Method for Pre-Detecting Risky Code, Computer Device, and Computer Readable Storage Medium

DETAILED ACTION Response to Amendment Applicant’s amendments to the claims overcome the 112 rejections. Applicant’s amendments to claims 10 and 18-22 overcome the 101 rejection as being directed to nonstatutory subject matter. However, Applicant’s amendments to the claims do not overcome the 101 rejection because the claimed invention remains directed to an abstract idea without significantly more. Applicant’s amendments to the independent claims overcome the 103 rejections. Response to Arguments Applicant's arguments against the 101 rejections to the claims as being directed to an abstract idea without significantly more (see Applicant’s Remarks, pg. 11-12) have been fully considered but they are not persuasive. Applicant argues: The claim has been amended to incorporate the steps recited in claim 4, wherein at least the steps of "obtaining a present number…” and "determining a first number…" cannot be practically performed by the mind of the computer user. Based on the obtained information and corresponding preset rules, the risk level of the code to be detected is obtained and output. That is to say, in the amended claim 1, the technical solution involves real-time receiving of the target user's input of the code to be detected and outputting the risk level of the code to be detected, which requires the use of the corresponding hardware of the computer to perform such steps. This argument is not persuasive. The steps recited in original claim 4, which are now incorporated into claim 1, further define substeps to analyze the target historical login addresses based on the third present rule to obtain the regional score. Each of these substeps, “obtaining a preset number of latest login IP address records …determining a first number of security domain logins… and a second number of nonsecurity domain logins … obtaining the regional score…” recite mental processes that can be performed by a human with the aid of pen and paper. Furthermore, the amendment to claim 1, which recites in the preamble “a computer-implemented method …” is insufficient for two reasons: 1) it is not specified, which if any of the recited limitations are computer-implemented, as the method is not limited to the recited steps-the transitional term “comprising” in the preamble does not exclude additional method steps (see MPEP 2111.03 Transitional Phrases); 2) even assuming all the steps of claim 4 were implemented on a computer, the additional elements of performing the steps of claim 1 using a generic computer neither integrates the abstract idea into a practical application, nor is it significantly more than the abstract idea, because the computer is merely used as a tool to perform the abstract idea. See MPEP 2106.04(a)(2).III.C. A Claim That Requires a Computer May Still Recite a Mental Process. Applicant further argues: Furthermore, the claimed method can achieve the following technical effects: on one hand, the detection and identification of both the target user and the code to be detected. By using the historical evaluation record of the target user as a reference, it enhances the accuracy of risk identification for the code to be detected in advance; on the other hand, risk identification and detection are performed before the execution of the code to be detected, rather than waiting until after the risk has materialized. This approach proactively mitigates potential risks and reduces the possibility of significant losses. This argument is not persuasive. The claims do not recite any limitations that reflect applicant’s purported improvement. See MPEP 2106.04(d)(1) Evaluating Improvements in the Functioning of a Computer. The claim elements that applicant argues demonstrate the improvement in the art do not reflect the improvement as they are limitations that are part of the abstract idea. The steps to generate a code risk level do not perform any additional steps such that the secure code management is enhanced.1 The claim does not recite any additional steps that modifies the behavior or operation of the secure code management so that it protects a computer from executing risky code, e.g., quarantining or blocking the code that is residing on the computer. Applicant further argues: Furthermore, as discussed below, amended claim 1 is an inventive step over the cited art. It is believed that claim 1 recites more than merely an abstract idea, but instead recites a judicial exception that is integrated into the practical application of protecting a computer from executing a risky code. Applicant’s argument is not persuasive. Although the courts often evaluate considerations such as the conventionality of an additional element in the eligibility analysis, the search for an inventive concept should not be confused with a novelty or non-obviousness determination. See MPEP 2106.05. Eligibility Step 2B: Whether a Claim Amounts to Significantly More. As explained previously, the claims do not reflect applicant’s purported improvement (“protecting a computer from executing a risky code”) because the claim only outputs a risk value; there is no additional limitation that realizes said protection to a computer. For these reasons, the claims remain rejected under 101. Applicant's arguments against the 103 rejections have been fully considered and are persuasive. In particular, applicant’s arguments that Chen ‘771 does not teach the new limitations of the independent claims are persuasive. See Applicant’s Remarks, pages 16-17. The 103 rejections are withdrawn. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-3, 5-7, 9-10, 12-13, 15-19 and 21-22 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claim 1 recites: A computer-implemented method for pre-detecting a risky code, performed by an apparatus for pre-detecting the risky code in a computer, comprising: receiving a code to be detected input by a target user, and obtaining a target historical evaluation record of the target user, a target historical login time and target historical login addresses for login to the apparatus for pre-detecting the risky code; analyzing the target historical evaluation record based on a first preset rule to obtain a target trustworthiness score, analyzing the target historical login time based on a second preset rule to obtain a time consistency score, analyzing the target historical login addresses based on a third preset rule to obtain a regional score, analyzing keyword information of the code to be detected based on a fourth preset rule to obtain a keyword score; and analyzing the target trustworthiness score, the time consistency score, the regional score, and the keyword score to obtain a risk level of the code to be detected, and outputting the risk level; wherein analyzing the target historical login addresses based on the third preset rule to obtain the regional score comprises: obtaining a preset number of latest login internet protocol (IP) address records of the target user from the target historical login addresses; determining a first number of security domain logins in a preset security domain and a second number of non-security domain logins in a preset non-security domain from the preset number of latest login IP address records; wherein a correspondence between first numbers and second preset scores and a correspondence between second numbers and third preset scores are preset; obtaining the regional score according to a target second preset score corresponding to the first number of security domain logins and a target third preset score corresponding to the second number of non-security domain logins. The limitations “analyzing the target historical evaluation record …analyzing the target historical login time …analyzing the target historical login addresses … analyzing keyword information … analyzing … to obtain a risk level of the code to be detected … obtaining … determining … obtaining…,” as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of a generic computer component. That is, other than reciting “A computer implemented method … performed by an apparatus,” nothing in the claim elements preclude the step from practically being performed in the mind. For example, but for the “performed by an apparatus” language, “analyzing” in the context of this claim encompasses the user manually generating scores based on the obtained information and preset rules. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application. In particular, the additional steps of “receiving a code to be detected input by a target user, and obtaining a target historical evaluation record of the target user, a target historical login time and a target historical login addresses for login to the apparatus for pre-detecting the risky code … outputting the risk level” are merely insignificant extra-solution activities of gathering the code and information to perform the analysis, and outputting a result. Moreover, the use of a computer and/or an apparatus to perform the obtaining, the analysis, and the outputting steps amounts to no more than mere instructions to apply the exception using a generic computer component. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of “receiving a code to be detected input by a target user, and obtaining a target historical evaluation record of the target user, a target historical login time and a target historical login address for login to the apparatus for pre-detecting the risky code … outputting the risk level” is merely insignificant extra-solution activity, which is a well-understood, routine, conventional activity previously known to the industry. See MPEP 2106.05(d).II.i (“Receiving or transmitting data over a network, e.g., using the Internet to gather data,” OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015)). Moreover, the additional element of using a generic computer and/an apparatus to perform the obtaining, analyzing and outputting steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible. Claims 2-3 and 5-6 merely define additional steps to obtain information and additional limitations to perform the analyses recited in claim 1. Hence, these claims only recite insignificant pre-solution activity of data gathering and further elements of the mental step recited in claim 1. The reasons set forth for claim 1 are applicable to claims 2-3 and 5-6, and these claims are ineligible. Claim 7 recites a step of storing the code in a high risk code library and flag the code to be detected as read-only. However, neither the claim nor applicant’s specification 1) disclose the purpose of the high risk code library except to store the code if the code is detected to being a high risk, and 2) disclose the purpose of marking the code as “non-modifiable.” Hence, claim 7 merely recites insignificant post-solution activity to store data, which is a well-understood, routine, and conventional activity previously known to the industry. See MPEP 2106.05(d).II.iv. (Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93). Claim 7 is not patent eligible. Claims 9-10, 12-13, 15-19 and 21-22 are device and computer readable medium claims that recite a generic computing device and computer executable instructions for performing the method of claims 1-3 and 5-7. The recitation of a generic computing device and executable instructions to perform an otherwise ineligible abstract idea is insufficient to limit the claim to patent eligible subject matter. Therefore, claims 9-10, 12-13, 15-19 and 21-22 are not patent eligible. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUNG W KIM whose telephone number is (571)272-3804. The examiner can normally be reached Monday-Friday, 10 a.m. - 6 p.m.. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy Cohen Johnson can be reached at 571-272-2238. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494 1 See USPTO July 2024 Subject Matter Eligibility Examples, example 47, https://www.uspto.gov/sites/default/files/documents/2024-AI-SMEUpdateExamples47-49.pdf; compare claim 2 vs claim 3.