DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-7 as submitted on 8/24/23 were examined.
Claim Objections
Claim 7 is objected to because of the following informalities: “it” in line 2 of claim 7 should be deleted. Appropriate correction is required.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 5 and 7 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claims are directed towards software per se.
Claim 5 is directed towards a “honeypot generation unit” without recitation of any form of hardware. “honeypot generation unit” by itself could broadly, but reasonably be interpreted as a software unit, thus the claim is directed towards software per se, which does not fall within any of the four statutory categories of invention.
Claim 7 is directed towards a honeypot, which as understood in the art could be implemented as software alone. Absent any recitation of any form of hardware as part of the claimed honeypot, it appears that claim 7 is directed towards software per se and is not statutory.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 4-5, 6, and 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kawasaki et al (US 20180375897) in view of Mermoud et al (US 2025/0063065).
Claims 1, and 5-7:
As per claim 1, Kawasaki discloses:
Respond to operating system command line interface commands like a command line interface of the target system (paragraphs 16-17, 21, 23, 32, and 55; Honeypots are disclosed which responds to an attacker’s commands/requests as if the honeypot was a real computing system, including in response to OS commands entered via a command line interface).
Generating a honeypot that respond to operating system command line interface commands the honeypot receives (paragraphs 16-17, 21, 23, 32, and 55).
Kawasaki does not disclose training a large language model to respond (i.e. as in step 1 above). Kawasaki also does not disclose the honeypot uses the trained large language model to respond (i.e. as in step 2 above).
However, Mermoud discloses a network security system which utilizes training a large language model to respond to commands (paragraphs 64, 70, 83, 85, and 92; Paragraphs 64 and 85 in particular shows training and paragraph 70 discuss use of large language models). Mermoud further discloses the security system using the trained large language model to respond to attackers (paragraphs 70, 83, 85, and 92). A honeypot is a type of network security system.
Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art incorporate Mermoud’s teachings within Kawasaki’s invention to achieve an invention as recited in claim 1 by utilizing Mermoud’s teachings of large language model AI systems to train Kawasaki’s honeypot security system so that it learns how to respond to attackers. One of ordinary skill in the art would have been motivated to incorporate Kawasaki’s teachings because use of large language model could help speed up certain tasks on behalf of a network administrator (Mermoud: paragraph 4).
The rejection of claim 1 applies, mutatis mutandis, to each of claims 5-7.
Claim 4:
Mermoud further discloses continuing to train large language model based on a behavior of an attacker in response to responses generated using the large language model, to the command line interface commands (paragraphs 83, 85, and 92).
Claim(s) 2-3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kawasaki et al (US 20180375897) in view of Mermoud et al (US 2025/0063065).
Claim 2:
Kawasaki further discloses generating the honeypot with responses to operating system command line interface commands the at the honeypot has received (paragraphs 16-17, 21, 23, 32, and 55). Kawasaki does not disclose the honeypot was generated with an output filter that filters outputs of the large language model with regard to an output filter criterion before the outputs are used as responses. However, the Lafon teaches an AI model with an output filter that filters outputs of the large language model with regard to an output filter criterion before the outputs are used as responses (paragraphs 13 and 16).
Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art further incorporate Lafon’s teachings within Kawasaki’s modified invention to achieve the invention as further recited in claim 2. One of ordinary skill in the art would have been motivated to do so as use of AI-based input and output filters as taught by Lafon would allow for the determination if there are any prompt injection attacks, model evasion attacks, or other attacks specifically aimed at AI models being performed on the AI model (Lafon: paragraph 13).
Claim 3:
Kawaski further discloses generating the honeypot with responses to the operating system command line interface commands that the honeypot has received (paragraphs 16-17, 21, 23, 32, and 55). Kawaski does not disclose the honeypot was generated with an input filter that filters operating system command line interface commands that the honeypot has received, before the operating system command line interface commands are supplied to the large language model for generating responses. However, Lafon teaches an AI model with an input filter that filters operating system command line interface commands that the honeypot has received, before the operating system command line interface commands are supplied to the large language model for generating responses (paragraphs 13 and 15).
Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art further incorporate Lafon’s teachings within Kawasaki’s modified invention to achieve the invention as further recited in claim 3. One of ordinary skill in the art would have been motivated to do so as use of AI-based input and output filters as taught by Lafon would allow for the determination if there are any prompt injection attacks, model evasion attacks, or other attacks specifically aimed at AI models being performed on the AI model (Lafon: paragraph 13).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PONNOREAY PICH whose telephone number is (571)272-7962. The examiner can normally be reached M-F 9am-5pm EST, 10am-6pm during Daylight Savings Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/PONNOREAY PICH/Primary Examiner, Art Unit 2495
Prosecution Insights