Office Action Predictor
Last updated: April 17, 2026
Application No. 18/844,534

COMPUTER-IMPLEMENTED NETWORK SECURITY METHOD

Non-Final OA §101§103
Filed
Sep 06, 2024
Examiner
GEE, JASON KAI YIN
Art Unit
2495
Tech Center
2400 — Computer Networks
Assignee
british telecommunications public Limited Company
OA Round
1 (Non-Final)
78%
Grant Probability
Favorable
1-2
OA Rounds
3y 1m
To Grant
99%
With Interview

Examiner Intelligence

Grants 78% — above average
78%
Career Allow Rate
584 granted / 752 resolved
+19.7% vs TC avg
Strong +23% interview lift
Without
With
+22.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
31 currently pending
Career history
783
Total Applications
across all art units

Statute-Specific Performance

§101
14.5%
-25.5% vs TC avg
§103
43.9%
+3.9% vs TC avg
§102
8.5%
-31.5% vs TC avg
§112
25.9%
-14.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 752 resolved cases

Office Action

§101 §103
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This action is response to communication: response to preliminary amendment filed on 09/06/2024. Claims 16-30 are currently pending in this application. The IDS filed on 09/06/2024 and 10/22/2025 have been accepted. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 27 and 28 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. As per claims 27, the claim is directed toward a system. However, the applicant’s specification does not restrict that the system require hardware. Thus, the system can be interpreted under the broadest reasonable interpretation to be pure software and thus non-statutory. As per claim 28, the claim is directed toward a computer program. Computer programs are pure software and are not patentable as they do not land in one of the four statutory categories. As per claims 29, the claim is directed toward a computer-readable data carrier. It is well known in the art that such mediums may be directed toward carrier signals and waves, which are directed toward non-statutory subject matter. The applicant’s specification states that the data carrier may be embodied in a medium such as an electric signal, radio frequency carrier wave, or optical carrier wave. The applicants may overcome this rejection by limiting the mediums in the specification to non-transitory computer readable mediums, or may amend the claims limiting the subject matter toward non-transitory computer readable mediums. Claim 30 is rejected using the same basis of arguments used to reject claim 29 above, as the claim is directed toward a data carrier signal. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 16-22 and 25-30 are rejected under 35 U.S.C. 103 as being unpatentable over Barua et al. US Patent No. 9,900,324 (Barua), in view of Lo et al. US Patent Applciation Publication 2022/0108025 (Lo), and further in view of Santos et al. US Patent Application Publication 2018/0027009 (Santos) As per claim 1, Barua teaches a computer-implemented security method comprising: generating a plurality of partial clones of a malware file, each partial clone reflecting a different aspect of the malware file (col. 5 lines 47-60 and throughout with rewriting malware for a plurality of paths; malware is duplicated for each path); causing trial deployment on a software-defined network SDN (col. 5 lines 47 to col. 6 line 8 with running cloned software on multiple paths in a virtual environment such as a sandbox; see also Figure 1; see further Figure 3 with multiple virtualized environments in a sandbox); causing each of the plurality of partial clones to be run on a respective host (col. 5 lines 47 to col. 6 line 8; see also Figure 1; see also Figure 3); causing traffic resulting from running of the plurality of partial clones on their respective hosts to be routed over the SDN, via one or more network elements on which the one or more services are deployed (See Figure 1 and Figure 3 with multiple virtualized environments within the sandbox and analyzing the results); causing performance of each of the services with respect to each of the plurality of partial clones (see claim 1 and throughout with running malware with mtuliple paths and monitoring execution of the clones). Although Barua teaches monitoring clones of malware, Barua does not explicitly teach deploying security services to each of the clones and performing the security services with respect to the clones. However, deploying security services in response to malware and performing security services with respect to the malware is well known in the art. For example, see Lo (abstract, claim 1, paragraph 53-55, 101 and throughout with running remediation actions and testing for efficacy of the remediation actions) At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Barua with Lo. One of ordinary skill in the art would have been motivated to perform such an addition to create more security by testing whether a remediation action truly works (paragraph 24). Although the Barua combination teaches testing remediation actions, the combination does not explicitly teach causing operational deployment of a selected one or more of the one or more security services on a network, in dependence on the one or more pluralityes of security service performance measures. This would have been obvious, if not inherent, as Lo is directed toward validating whether a remediation actually works. As seen in paragraph 24 of Lo, Lo teaches that “validation system can be configured to validate that the remediation actions that are to be performed … actually works.” Thus, it is implied that the tested validation will be deployed based on its effectiveness. However, for a more explicit teaching, see Santos (see abstract, with deploying tested security fixes). Santos further teaches the utilizing the system in an SDN environment (paragraph 62). At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Barua combination with Santos. One of ordinary skill in the art would have been motivated to perform such an addition to adequately address vulnerabilities and exploits (paragraph 4 of Santos). As per claim 17, the Barua combination teaches wherein the step of generating the plurality of partial clones comprises generating two or more partial clones which each reflect a different aspect of the malware file selected from the following aspects: one or more destinations the malware file directs connection to; port behavior of the malware file; traffic behavior of the malware file; binary signature of tohe malware file; and privilege escalation behavior of the malware file (obvious over Barua; see col. 5 lines 50-60 and col. 8 lines 44-67 with cloning paths/destinations). As per claim 18, the Barua combination teaches wherein the step of generating the plurality of partial clones comprises generating those partial clones to be modified to prevent harm; and the step of causing operational deployment of the selected one or more of the one or more security services on a network comprises causing operational deployment of the selected one or more of the one or more security services on the SDN (obvious over Barua; see col. 5 liens 50-60 and col. 8 lines 44-67 to generate partial clones to examine malware to prevent harm from malware; see throughout Santos with deployment of tested security fixes; also see abstract with utilizing clones to be modified to prevent harm). As per claim 19, the Barua combination teaches wherein the step of causing trial deployment of the one or more security services on the SDN comprises causing trial deployment of the one or more security services on a dedicated isolated testing SDN; and the step of casusing operation deployment of the selected one or more of the one or more security services on the network comprises casuing operational deployment of the selected one or more of the one or more security services on a network distinct from the SDN (see throughout Lo, such as in paragraph 24-25 and throughout with testing remediations in isolated environments; remediation actions are then deployed accordingly; also see Santos). As per claim 20, the Barua combination teaches wherein the step of causing trial deployment of the one or more security services ont eh SDN comprises causing to or more trial deployments of the one or more security services on the SDN, each of these two or more trial deployments comprising the one or more security services deployed on a respective SDN path ain a respective configuration; the step of causing traffic, resulting from running of the plurality of partial clones on their respective hsots, to be routed voer the SDN comprises causing that traffic to be routed along each respective SDN path with the security services deployed in each respective configuration; the step of causing performance of each of the one or more security services with respect to each of the plurality of partial cloens to be monitored is further performed to produce a respective plurality of trial deployment performance measures for each of the two or more trial deployments; and the step of causing operation deployment of a selected one or more of the one or more security services on the network is performed further in dependence on the two or more pluralities of trial deployment performance measures (see rejection of claim 16; see throughout Lo were a plurality of remediation actions are taken to determine which ones are effective; see paragraph 42; See throughout Barua such as in col. 8 line 64 to col. 9 line 5 wherein each iteration is performed in its own sandbox/micro-sandbox) As per claim 21, the Barua combination teaches causing each of the one or more security services to be assigned to a respective one of a plurality of security service type categories; wherein the step of causing operational deployment of a selected one or more of the one or more security services on a network is performed such that a respective security service of the one or more security services from each security service type category is selected for operational deployment, in dependence on the one or more pluralities of security service performance measures (Santos paragraphs 72-73 and throughout) As per claim 22, the Barua combination teaches wherein the step of causing the two or more trial deployments of the one or more security services on the SDN comprises causing, for each of the two or more trial deployments, selection of a respective security service of the one or more security services from each security service type category for use in that trial deployment (Santos paragraphs 72-73). As per claim 25, the Barua combination teaches generating the plurality of partial cloens comprises both: generating one or more partial cones which each mimic a different aspect of the malware file; and generating one or more partial clones which each reflect a different modified version of an aspect of the malware file (Barua col. 5 lines 50-67; also see col. 8 lines 44-64 with cloning malware with different paths). As per claim 26, the Barua combination teaches generating a further plurality of partial clones of each of one or more further malware files, each of each further plurality of partial clones reflecting a different aspect of the further malware file from which it is derived; causing each of each further plurality of partial clones on their respective hosts to be routed over the SDN, via the one or more network elements on which the one or more security services are deployed; and causing performance of each of the one or more security services with respect to each of each further plurality of partial clones to be monitored to produce a respective further plurality of security service performance measures for each of the one or more security services; wherein: the step of causing operational deployment of the selected one or more of the one or more security services is performed further in dependence on the one or more further puluralities of security service performance measures (see rejection of claim 1 above; see Baura col. 5 line 50-60 with creating multiple clones based on different paths; see col. 6 lines 7-15 with repeating the phases with other branches and paths from other branches). Claim 27 is rejected using the same basis of arguments used to reject claim 26 above. Claim 28 is rejected using the same basis of arguments used to reject claim 26 above. Claim 29 is rejected using the same basis of arguments used to reject claim 26 above. Claim 30 is rejected using the same basis of arguments used to reject claim 26 above. Claim(s) 23 and 24 are rejected under 35 U.S.C. 103 as being unpatentable over the Barua combination as applied above, and further in view of Nalluri et al. US Patent Application Publication 2022/0269817 (Nalluri) As per claim 23, it would have been obvious over the Barua combination wherein the step of causing performance of each of the one or more security services with respect to each of the plurality of partial clones to be monitored is to produce a respective plurality of security service performance measures for each of the one or more security services which comprise scores with respect to ability to protect each of two or more assets (obvious over Santos; see paragraphs 72-73 with utilizing threat levels; see also paragraph 56 with use of scores; see paragraph 64 wherein the remediation must be appropriate to mitigate the particular threat; see also paragraph 70 with threat mitigation policy applied based on threat level; see also paragraph 80). However, for a more explicit teaching on efficacy scores, see Nalluri (see paragraphs 113, 116, and throughout with efficacy scores of remediation actions) At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Barua combination with Nalluri. One of ordinary skill in the art would have been motivated to perform such an addition to cerate more security to protect assets (paragraphs 2-3 of Nalluri). As per claim 24, it would have been obvious over the Barua combination wherein the step of causing operational deployment of a selected one or more of the one or more security services on a network is performed such that a respective security service of the one or more security services from each security service type category is selected for operational deployment in dependence on a weighted sum of each security service’s scores with respect to the ability to protect each of the two or more assets, weights used in the weighted sums being configurable (Nalluri paragraph 77-78 with weights to different protector vectors; multiple weights may be used for each vector; see paragraph 82 with different weight values being assigned; see throughout Santos of deploying remediations after they are verified). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431. The examiner can normally be reached on Monday-Friday 8:30-5:00 PST Pacific. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /JASON K GEE/Primary Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

Sep 06, 2024
Application Filed
Nov 19, 2025
Non-Final Rejection — §101, §103
Mar 23, 2026
Response Filed

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12591697
PRIVACY SENSITIVE ESTIMATION OF DIGITAL RESOURCE ACCESS FREQUENCY
2y 5m to grant Granted Mar 31, 2026
Patent 12585479
ANALYTICS SEARCH ON WORKSPACE CONTENT
2y 5m to grant Granted Mar 24, 2026
Patent 12563019
LOW-OBSERVABLE ENCRYPTION DEVICE FOR FACILITATING COMMUNICATIONS
2y 5m to grant Granted Feb 24, 2026
Patent 12561475
PROTECTING MEMBERSHIP FOR SECURE COMPUTATION AND COMMUNICATION
2y 5m to grant Granted Feb 24, 2026
Patent 12547698
HOST-DEVICE INTERFACE FOR DEBUG AUTHENTICATION
2y 5m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
78%
Grant Probability
99%
With Interview (+22.9%)
3y 1m
Median Time to Grant
Low
PTA Risk
Based on 752 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month