SYSTEMS AND METHODS FOR INCREASING SECURITY OF CONNECTED VEHICLES

§102 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Claims 1-6, 8-10, 12-15, 17-23 are pending in Instant Application. Priority Examiner acknowledges Applicant’s claim to priority benefits of IN202141058168 filed 12/14/2021. Information Disclosure Statement The information disclosure statement(s) (IDS) submitted on 06/14/2024 is/are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) is/are being considered if signed and initialed by the Examiner. Response to Arguments Applicant's arguments filed in the amendment filed 01/02/2026 have been fully considered but they are not persuasive. The reasons are set forth below. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-2, 4-6,8-10, 12, 15, 17-21, 23 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by SRIVASTAV et al., “hereinafter SRIVASTAV” (U.S. patent Application: 20220103578). As per Claim 1, SRIVASTAV discloses a method for an edge node of a wireless network (SRIVASTAV, Para.48, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments), comprising: routing traffic of the wireless network to a vehicle connected to the wireless network through the edge node (SRIVASTAV, Para.06, a method of monitoring network traffic of a connected vehicle is disclosed. The method may include: receiving network traffic information from a vehicle gateway, the network traffic information including malicious and/or benign information, Para.48, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments (e.g., mobile devices that may be used in different locations), Para.42, The components, devices, and modules of the system 300 may include physical circuitry and processors that may be interconnected via wired connections, wireless connections, or a combination of wired and wireless connections.), wherein data transmitted from the wireless network to the vehicle goes through the edge node prior to reaching the vehicle and data transmitted from the vehicle to the wireless network goes through the edge node prior to reaching the wireless network (SRIVASTAV, Para.26, The network data may be transferred to and from ground systems 114 via the network 113. In one embodiment of the connected environment 100, the ground systems 114 include, an intrusion detection system 115, an intrusion prevention system 119, and a user system 117, Para.48, the intrusion detection system 115 may use peer to peer communication and distributed validation mechanism (e.g., blockchain) to ensure security intelligence consolidated across multiple devices. Further, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments (e.g., mobile devices that may be used in different locations). Thus, the learning model may solve security challenges for mobile devices that may have different security challenges compared to stationary devices (e.g., home or office devices and systems).); examining the traffic for potentially malicious content at the edge node as the traffic is routed through the edge node (SRIVASTAV, Para.38, the prediction model 206 finds or identifies anomaly patterns or behaviors in the network based on the packet routing details and prevents forwarding potentially hazardous incoming packets to the connected aircraft network 102, Para.20, the anomaly prediction model may be deployed in various end-user systems or devices to detect and prevent potential cyberattacks in real-time. The intrusion detection system utilizing the cloud-based anomaly prediction model may provide alerts and/or reports when anomalies are detected in the real-time or stored network traffic data.); transmitting data packets of the traffic without potentially malicious content to the vehicle (SRIVASTAV, Para.45, If the anomaly prediction model does not detect an anomaly in step 509, the end-user system 504 may accept the incoming packets for further processing and routing to appropriate destinations. Further, the end-user system 504 may continue to run the anomaly prediction model in real-time to continuously monitor the incoming packet, Para.40, The anomaly detection system 300 may also include a filtering module 305. The filtering module 305 may filter the network traffic data 303 and transmit the filtered network traffic data 303 to an automatic feature extraction module 307, Para.46, the intrusion detection system 115 may receive network traffic information from a vehicle gateway. The network traffic information may include malicious and/or benign information.); and not transmitting data packets of the traffic with potentially malicious content to the vehicle (SRIVASTAV, Para.40, The filtering module 305 may filter the network traffic data 303 and transmit the filtered network traffic data 303 to an automatic feature extraction module 307. The automatic feature extraction module 307 may extract certain features in the filtered network traffic data 303 to facilitate building an anomaly prediction model 310 in an anomaly detection module 309.). As per Claim 2, SRIVASTAV discloses the method of claim 1, further comprising: routing traffic of the wireless network from the vehicle to a destination over the Internet through the edge node (SRIVASTAV, Para.45, If the anomaly prediction model does not detect an anomaly in step 509, the end-user system 504 may accept the incoming packets for further processing and routing to appropriate destinations.); examining the traffic for potentially malicious content at the edge node (SRIVASTAV, Para.07, a computer system for monitoring network traffic of a connected vehicle is disclosed. The computer system may include: a memory storing instructions; and one or more processors configured to execute the instructions to perform operations. The operations may include: receiving network traffic information from a vehicle gateway, the network traffic information including malicious and/or benign information;); transmitting data packets of the traffic without potentially malicious content to the destination (SRIVASTAV, Para.45, If the anomaly prediction model does not detect an anomaly in step 509, the end-user system 504 may accept the incoming packets for further processing and routing to appropriate destinations. Further, the end-user system 504 may continue to run the anomaly prediction model in real-time to continuously monitor the incoming packets.); and not transmitting data packets of the traffic with potentially malicious content to the destination (SRIVASTAV, Para.45, to monitor the received incoming packets. In step 509, if the anomaly prediction model detects an anomaly in the received incoming packets, the end-user system 504 may generate an alert message or automatically block the incoming packets in step 511.). As per Claim 4, SRIVASTAV discloses the method of claim 2, further comprising: in response to detecting potentially malicious content in the traffic, performing at least one of: updating a log with information of the potentially malicious content; and sending a notification of the potentially malicious content to an original equipment manufacturer (OEM) of a component of the vehicle (SRIVASTAV, Para.21, storing the network traffic information on a data server and periodically updating the network traffic information stored on the data server; pre-processing the network traffic information stored on the data server, the pre-processing the network traffic information including filtering and normalizing the network traffic information; Para.20, methods for monitoring network traffic of connected vehicles using a cloud-based learning model. According to certain aspects of the present disclosure, an intrusion detection system may build or generate an anomaly prediction model from the network traffic data received from a connected vehicle. The anomaly prediction model may be built and continuously updated using a cloud-based artificial intelligence (AI) (e.g., machine learning) based on real-time and/or stored network traffic data.). As per Claim 5, SRIVASTAV discloses the method of claim 2, wherein examining the traffic for potentially malicious content further comprises receiving, from the vehicle, a security posture of the vehicle (SRIVASTAV, Para.21, providing the intelligent, connected vehicle network traffic monitoring capabilities utilizing cloud-based anomaly prediction model in accordance with the present disclosure will result in improvements in connected vehicle cybersecurity technology in various aspects, Para.28, the one or more communication gateways 109 may use firewall mechanisms, for example, Security Proxy and Security Manager Modules, to prevent incoming network data packets with potentially threatening characteristics by negotiating and establishing secure communication between the ground networks and the passenger devices 103, the cabin devices 105, and the crew devices 107. In one embodiment, separate gateways (e.g., ATN/IPS routers) may be provided to the cabin and cockpit operations systems on the aircraft 101 to reduce potential cyberattacks to the cabin and cockpit operations systems. ). As per Claim 6, SRIVASTAV discloses the method of claim 5, wherein examining the traffic for potentially malicious content further comprises using a rule-based filtering/access control algorithm to perform at least one of: blocking data packets of the traffic; redirecting data packets of the traffic; and filtering data packets of the traffic (SRIVASTAV, Para.06, detecting an anomaly event in incoming network data; and in accordance with detecting the anomaly event in the real-time network data, generating a notification and/or blocking one or more packets associated with the incoming network data, Para.40, The anomaly detection system 300 may also include a filtering module 305. The filtering module 305 may filter the network traffic data 303 and transmit the filtered network traffic data 303 to an automatic feature extraction module 307). As per Claim 8, SRIVASTAV discloses the method of claim 6, wherein one or more rules retrieved from a of the rules database hosted at the edge node by the rule based filtering/access control algorithm are added or updated based on inputs from at least one of: the security posture of the vehicle; a malware signature database; a common vulnerability and exposures (CVE) database; an output of an artificial intelligence (AI) or machine learning (ML) anomaly detection algorithm (SRIVASTAV, Para.28, the intrusion prevention system 119 includes a firewall mechanism, for example, a signature-based prevention mechanism that searches for a known network data identity or pattern stored in a signature database at a host or end-user system level, Para.06, , the learning model being generated by an artificial intelligence learning; updating the learning model based on additional network traffic information, the additional network traffic information including real-time network data; in accordance with the updated learning model, detecting an anomaly event in incoming network data; and in accordance with detecting the anomaly event in the real-time network data, generating a notification and/or blocking one or more packets associated with the incoming network data, Para.39, an end-user (e.g., cyber security agent or teams) monitoring the monitor interface 209 updates the newly identified unknown patterns to a rule-based prevention system (e.g., the intrusion prevention system 119).). As per Claim 9, SRIVASTAV discloses the method of claim 2, wherein examining the traffic for potentially malicious content at the edge node relies on functions of network security components of the edge node, the network security components including at least: a firewall; a secure domain name system (DNS); a secure web gateway; and an access broker (SRIVASTAV, Para.06, receiving network traffic information from a vehicle gateway, the network traffic information including malicious and/or benign information, Para.28, the intrusion prevention system 119 includes a firewall mechanism, for example, a signature-based prevention mechanism that searches for a known network data identity or pattern stored in a signature database at a host or end-user system level.). As per Claim 10, SRIVASTAV discloses the method of claim 1, wherein: in a first condition, where potentially malicious content is detected in a plurality of data packets of the traffic at the edge node, the plurality of data packets are not transmitted to the vehicle (SRIVASTAV, Para.06, detecting an anomaly event in incoming network data; and in accordance with detecting the anomaly event in the real-time network data, generating a notification and/or blocking one or more packets associated with the incoming network data, Para.38, the anomaly detection module 207 is configured to retrieve or receive the prediction model 206 from the model generator 205. Further, the anomaly detection module 207 may be configured to detect anomaly or unknown patterns in the network traffic data 111 by utilizing the prediction model 206. …the prediction model 206 finds or identifies anomaly patterns or behaviors in the network based on the packet routing details and prevents forwarding potentially hazardous incoming packets to the connected aircraft network 102.); and in a second condition, where no malicious content is detected in the plurality of data packets of the traffic at the edge node, the plurality of data packets are transmitted to the vehicle (SRIVASTAV, Para.45, If the anomaly prediction model does not detect an anomaly in step 509, the end-user system 504 may accept the incoming packets for further processing and routing to appropriate destinations. Further, the end-user system 504 may continue to run the anomaly prediction model in real-time to continuously monitor the incoming packets.). As per Claim 12, SRIVASTAV discloses a method for a vehicle connected to a wireless network, comprising: connecting to an edge node of the wireless network (SRIVASTAV, Para.33, The components, devices, and modules of the intrusion detection system 200 may include physical circuitry and processors that may be interconnected via wired connections, wireless connections, or a combination of wired and wireless connections, Para.48, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments (e.g., mobile devices that may be used in different locations)); changing a network configuration of the vehicle to route network traffic to and/or from the vehicle through the edge node (SRIVASTAV, Para.28, separate gateways (e.g., ATN/IPS routers) may be provided to the cabin and cockpit operations systems on the aircraft 101 to reduce potential cyberattacks to the cabin and cockpit operations systems. In one embodiment, the one or more communication gateways 109 is an intermediate communication gateway arranged between the onboard systems of the connected aircraft 101 and the ground systems 114, for example, the intrusion detection system 115, the intrusion prevention system 119, and the user system 117 (e.g., smartphones, personal computers, tablets, servers, etc.).), wherein all network traffic outgoing from the vehicle to the wireless network passes through the edge node before reaching the wireless network and all network traffic incoming to the vehicle from the wireless network passes through the edge node before reaching the vehicle; sending a security posture of the vehicle to a threat detection service of the edge node (SRIVASTAV, Para.38, the prediction model 206 may also find or identify threats in encrypted traffic, without the need for decryption, using network analytics and machine learning on packet metadata information. In one embodiment, the prediction model 206 may detect or identify threats in application level data by utilizing the prediction model 206 trained using deep learning techniques on text, audio, image, and video data. For example, when a message in an air traffic controller is corrupted or misused, the prediction model 206 may utilize natural language processing to validate or discard the data packets or initiate a request to resend the data packets.); and receiving filtered network traffic from the edge node, the filtered network traffic filtered based on the security posture (SRIVASTAV, Para.40, The anomaly detection system 300 may also include a filtering module 305. The filtering module 305 may filter the network traffic data 303 and transmit the filtered network traffic data 303 to an automatic feature extraction module 307. The automatic feature extraction module 307 may extract certain features in the filtered network traffic data 303 to facilitate building an anomaly prediction model 310 in an anomaly detection module 309. The anomaly detection module 309 may include a learning-based prediction model 310, Para.43, the filter module 305 may filter the incoming network data received from the network traffic capturing module 301.). As per Claim 15, SRIVASTAV discloses the method of claim 12, wherein sending the security posture of the vehicle to the threat detection service further comprises sending an updated security posture of the vehicle to the threat detection service at periodic intervals (SRIVASTAV, Para.38, threat detection and monitoring is based on packet routing details. That is, the prediction model 206 finds or identifies anomaly patterns or behaviors in the network based on the packet routing details and prevents forwarding potentially hazardous incoming packets to the connected aircraft network 102, Para.34, the prediction model 206 may be updated using the network traffic data 111 received in the data servers 203 in real-time. In one embodiment, the prediction model 206 is re-trained (i.e., updated) at periodic intervals or continuously in real-time based on the newly stored network traffic data 111). As per Claim 17, SRIVASTAV discloses a system, comprising: an edge node of a cellular network, the cellular network including a plurality of connected vehicles, the edge node including one or more processors having executable instructions stored in a non-transitory memory that, when executed, cause the one or more processors to (SRIVASTAV, Para.49, The one or more processors may be configured to perform such processes by having access to instructions (e.g., software or computer-readable code) that, when executed by the one or more processors, cause the one or more processors to perform the processes. The instructions may be stored in a memory of the computer system. A processor may be a central processing unit (CPU), a graphics processing unit (GPU), or another type of processing unit.): accept a request from a vehicle of the plurality of connected vehicles in response to accepting the request from the vehicle, to route all incoming traffic to the vehicle from the cellular network through the edge node, and to route all outgoing traffic from the vehicle to other entities on the cellular network through the edge node (SRIVASTAV, Para.20, systems and methods for monitoring network traffic of connected vehicles using a cloud-based learning model. According to certain aspects of the present disclosure, an intrusion detection system may build or generate an anomaly prediction model from the network traffic data received from a connected vehicle. The anomaly prediction model may be built and continuously updated using a cloud-based artificial intelligence (AI) (e.g., machine learning) based on real-time and/or stored network traffic data. Further, the anomaly prediction model may be deployed in various end-user systems or devices to detect and prevent potential cyberattacks in real-time, Para.26, the connected aircraft 101 receives and transmits network data to and from a network 113 via network towers, satellites, satellite stations, cellular network, other connected aircraft equipped with communication gateways, or any other suitable communication media.); filter the incoming and outgoing traffic based on one or more rule-based filtering/access control algorithms (SRIVASTAV, Para.39, the anomaly detection system 209 may generate alert signals and detection report or automatically discard packets determined to be anomalous. In one embodiment, an end-user (e.g., cyber security agent or teams) monitoring the monitor interface 209 updates the newly identified unknown patterns to a rule-based prevention system (e.g., the intrusion prevention system 119), Para.35, the prediction model 206 may be generated though a pre-processing phase and a training phase. During the pre-processing phase, the model generator 205 may analyze network data samples that contain labeled malicious and benign files or records. The model generator 205 may filter and normalize the network data samples before the training in the pre-processing phase.); and transmit the filtered incoming traffic to the vehicle and the filtered outgoing traffic to the other entities (SRIVASTAV, Para.44, The sampled or extracted connection log data may contain labeled malicious and/or benign files or records. The sampled connection log data may be filtered and normalized by a filtering module (e.g., filtering module 305) to expedite the training. In step 503, the model generator 501 may, for example, build an anomaly prediction model (e.g., prediction model 206 or 310) using the machine learning techniques. The generated anomaly prediction model may then be deployed to the end-user system 504.). As per Claim 18, SRIVASTAV discloses the system of claim 17, wherein one or more rules used by the one or more rule-based filtering/access control algorithms are based on or updated based on inputs from one or more of: a malware signature database; a common vulnerability and exposures (CVE) database; an output of an artificial intelligence (AI) or machine learning (ML) anomaly detection algorithm; and a security posture of the vehicle transmitted to the edge node from the vehicle (SRIVASTAV, Para.28, the intrusion prevention system 119 includes a firewall mechanism, for example, a signature-based prevention mechanism that searches for a known network data identity or pattern stored in a signature database at a host or end-user system level, Para.06, , the learning model being generated by an artificial intelligence learning; updating the learning model based on additional network traffic information, the additional network traffic information including real-time network data; in accordance with the updated learning model, detecting an anomaly event in incoming network data; and in accordance with detecting the anomaly event in the real-time network data, generating a notification and/or blocking one or more packets associated with the incoming network data.). As per Claim 19, SRIVASTAV discloses the system of claim 18, where additional instructions are stored in the non-transitory memory that, when executed, cause the one or more processors to: in response to detecting potentially malicious content in the incoming traffic or outgoing traffic when filtering the incoming or outgoing traffic, perform at least one of: update a log with information of the potentially malicious content; and send a notification of the potentially malicious content to an original equipment manufacturer (OEM) of a component of the vehicle (SRIVASTAV, Para.21, storing the network traffic information on a data server and periodically updating the network traffic information stored on the data server; pre-processing the network traffic information stored on the data server, the pre-processing the network traffic information including filtering and normalizing the network traffic information; Para.20, methods for monitoring network traffic of connected vehicles using a cloud-based learning model. According to certain aspects of the present disclosure, an intrusion detection system may build or generate an anomaly prediction model from the network traffic data received from a connected vehicle. The anomaly prediction model may be built and continuously updated using a cloud-based artificial intelligence (AI) (e.g., machine learning) based on real-time and/or stored network traffic data.). As per Claim 20, SRIVASTAV discloses the system of claim 17, wherein filtering the incoming and outgoing traffic based on one or more rule-based filtering/access control algorithms includes filtering the incoming and outgoing traffic using one or more of: a secure domain name system (DNS) of the edge node; a secure web gateway of the edge node; a firewall of the edge node; and an access broker of the edge node (SRIVASTAV, Para.21, providing the intelligent, connected vehicle network traffic monitoring capabilities utilizing cloud-based anomaly prediction model in accordance with the present disclosure will result in improvements in connected vehicle cybersecurity technology in various aspects, Para.28, the one or more communication gateways 109 may use firewall mechanisms, for example, Security Proxy and Security Manager Modules, to prevent incoming network data packets with potentially threatening characteristics by negotiating and establishing secure communication between the ground networks and the passenger devices 103, the cabin devices 105, and the crew devices 107. In one embodiment, separate gateways (e.g., ATN/IPS routers) may be provided to the cabin and cockpit operations systems on the aircraft 101 to reduce potential cyberattacks to the cabin and cockpit operations systems. ). As per Claim 21, SRIVASTAV discloses the method of claim 2, wherein the edge node is selected from a plurality of edge nodes of the wireless network based on signal strength, and wherein the edge node is not the closest edge node in proximity to the vehicle (SRIVASTAV, Para.26, The network data may be transferred to and from ground systems 114 via the network 113. In one embodiment of the connected environment 100, the ground systems 114 include, an intrusion detection system 115, an intrusion prevention system 119, and a user system 117., Para.48, the intrusion detection system 115 may use peer to peer communication and distributed validation mechanism (e.g., blockchain) to ensure security intelligence consolidated across multiple devices. Further, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments (e.g., mobile devices that may be used in different locations). Thus, the learning model may solve security challenges for mobile devices that may have different security challenges compared to stationary devices (e.g., home or office devices and systems).); As per Claim 23, SRIVASTAV discloses the system of claim 17, wherein the vehicle comprises an intrusion detection/prevention system (IDPS) that is configured to share resources with the edge node for detection of potentially malicious content in the incoming traffic or outgoing traffic (SRIVASTAV, Para.26, The network data may be transferred to and from ground systems 114 via the network 113. In one embodiment of the connected environment 100, the ground systems 114 include, an intrusion detection system 115, an intrusion prevention system 119, and a user system 117., Para.48, the intrusion detection system 115 may use peer to peer communication and distributed validation mechanism (e.g., blockchain) to ensure security intelligence consolidated across multiple devices. Further, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments (e.g., mobile devices that may be used in different locations). Thus, the learning model may solve security challenges for mobile devices that may have different security challenges compared to stationary devices (e.g., home or office devices and systems).); Claims 3, 13, 14 are rejected under 35 U.S.C. 103 as being unpatentable over SRIVASTAV et al., “hereinafter SRIVASTAV” (U.S. patent Application: 20220103578) and further in view of Strygulec et al., “Strygulec” (U.S. patent Application: 20220066833). As per Claim 3, SRIVASTAV discloses the method of claim 2, However SRIVASTAV does not disclose the edge node is selected from a plurality of edge nodes of the wireless network based on a proximity of the edge node to the vehicle. Strygulec discloses the edge node is selected from a plurality of edge nodes of the wireless network based on a proximity of the edge node to the vehicle (Strygulec, Para.14, the edge node is selected from an edge node network that is located in the proximity, or respectively within the catchment area of the terminal. Accordingly, wait times may be avoided when there is a request to a central cloud, and the additional computing power may be provided on the periphery of the network in the proximity of the terminal. In this way, quicker and more efficient service for externally transferring computing power may be provided.). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in SRIVASTAV with the teachings as in Strygulec. The motivation for doing so would have been for o provide an improved method for the navigation of a vehicle. (Strygulec, Para.05). As per Claim 13, SRIVASTAV discloses the method of claim 12, However SRIVASTAV does not disclose connecting to the edge node of the wireless network further comprises: determining a current location of the vehicle; scanning the network to detect a closest edge node of the wireless network to the current location; and connecting to the closest edge node. Strygulec discloses connecting to the edge node of the wireless network further comprises: determining a current location of the vehicle; scanning the network to detect a closest edge node of the wireless network to the current location; and connecting to the closest edge node (Strygulec, Para.14, the edge node is selected from an edge node network that is located in the proximity, or respectively within the catchment area of the terminal. Accordingly, wait times may be avoided when there is a request to a central cloud, and the additional computing power may be provided on the periphery of the network in the proximity of the terminal. In this way, quicker and more efficient service for externally transferring computing power may be provided, Para.50, the communications unit may be designed to establish a connection with the edge node network via WLAN/Wi-Fi and/or a mobile communications standard such as for example LTE or 5G. In this manner, flexible communication may be enabled within the edge node network.). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in SRIVASTAV with the teachings as in Strygulec. The motivation for doing so would have been for o provide an improved method for the navigation of a vehicle. (Strygulec, Para.05). As per Claim 14, SRIVASTAV discloses the method of claim 12, the security posture of the vehicle is based on log information of the vehicle (SRIVASTAV, Para.29, the model generator 205 may analyze network data samples that contain labeled malicious and benign files or records. The model generator 205 may filter and normalize the network data samples before the training in the pre-processing phase. Further, during the training phase, the model generator 205 may train the prediction model 206 using historical malicious and benign connection log files or records.) However SRIVASTAV does not disclose sensor data of the vehicle. Strygulec discloses sensor data of the vehicle (Strygulec, Para.13, the data may be sensor data that may be evaluated in the edge node.). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in SRIVASTAV with the teachings as in Strygulec. The motivation for doing so would have been for o provide an improved method for the navigation of a vehicle. (Strygulec, Para.05). Claims 22 rejected under 35 U.S.C. 103 as being unpatentable over SRIVASTAV et al., “hereinafter SRIVASTAV” (U.S. patent Application: 20220103578) and further in view of Xavier et al., “Xavier” (U.S. patent: 11670416). As per Claim 22, SRIVASTAV discloses the method of claim 5, However SRIVASTAV does not disclose wherein the security posture is transmitted to the edge node as a set of key-value pairs. Xavier discloses the security posture is transmitted to the edge node as a set of key-value pairs (Col.19, Line:5-15, convert the message into a standardized dataset message, and inject one or more tags into the standardized dataset message by adding or setting one or more corresponding key-value pairs (e.g., facilityID=F0293, accountID=A29847, etc.)…by tagging the messages prior to transmitting them to the cloud environment 106 with immutable IDs (e.g., facility ID and account ID) and not IDs that may or may not change in the future, the connectivity adapter 206 facilitates security control, access, filtering, and reporting of such data.). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in SRIVASTAV with the teachings as in Xavier. The motivation for doing so would have been for relating to the field of clinical messaging, and particularly to techniques for facilitating clinical messaging within and across various network environments. (Xavier, Para.01). The applicant Argue: Argument 1: Applicant argues that the reference SRIVASTAV fails to teach or suggest “wherein data transmitted from the wireless network to the vehicle goes through the edge node prior to reaching the vehicle and data transmitted from the vehicle to the wireless network goes through the edge node prior to reaching the wireless network” as recited in claim 1, 12, 17. In response, Examiner would like to point out that the reference SRIVASTAV does teach in Para.26, “The network data may be transferred to and from ground systems 114 via the network 113. In one embodiment of the connected environment 100, the ground systems 114 include, an intrusion detection system 115, an intrusion prevention system 119, and a user system 117” and in Para.48, “the intrusion detection system 115 may use peer to peer communication and distributed validation mechanism (e.g., blockchain) to ensure security intelligence consolidated across multiple devices. Further, the intrusion detection system 115 may apply the learning model on edge devices (e.g., mobile devices) for identifying threats and providing autonomous protection mechanisms based on the edge devices' environments (e.g., mobile devices that may be used in different locations). Thus, the learning model may solve security challenges for mobile devices that may have different security challenges compared to stationary devices (e.g., home or office devices and systems).);” and Para.20, “the anomaly prediction model may be deployed in various end-user systems or devices to detect and prevent potential cyberattacks in real-time. The intrusion detection system utilizing the cloud-based anomaly prediction model may provide alerts and/or reports when anomalies are detected in the real-time or stored network traffic data”. Also Please see the Fig.1. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to NORMIN ABEDIN whose telephone number is (571)270-5970. The examiner can normally be reached Monday to Friday from 10 am to 6 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached at 5712727304. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /NORMIN ABEDIN/Primary Examiner, Art Unit 2449