying at least the adjustments recommended by the model refinement component and (ii) await an acknowledgement message to the first message signifying to proceed.
YE does disclose wherein the model refinement component is configured to (i) initiate a first message to an administrator identifying at least the adjustments recommended by the model refinement component (Para [0025]: such as transmitting model training control messages from the user or model training feedback messages from the AI/ML training host between the user and the human-computer terminal, and then these messages can be routed between the AI/ML training host and the human-computer terminal.) and (ii) await an acknowledgement message to the first message signifying to proceed (Para [0025]: such as transmitting model training control messages from the user or model training feedback messages from the AI/ML training host between the user and the human-computer terminal, and then these messages can be routed between the AI/ML training host and the human-computer terminal.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov with the teachings of YE to include wherein the model refinement component is configured to (i) initiate a first message to an administrator identifying at least the adjustments recommended by the model refinement component and (ii) await an acknowledgement message to the first message signifying to proceed in order to allow the AI/ML developer to interact with the AI/ML training host and perform super-parameter fine adjustment, so as to provide better performance (YE [0020]).
Poliakov in view of YE does not explicitly disclose with applying the adjustments to the threshold associated with the AI model.
XU does disclose with applying the adjustments to the threshold associated with the AI model (Para [0345]-[0350]).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of YE with the teachings of XU to include with applying the adjustments to the threshold associated with the AI model in order to adjust a behavior of an application layer of the AI according to the warning information (XU Para [0344]).
Regarding claim 6, Poliakov in view of YE in view of XU teaches the non-transitory storage medium of claim 5, wherein the model refinement component is further configured to (i) initiate a second message to an administrator in lieu of the first message (YE Para [0025]: such as transmitting model training control messages from the user or model training feedback messages from the AI/ML training host between the user and the human-computer terminal, and then these messages can be routed between the AI/ML training host and the human-computer terminal.), the second message identifying the new AI model to be substituted for the AI model and (ii) await an acknowledgement message to the second message from the administrator signifying to proceed with substitution of the new AI model for the AI model (YE Para [0025]: such as transmitting model training control messages from the user or model training feedback messages from the AI/ML training host between the user and the human-computer terminal, and then these messages can be routed between the AI/ML training host and the human-computer terminal. Poliakov Para [0185]-[0186]: the enhanced AI model is used to protect the AI application. Upon determining that a new attack and/or defense is available, the method updated to include the new attack and/or defense. The new attacks and/or defenses thereof, including example code of each, can be harvested from various sources, such as the databases discussed herein and other public sources. In this way, an infrastructure of continuously improved and computationally efficient protection of the AI application is provided.).
Regarding claim 9, Poliakov teaches the non-transitory storage medium of claim 8.
Poliakov does not explicitly disclose wherein the cyber threat detection engine is further configured to send at least a portion of the content associated with the model breach alert to a graphic user interface (GUI) accessible by an administrator.
YE does disclose wherein the cyber threat detection engine is further configured to send at least a portion of the content associated with the model breach alert to a graphic user interface (GUI) accessible by an administrator (Para [0025]: such as transmitting model training control messages from the user or model training feedback messages from the AI/ML training host between the user and the human-computer terminal, and then these messages can be routed between the AI/ML training host and the human-computer terminal.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov with the teachings of YE to include wherein the cyber threat detection engine is further configured to send at least a portion of the content associated with the model breach alert to a graphic user interface (GUI) accessible by an administrator in order to allow the AI/ML developer to interact with the AI/ML training host and perform super-parameter fine adjustment, so as to provide better performance (YE [0020]).
As per claims 18, 19, the claims claim method essentially corresponding to the non-transitory storage medium claims 5, 6 above, and they are rejected, at least for the same reasons.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUDY BAZNA whose telephone number is (703)756-1258. The examiner can normally be reached Monday - Friday 08:30 AM-05:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JUDY BAZNA/Examiner, Art Unit 2495
/JASON K GEE/Primary Examiner, Art Unit 2495