Details
Claims 1-13 are pending.
Claims 1-13 are rejected.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-4, 6-9 and 12-13 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by “Defense against malware propagation in complex heterogeneous networks” Soodeh Hosseini (Published online: 12 September 2020, Hossein hereinafter).
As per claim 1, Hosseini discloses a computer-implemented method of simulating a propagation of a malware through a set of computer systems (p. 1207, col. 2, lines: 22-24: "In this section, a set of numerical simulations by MATLAB is presented to verify the validity of the defense mechanisms using the introduced model of malware propagation."), the method comprising:- identifying a plurality of first simulated computer systems infected with a simulated malware (p. 1204, col. 1, lines: 13-17: "7. Initially, all nodes are susceptible apart from a number of infected nodes e.g. 100 nodes). 8. The nodes are randomly selected to start the propagation process, thus the malware spreading strategy will be random."); - for each of the first simulated computer systems, infecting a number of neighbouring second simulated computer systems, the number being zero or an integer (p. 1202, col. 2, lines: 24-28: "The rules of malware propagation in SFN can be explained as follows. A susceptible node goes through a latent period after malware infection, before becoming infected with the rate of infection. The exposed nodes become infected with the rate. "); and - determining a value of a reproduction number, R0, based on the total number of second simulated computer systems and the number of first simulated computer systems (p. 1200, col. 1, lines: 24-26: "the basic reproductive ratio is calculated to study the dynamical behaviour of the malware spreading." and p. 1204, col. 2, lines: 3-5: "The basic reproductive ratio is the average number of secondary infections due to a primary infection in infection spreading process");
As per claim 2, claim 1 is incorporated and Hosseini further discloses repeating the steps of identifying a plurality of first simulated computer systems, infecting a number of neighbouring second simulated computer systems and determining a value of a reproduction number, Ro, over a plurality of time periods, such that a value of the reproduction number is determined for each of the time periods (p. 1208-1209, Fig 1-3, 5-6, col.1, lines: 24-26, p. 1204 “For increasing the accuracy of simulations, every experiment is performed by 20 runs in average.”);
As per claim 3, claim 2 is incorporated and Hosseini further discloses each of the time periods: deploying one or more simulated malware protection measures configured to inhibit the propagation of the simulated malware; and associating the value of the reproduction number, Ro, determined for the time period with the simulated malware protection measures for the time period (table 3, p.1202, col.1, lines: 45-48 and p.1209, col.2, lines: 1-3, “In this section, the SEIRS-Q model of malware propagation with considering diversification in SFNs is introduced. The proposed model helps to investigate the impacts of defense strategies such as diversification and immunization to reduce and control the malware spreading in the networks.”, “Table 3 compares the different values of R0 and CCritical in various immunization strategies under different immunization rates, which is obtained in Sect. 3.2”);
As per claim 4, claim 1 is incorporated and Hosseini further discloses deploying one or more simulated malware protection measures configured to inhibit the propagation of the simulated malware; and associating the value(s) of the reproduction number, R0, with the simulated malware protection measures (table 3, p.1202, col.1, lines: 45-48 and p.1209, col.2, lines: 1-3, “In this section, the SEIRS-Q model of malware propagation with considering diversification in SFNs is introduced. The proposed model helps to investigate the impacts of defense strategies such as diversification and immunization to reduce and control the malware spreading in the networks.”, “Table 3 compares the different values of R0 and CCritical in various immunization strategies under different immunization rates, which is obtained in Sect. 3.2”);
As per claim 6, claim 1 is incorporated and Hosseini further discloses wherein determining the value of the reproduction number, R0, comprises: obtaining the total number of second simulated computer systems by summing the numbers of second simulated computer systems; determining the number of first simulated computer systems; and dividing the total number of second simulated computer systems by the number of first simulated computer systems (p.1204, col.2, lines: 1-4, “The basic reproductive ratio is the average number of secondary infections due to a primary infection in infection spreading process [46]”);
As per claim 7, claim 1 is incorporated and Hosseini further discloses wherein the number of second simulated computer systems infected by each first simulated computer system is determined according to an infection rate (p.1202, col.2, lines: 24-28, “The rules of malware propagation in SFN can be explained as follows. A susceptible node goes through a latent period after malware infection, before becoming infected with the rate of infection kk C . The exposed nodes become infected with the rate e. The infected nodes will be transmitted into the quarantine state with rates q.The recovery rate for infected nodes is represented by c.The losing recovery rate for recovered nodes is denoted by d. The birth and death rates on the network are considered. K is the joining rate or logging into the network. And l is denoted the leaving rate. All parameters are positive.”);
As per claim 8, claim 1 is incorporated and Hosseini further discloses identifying one or more simulated computer systems as being susceptible to the simulated malware; and/or identifying one or more simulated computer systems as being insusceptible to the simulated malware (p.1204, col.1, lines: 13-21, “7. Initially, all nodes are susceptible apart from a number of infected nodes (e.g. 100 nodes). 8. The nodes are randomly selected to start the propagation process, thus the malware spreading strategy will be random. 9. In this paper assumes that 10% of nodes’ population density is immunized. 10. The node immunization will begin after that some certain percentage of nodes are already infected. 11. For increasing the accuracy of simulations, every experiment is performed by 20 runs in average.”);
As per claim 9, claim 1 is incorporated and Hosseini further discloses determining a value of the effective reproduction number, Rt, based on the value of the reproduction number and the proportion of simulated computer systems identified as being susceptible to the simulated malware (Hosseini, paragraph 0070, wherein the whitelists and/or blacklists are stored at a central location (e.g., the UDM) or distributed across a combination of network nodes. The engine also instantiates an environment to isolate and decontaminate assets of the blacklist);
Claims 12-13 are rejected under the same rationale as claim 1.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 5 and 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over “Defense against malware propagation in complex heterogeneous networks” Soodeh Hosseini (Published online: 12 September 2020, Hossein hereinafter) in view of Wang et al (WO. 2021/165256 A1).
As per claim 5, claim 3 is incorporated and Hosseini does not explicitly disclose wherein the simulated malware protection measure includes one or more of: an anti-malware facility; a malware filter; a malware detector; a block, preclusion or cessation of interaction; and a reconfiguration of one or more simulated computer systems. However, Wang discloses wherein the simulated malware protection measure includes one or more of: an anti-malware facility; a malware filter; a malware detector; a block, preclusion or cessation of interaction; and a reconfiguration of one or more simulated computer systems (Wang, page 5 lines: 10-18, “Embodiments of the present invention are directed to the deployment of malware protection measures so as to inhibit a propagation of a malware through a set of computer systems. Most preferably, the deployment of malware protection measures is targeted to provide an effective and/or efficient inhibition of the propagation. The nature and type of malware protection measures themselves are understood by those skilled in the art and can include, inter alia: anti-malware facilities; malware filters; malware detectors; a block, preclusion or cessation of interaction and/or communication, such as between computer systems; and/or a reconfiguration of one or more computer systems or communications facilities therebetween”).
Therefore, it would have it would have been obvious to one ordinary skill in the art before the effective filing date of the invention to incorporate Wang teachings into Hosseini to achieve the claimed limitations because this would have provided a way to immune network nodes using anti-malware facilities; malware filters; malware detectors; a block, preclusion or cessation of interaction and/or communication, such as between computer systems; and/or a reconfiguration of one or more computer systems or communications facilities therebetween to test and analyze the effectiveness of such measures.
As per claim 10, Hosseini further discloses a computer implemented malware protection method to protect at least a subset of (p. 1202, col. 1, lines: 45-50: "In this section, the SEIRS-Q model of malware propagation with considering diversification in SFNs is introduced. The proposed model helps to investigate the impacts of defense strategies such as diversification and immunization to reduce and control the malware spreading in the networks"), the method comprising: - accessing a model of (p. 1202, col. 1, lines: 45-50: "In this section, the SEIRS-Q model of malware propagation with considering diversification in SFNs is introduced. The proposed model helps to investigate the impacts of defense strategies such as diversification and immunization to reduce and control the malware spreading in the networks"); - simulating a propagation of the malware through the (p. 1207, col. 2, lines: 22-24: "In this section, a set of numerical simulations by MATLAB is presented to verify the validity of the defense mechanisms using the introduced model of malware propagation."); and - identifying, based on the determined value(s) of the reproduction number, R0, one or more malware protection measures to be deployed to one or more of the set of computer systems (p. 1200, col. 1, lines: 24-26: "the basic reproductive ratio is calculated to study the dynamical behaviour of the malware spreading." and p. 1204, col. 2, lines: 3-5: "The basic reproductive ratio is the average number of secondary infections due to a primary infection in infection spreading process"). Hosseini does not explicitly disclose a set of computer system. However, Wang discloses - accessing a model of the set of computer systems (Fig 3, 5, page 9-10, lines: 32-35: "Initially, at step 302, the method accesses a model of a set of computer systems identifying interacting pairs of the computer systems based on interactions corresponding to previous communication occurring between the computer systems in the pair"); - simulating a propagation of the malware through the set of computer systems using the model (Fig 3, 5, page 10, lines: 1-6: "At step 304 the method commences an iteration between each of a plurality of time periods for simulation. At step 306, for each simulated time period, the method simulates a propagation of a malware originating from a predetermined source computer system in the model. The simulation is based on a number of interactions per time period 204 between each interacting pair of computer systems in the set, and a rate of transmission 206 of the malware per interaction.");- identifying, based on the determined value(s) of the reproduction number, R0, one or more malware protection measures to be deployed to one or more of the set of computer systems (Fig 3, 5, page 10, lines: 7-10: " Subsequently, at step 310 the method identifies one or more computer systems or interacting pairs of computer systems for the deployment of a malware protection measure to inhibit a propagation of the malware through the set of computer systems").
Therefore, it would have it would have been obvious to one ordinary skill in the art before the effective filing date of the invention to incorporate Wang teachings into Hosseini to achieve the claimed limitations because this would have provided a way to improve Defending against malware propagation in complex heterogeneous networks having sets of computer systems.
As per claim 11, claim 10 is incorporated and Hosseini further discloses deploying the one or more malware protection measures to the one or more computer systems (Fig 3, 5, page 10, lines: 7-10: " Subsequently, at step 310 the method identifies one or more computer systems or interacting pairs of computer systems for the deployment of a malware protection measure to inhibit a propagation of the malware through the set of computer systems");
Response to Arguments
Applicant's arguments filed 12/02/2025 have been fully considered but they are not persuasive. Applicant argues in remarks:
(1) each of these portions of Hosseini (or any other portion) does not disclose determining a value of a reproduction number based on the total numbers of computer systems that were originally identified as infected and those that were subsequently infected during the course of the simulation. Instead, Hosseini determines a reproduction rate using an equation based on static, pre-defined parameters for the infection rate, quarantine rate, and recovery rate. See, e.g., Section 3.1 "Model Description" on pg. 1202 of Hosseini.
(1) The examiner respectfully disagrees.
First, the current claim language merely states that the reproduction number is determined based on the total number of second simulated computer systems and the number of first simulated computer systems. However, the claim does not give any specific on how the total number of second simulated computer systems and the number of first simulated computer systems are specifically used to determine the reproduction number.
Second, Hosseini determination of reproduction rate is not based on static pre-defined parameters. Hosseini states “the basic reproductive ratio is calculated to study the dynamical behaviour of the malware spreading” (p. 1200, col. 1, lines: 24-26:). In addition, Hosseini states “The basic reproductive ratio is the average number of secondary infections due to a primary infection in infection spreading process” (p. 1204, col. 2, lines: 3-5:). The secondary infection can be the total number of second simulated computer systems and the primary infection can be the number of first simulated computer systems infected with a simulated malware.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAMZA N ALGIBHAH whose telephone number is (571)270-7212. The examiner can normally be reached 7:30 am - 3:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wing Chan can be reached at (571) 272-7493. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HAMZA N ALGIBHAH/Primary Examiner, Art Unit 2441