Prosecution Insights
Last updated: July 17, 2026
Application No. 18/818,397

INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND STORAGE MEDIUM

Final Rejection §103
Filed
Aug 28, 2024
Priority
Sep 01, 2023 — JP 2023-142033
Examiner
EDWARDS, LINGLAN E
Art Unit
2408
Tech Center
2400 — Computer Networks
Assignee
Canon Inc.
OA Round
2 (Final)
70%
Grant Probability
Favorable
3-4
OA Rounds
1y 5m
Est. Remaining
94%
With Interview

Examiner Intelligence

Grants 70% — above average
70%
Career Allowance Rate
347 granted / 497 resolved
+11.8% vs TC avg
Strong +24% interview lift
Without
With
+24.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
1 currently pending
Career history
500
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
92.3%
+52.3% vs TC avg
§102
1.2%
-38.8% vs TC avg
§112
4.1%
-35.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 497 resolved cases

Office Action

§103
DETAILED ACTION This communication is in respond to applicant’s amendment filed on April 2, 2026. Claims 1, and 4-11 are pending. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Rejection of claims 1-10 under 35 USC 112(b) have been withdrawn in light of applicant’s amendment. Regarding applicant’s argument that Claim 1 explicitly handles a case where “an error occurs in the virus detect processing.” (response filed on 04/02/2026, page 6), examiner note that claim 1 recites “…even though it is determined that the file is suspected of being infected with a virus or that an error occurs in the virus detection processing”, as the claim limitation is recited in alternative form, detection of an error occurs is not required under the broadest reasonable interpretation, therefore, since Zuo teaches detection of false positive, i.e., determine the file is normal even though it is determined that the file is suspected of being infected with a virus, Zuo meets the scope of the claimed limitation as recited. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 4, and 6-11 are rejected under 35 U.S.C. 103 as being unpatentable over Zuo et al. (US Pat. No. 9,858,413 B1, hereinafter Zuo) in view of Sharpe et al. (US PG-PUB No. 2014/0007239 A1, hereinafter Sharpe). As per claim 1, Zuo disclosed an information processing apparatus (Zuo, Fig. 7A, 7B) comprising: at least one processor and at least one memory (Zuo, Fig. 7A, 7B), cooperating to: receive a file and tag information including ID and file size information of the file from an external apparatus (Zuo, col. 4, lines 61-67, “FIG. 5 is a flow diagram describing one embodiment in which one or more files are compared in order to avoid false positives. The below steps may be implemented by a software module on the computing device in question, or, a remote software service available over the Internet may be used to analyze and compare two or more files present on the computing device”, when the method is implemented by a remote software service available over the Internet, the file is received from an external apparatus; further Fig. 1 and col. 3, lines 6-18, “he contents of the folder include, for example, the name 32 of each file, the date modified 34, the type of file 36, the size 38, and may also list other properties of each file such as digital signature, file description, type, file version, product name, product version, copyright notice, size, date modified, language, original file name, etc.” indicates ID and size information are received with the file); store the received file (Zuo, col. 5, lines 1-8, virus detection performed on a file residing on the device, prior receiving and storing of the file is implied; also Fig. 1, the file being analyzed is stored in a folder); perform virus detection processing on the file; (Zuo, col. 5, lines 1-8, “In a first step 504, any of a variety of virus detection engines detects a file on the computing device that is suspected of being malware. Detection may be performed using antivirus software such as traditional file scanning using virus signatures, using heuristics or behavior-based analysis to detect known or unknown malware, using emulation or “sandbox” technology, remote services, or other techniques”) and determine that the file is a normal file in a case where ….even though it is determined that the file is suspected of being infected with a virus or an error occurs in the virus detection processing, as a result of the virus detection processing (Zuo, Fig. 5, steps 508-528, and corresponding disclosure col. 5 line 14 – col. 6, line 10, the system determine whether the file is normal file when the file is determined as suspected of being infected with virus as a result of virus detection in step 504. A false positive is read as an error occurred in the virus detection processing); Zuo does not disclose determining that the file is a normal file in a case where the tag information indicates that the file is guaranteed as the normal file, i.e., Zuo determines normal file based on analysis of file properties but does not disclose such determination is based on a tag information indicating the file is guaranteed as normal file, however, in an analogous art in computer system security, Sharpe disclosed determining that the file is a normal file in a case where the tag information indicates that the file is guaranteed as the normal file (Sharpe, par 0009, “In some embodiments, the metadata for each file in the distributed filesystem includes a "clean field" that is marked when the file has been scanned and determined to be clean of any viruses. In this context, performing the anti-virus scan of the target file involves marking the clean field for the target file if no virus is found for the target file. Every cloud controller receiving a client request to access the target file confirms that the clean field for the target file is marked before allowing clients to access the target file.”), it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Zuo to incorporate the using of metadata for tagging a file as clean of virus as disclosed by Sharpe, in order to ensure client system safety by providing a clear indication that the file has been scanned and determined to be clean of any viruses (Sharpe, par 0009). As per claim 4, Zuo-Sharpe disclosed the information processing apparatus according to claim 1, wherein the normality guarantee information is metadata information embedded in the file (Sharpe, par 0009, “the metadata for each file in the distributed filesystem includes a "clean field" that is marked when the file has been scanned and determined to be clean of any viruses”). As per claim 6, Zuo-Sharpe disclosed the information processing apparatus according to claim 1, wherein the at least one processor and at the least one memory further cooperating to determine that the file is the normal file in a case where the file is stored in a specific storing region (Zuo, col. 2, line 59 – co. 3, line 3, “It has been realized that the file properties of a malicious file are generally not similar to the file properties of other files within the same folder or sub-folder. This information can be used to determine whether or not a particular file might be benign. For example, if a particular file is considered suspect, but its file properties are the same as or very similar to other files within the same folder, then it may be determined that the file is benign, and thus a false positive is avoided. More specifically, it is realized that a vendor of normal applications will sign its files using consistent rules that are known and can be determined.”, i.e., when the file is stored within a folder with all similar properties, the file is determined to be normal). As per claim 7, Zuo-Sharpe disclosed the information processing apparatus according to claim 1, wherein the virus detection processing is performed on the file in a case where the file is stored in the at least one memory (Zuo, col. 5, lines 1-8, virus detection performed on a file residing on the device). As per claim 8, Zuo-Sharpe disclosed the information processing apparatus according to claim 1, wherein the virus detection processing is performed on the file using a function of an external service (Zuo, col. 1, lines 18-20, “The antivirus software may be present on the user's computing device or a remote server may be used to provide an antivirus service”). Claim 9 recites substantially the same limitations as claim 1, in the form of a method implemented by the corresponding apparatus, therefore, it is rejected under the same rationale. Claim 10 recites substantially the same limitations as claim 1, in the form of a computer readable medium with instructions implementing the steps performed by the apparatus, therefore, it is rejected under the same rationale. As per claim 11, Zuo-Sharpe disclosed the information processing apparatus according to claim 1, wherein the external apparatus performs virus detection processing on the file (Zuo, col. 4, lines 61-67, “FIG. 5 is a flow diagram describing one embodiment in which one or more files are compared in order to avoid false positives. The below steps may be implemented by a software module on the computing device in question, or, a remote software service available over the Internet may be used to analyze and compare two or more files present on the computing device”, the processing may be implemented by a remote software service available over the Internet; Sharpe also disclosed that, par 0014, par 0438, “a first anti-virus scan of the target file is initiated at the time that the target file is written to the distributed filesystem, and the metadata for the target file includes a version field that tracks the version of the virus definitions that was used to perform this first scan”, and par 0009, “Every cloud controller receiving a client request to access the target file confirms that the clean field for the target file is marked before allowing clients to access the target file”, which also indicate virus detection processing on files are performed remotely by cloud controllers) . Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Zuo in view of Sharpe as applied to claim 1 above, and further in view of Nachenberg (US Pat. No. 8,561,180 B1, hereinafter Nachenberg). As per claim 5, Zuo-Sharpe disclosed the information processing apparatus according to claim 1, Zuo does not explicitly disclose the file is guaranteed as the normal file based on transmission source information; however, in an analogous art in identifying false positive in file malware detection process, Nachenberg disclosed determining file as normal file based on information including transmission source information (Nachenberg, col. 1, lines 42 – 59, “…information that is presented to the administrator may help the administrator rapidly determine whether the vendor-supplied security operation generated any false positives (i.e., mistakenly identified any legitimate files as malicious) prior to deploying the vendor-supplied virus definition set and/or malware-detection heuristic within the enterprise. Examples of information that may be presented to an administrator include, …vendor-supplied reputation data for a file, a pathname for a file, an installation date/time for a file, a source of origin for a file (such as information that identifies the vendor or supplier of a file, the website from which the file was obtained or originated, or the like), the date and/or time when a file was created or last modified, a hash or checksum of a file, or any other potentially relevant information.”; also Fig. 5, pdfreader is determined as clean based on information including source of origin of the file); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Zuo to incorporate the use of information including source of origin for a file as disclosed by Nachenberg, in order to allow rapid determining of false positive in malware-detection as suggested by Nachenberg (Nachenberg, col. 1, lines 42 –48). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Humble et al. (US PG-PUB No. 2015/0172303 A1) disclosed a malware detection and identification method and system which scores each subject file or tags obtained from subject file to determine the potential that the file contains malicious components. A file or tag score tending to indicate that the subject file may contain malicious components/properties/attributes may be used to notify the system (and a user of the system) that the file may be potentially malicious. Zaitsev et al. (US Pat. No. 8,640,245 B2) disclosed a method and system for optimization of execution of anti-malware (AV) applications. The system reduces number of false-positive determinations by correcting malware detection rules using correction coefficients, and increases number of malware objected detected by correction of ratings determined by the rules using correction coefficients. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Linglan Edwards whose telephone number is (571)270-5440. The examiner can normally be reached 8:30am - 5:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /LINGLAN EDWARDS/Supervisory Patent Examiner, Art Unit 2408
Read full office action

Prosecution Timeline

Aug 28, 2024
Application Filed
Oct 09, 2024
Response after Non-Final Action
Dec 02, 2025
Non-Final Rejection mailed — §103
Apr 02, 2026
Response Filed
Jun 30, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12432179
VIRTUAL FIREWALL CONSTRUCTION METHOD BASED ON OPENSTACK FRAMEWORK
2y 6m to grant Granted Sep 30, 2025
Patent 12235960
BEHAVIORAL THREAT DETECTION DEFINITION AND COMPILATION
2y 11m to grant Granted Feb 25, 2025
Patent 12224983
Detecting and Preventing Transmission of Spam Messages Using Modified Source Numbers
3y 8m to grant Granted Feb 11, 2025
Patent 12223023
AUTHENTICATION SYSTEM, AUTHENTICATION APPARATUS, AUTHENTICATION METHOD AND COMPUTER PROGRAM
2y 11m to grant Granted Feb 11, 2025
Patent 12219060
ACCESS POLICY TOKEN
2y 9m to grant Granted Feb 04, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
70%
Grant Probability
94%
With Interview (+24.0%)
3y 4m (~1y 5m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 497 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month