Office Action Predictor
Last updated: April 16, 2026
Application No. 18/890,106

COMMUNICATION DEVICE AND METHOD FOR APPLICATION LAYER-INDEPENDENT TRIGGERING OF EVENTS IN A COMMUNICATION NETWORK

Non-Final OA §103
Filed
Sep 19, 2024
Examiner
FAROOQUI, QUAZI
Art Unit
2491
Tech Center
2400 — Computer Networks
Assignee
Ar & Ns Investment, LLC
OA Round
1 (Non-Final)
83%
Grant Probability
Favorable
1-2
OA Rounds
2y 7m
To Grant
90%
With Interview

Examiner Intelligence

Grants 83% — above average
83%
Career Allow Rate
371 granted / 448 resolved
+24.8% vs TC avg
Moderate +8% lift
Without
With
+7.5%
Interview Lift
resolved cases with interview
Typical timeline
2y 7m
Avg Prosecution
17 currently pending
Career history
465
Total Applications
across all art units

Statute-Specific Performance

§101
9.4%
-30.6% vs TC avg
§103
59.6%
+19.6% vs TC avg
§102
18.1%
-21.9% vs TC avg
§112
6.9%
-33.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 448 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detail Action This office action is response to the application 18/890,106 filed on 09/19/2024. Claims 1-20 are pending in this communication. Priority This application is a CON of 17/719,464 04/13/2022 PAT 12,132,742. Priority date has been accepted. Examiner’s Note The examiner is requesting the applicant’s representative to provide direct phone number and/or mobile phone number in next communication, which will be very helpful to advance the prosecution. The primary examiner appreciates submission of Terminal Disclaimer on 01/22/2026, however, new search teaches independent claim limitations. Claim Rejections - 35 USC § 103 The following is a quotation of AIA 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-4, 8 & 17-20 are rejected under AIA 35 U.S.C. 103 as being unpatentable over KIRSCH; A et al. (US 11,972,013 B2) in view of HANSELL; Jeffrey Stuart et al. (US 7,386,628 B1). Regarding Claim 1, KIRSCH discloses a first communication device, comprising: detect a defined signature, associated with a data packet, based on the conversion of the data signal; and trigger, based on the detection of the defined signature, an event in a communication network at a datalink layer of the network architecture {col. 27 lines 5-13, “Since Bluetooth MAC address can be easily determined and easily forged, … the Bluetooth and the keyboard only issues a signature if the Bluetooth device can mutually authenticate with it that they both have a signed OneID certificate with your OneID so they both store secret keys associated”. Examiner’s note: applying rules, detects signature of malware and allow/deny the frame as per security rule. All data conversions are happening between ISO 7-layer network architecture. OneID is cloud-based identity verification server. Cited Bluetooth MAC operates in data-link layer and triggers to check signature to verify data intrusion} … KIRSCH, however, does not explicitly disclose … of a network architecture; In an analogous reference HANSELL discloses a processor configured to: receive a data signal from a second communication device; convert the data signal to a bit stream at a physical layer; … of a network architecture … irrespective of an involvement of an application layer of the network architecture {Fig. 1B & col. 4 lines 36-40, “FIG. 1B shows … network architecture illustrating seven network layers defined by the ISO ... The network architecture 110 includes physical layer 112 coupled to the network medium 111, data link layer 113, network layer 114, transport layer 115, session layer 116, presentation layer 117, and application layer 118”. Examiner’s note: it is well settled that signal/bits are received in layer-1 physical layer. Upper layer, like claimed application layer do not see data (see data frame/packet in Fig. 1C) unless handled by lower layer, starting from L-2 data-link layer, or MAC}. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify KIRSCH’s technique of ‘receiving bits in physical layer and detecting malware by upper layers’ for ‘implementing the ISO 7-layer network architecture where layer-7 application layer has nothing to do bottom physical or data-link layers’, as taught by HANSELL, in order to apply hardware level un-authorized data intrusion detection. The motivation is - receiving bits at the Physical Layer (Layer 1) while detecting malware at the Application Layer (Layer 7) optimizes performance by separating hardware-level transmission from, intelligent, content-aware, and contextual security analysis. This allows raw, high-speed data transmission, while upper layers focus on identifying complex, payload-level threats. All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined, they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. Regarding Claim 2, KIRSCH as modified by HANSELL discloses all the features of claim 1. The combination further discloses execute a frame level inspection of the bit stream at the datalink layer for the defined signature; and detect the defined signature based on the execution of the frame level inspection of the bit stream at the datalink layer {KIRSCH: col. 27 lines 5-13, “Since Bluetooth MAC address can be easily determined and easily forged, … the Bluetooth and the keyboard only issues a signature if the Bluetooth device can mutually authenticate with it that they both have a signed OneID certificate with your OneID so they both store secret keys associated”. Examiner’s note: applying rules, detects signature of malware and allow/deny the frame as per security rule. All data conversions are happening between ISO 7-layer network architecture. OneID is cloud-based identity verification server. Cited Bluetooth MAC operates in data-link layer and triggers to check signature to verify data intrusion}. Regarding Claim 3, KIRSCH as modified by HANSELL discloses all the features of claim 1. The combination further discloses wherein the defined signature associated with the data packet is a unique indicator {KIRSCH: col. 5 lines 4-7, “OneID uses secure signature private keys that cannot be forged, extracted, or duplicated by anyone, including the owner or an attacker who has complete control of the user's hardware and software”}. Regarding Claim 4, KIRSCH as modified by HANSELL discloses all the features of claim 1. The combination further discloses wherein the processor is further configured to communicate the defined signature to a cloud server for verification in a case where the defined signature associated with the data packet is detected at the datalink layer {KIRSCH: col. 27 lines 5-13, “Since Bluetooth MAC address can be easily determined and easily forged, … the Bluetooth and the keyboard only issues a signature if the Bluetooth device can mutually authenticate with it that they both have a signed OneID certificate with your OneID so they both store secret keys associated”. Examiner’s note: applying rules, detects signature of malware and allow/deny the frame as per security rule. All data conversions are happening between ISO 7-layer network architecture. OneID is cloud-based identity verification server. Cited Bluetooth MAC operates in data-link layer and triggers to check signature to verify data intrusion}. Regarding Claim 8, KIRSCH as modified by HANSELL discloses all the features of claim 1. The combination further discloses wherein the processor is further configured to execute, in a case where the defined signature associated with the data packet is detected at the datalink layer, a local validity check of the defined signature at the first communication device for verification {KIRSCH: col. 48-49, “In an embodiment, the identity manager is a web browser plug-in that is capable public key authentication. The ID manager can prompt for confirm/deny and the ID manager can prompt … [next step of analysis or remediation]”. Examiner’s note: cited web browser plug-in is form of local verification}. Regarding Claim 17, KIRSCH as modified by HANSELL discloses all the features of claim 1. The combination further discloses wherein the data signal is at least one of a wireless radio signal, an electrical signal received via a physical electrically conductive medium, or an optical signal {HANSELL: col. 15 line 67 – col. 16 line 3, “The term "machine-readable medium" shall accordingly be taken to included, but not be limited to, solid-state memories, optical and magnetic disks, and carrier wave signals”}. Regarding claim 18, claim 18 is claim to a method using the device of claim 1. Therefore, claim 18 is rejected for the reasons set forth for claim 1. Regarding claim 19, claim 19 is a dependent claim of claim 18, claim 19 is claim to method using the device of claim 2. Therefore, claim 19 is rejected for the reasons set forth for claim 2. Regarding claim 20, claim 20 is a dependent claim of claim 19, claim 20 is claim to method using the device of claim 3. Therefore, claim 20 is rejected for the reasons set forth for claim 3. Claims 9, 13 & 14 are rejected under AIA 35 U.S.C. 103 as being unpatentable over KIRSCH; A et al. (US 11,972013 B2) in view of HANSELL; Jeffrey Stuart et al. (US 7,386,628 B1) and further in view of TARQUINI; Richard Paul (US 2003/0084326 A1). Regarding Claim 9, KIRSCH as modified by HANSELL discloses all the features of claim 8. However, the combination does not explicitly disclose wherein the processor is further configured to execute pattern recognition of the defined signature based on at least one of a defined hardware logic, a defined driver code, a defined firmware code, a hashed value index, a bootable image, an operating system kernel image, or a binary image present in the first communication device. In an analogous reference TARQUINI discloses wherein the processor is further configured to execute pattern recognition of the defined signature based on at least one of a defined hardware logic, a defined driver code, a defined firmware code, a hashed value index, a bootable image, an operating system kernel image, or a binary image present in the first communication device {ABS., “the intrusion prevention system bound to a media access control driver and a protocol driver, invoking a signature analysis algorithm by the intrusion prevention system, and comparing the packet by the intrusion prevention system with a first rule set comprising a rule logically defining a packet signature is provided” … [0039], “Each of the machine-readable signature files 281A-281N comprises binary logic representative of the attack signature”}. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify KIRSCH’s technique as modified by HANSELL of ‘receiving bits in physical layer and detecting malware by upper layers for implementing the ISO 7-layer network architecture where layer-7 application layer has nothing to do bottom physical or data-link layers’ for ‘malware pattern recognition tool in driver level in signature’ by TARQUINI, in order to secure data. The motivation is - Receiving bits at the physical layer while detecting malware at upper layers within an ISO 7-layer model ensures specialized, efficient, and secure communication. It allows for raw transmission independence at lower layers while enabling sophisticated, context-aware, and content-aware malware analysis at the application layer, enhancing overall security. The physical layer (L1) focuses solely on raw bitstream transmission (electrical, optical, radio), while upper layers (like 7) focus on semantic analysis and security, allowing for independent optimization of hardware and software. All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined, they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. Regarding Claim 13, KIRSCH as modified by HANSELL discloses all the features of claim 1. However, the combination does not explicitly disclose the processor is further configured to trigger, based on the detection of the defined signature being at the datalink layer, at least one defined action defined in a main action database, and the main action database is external to the first communication device. TARQUINI further discloses the processor is further configured to trigger, based on the detection of the defined signature being at the datalink layer, at least one defined action defined in a main action database, and the main action database is external to the first communication device {[0005], “A … signature analysis algorithm may search for a particular string that has been identified” … the IPS may then perform any one or more of a number of actions, such as logging the identification of the frame, performing a countermeasure, or performing another data archiving or protection measure”}. Regarding Claim 14, KIRSCH as modified by HANSELL & TARQUINI discloses all the features of claim 13. However, the combination further discloses wherein the defined signature is registered and assigned to the at least one defined action in the main action database {TARQUINI: [0005], “A … signature analysis algorithm may search for a particular string that has been identified” … the IPS may then perform any one or more of a number of actions, such as logging the identification of the frame, performing a countermeasure, or performing another data archiving or protection measure”. Examiner’s note: sample signature is registered or included in the database for signature matching to allow/deny}. Claims 15 & 16 are rejected under AIA 35 U.S.C. 103 as being unpatentable over KIRSCH; A et al. (US 11,972013 B2) in view of HANSELL; Jeffrey Stuart et al. (US 7,386,628 B1) and further in view of SMITH; Ned M. et al. (US 2019/0349426 A1). Regarding Claim 15, KIRSCH as modified by HANSELL discloses all the features of claim 1. However, the combination does not explicitly disclose wherein the processor is further configured to trigger a new event in a distributed ledger of a blockchain at the datalink layer without the involvement of the application layer of the network architecture. In an analogous reference SMITH discloses wherein the processor is further configured to trigger a new event in a distributed ledger of a blockchain at the datalink layer without the involvement of the application layer of the network architecture {[0030], “FIG. 25 is a block diagram of a blockchain block holding boot integrity transactions in accordance with some embodiments” … [0905], “The first phase of the algorithm initializes a relationship pattern matrix between a candidate policy and a deployed policy, the second phase matches this pattern against a conflict signature” … [1123], “A more feature rich mechanism using the concept of a blockchain smart contract may be implemented”}. Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify KIRSCH’s technique as modified by HANSELL of ‘receiving bits in physical layer and detecting malware by upper layers for implementing the ISO 7-layer network architecture where layer-7 application layer has nothing to do bottom physical or data-link layers’ for ‘malware signature verification in accessing a block-chain smart-contract’ by SMITH, in order to secure data. The motivation is - malware signature verification in blockchain smart contracts enhances security by creating an immutable, decentralized database of known threats (signatures) to prevent malicious code execution. It ensures that only verified, trusted code interacts with the contract, reducing risks from compromised external dependencies and improving overall system integrity. All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined, they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. Regarding Claim 16, KIRSCH as modified by HANSELL & SMITH discloses all the features of claim 15. The combination further discloses wherein the processor is further configured to trigger a smart contract associated with the blockchain at the datalink layer without the involvement of the application layer of the network architecture {SMITH: [1126], “At block 15706, the device may interact with a smart contract 15708 on the blockchain, for example, by creating a commissioning transaction. A join contract function 15710 may be performed when a new device first interacts with the smart contract 15708. The smart contract 15708 may support device attestation features and decide whether or not to accept a particular device in the smart contract 15708”}. Allowable subject matter Claims 5 & 10 will be allowable if written in independent form with base method claim 1 For allowability, the independent method Claim 18 is required to be in same scope with equivalent limitations of claims 5 & 10 as proposed for amended claim 1. Reasons of allowance: what is missing from the prior arts is: After receiving cloud-server verification of the signature, the device executes a standard data packet flow from the physical to the application layer to play associated content on either an internal or connected external output component, provided the verification is successful, and after verifying the signature locally, the device executes a standard data packet flow to play associated content on an output component, provided the verification is successful. Therefore, claims 5-7 & 10-12 are objected. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to QUAZI FAROOQUI whose telephone number is (571) 270-1034 or Quazi.farooqui@USPTO.GOV. The examiner can normally be reached on Monday-Friday 9:00 am to 5:30 pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bill Korzuch can be reached on (571) 272-7589 or William.Korzuch@USPTO.GOV. The fax phone number for Examiner Farooqui assigned is 571-270-2034. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-flee). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /QUAZI FAROOQUI/ Primary Examiner, Art Unit 2491
Read full office action

Prosecution Timeline

Sep 19, 2024
Application Filed
Feb 22, 2026
Non-Final Rejection — §103
Mar 30, 2026
Response Filed

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12597073
System, Method, and Computer Program Product for Patient Authentication and Identity Risk Assessment
2y 5m to grant Granted Apr 07, 2026
Patent 12587549
Information Security Using Blockchain Technology
2y 5m to grant Granted Mar 24, 2026
Patent 12585808
SYSTEMS AND METHODS FOR CONTENT BASED ACCESS CONTROL
2y 5m to grant Granted Mar 24, 2026
Patent 12587368
METHOD, APPARATUS, DEVICE AND STORAGE MEDIUM FOR DATA PROCESSING
2y 5m to grant Granted Mar 24, 2026
Patent 12580733
SECURE RE-USE OF PRIVATE KEY FOR DYNAMIC GROUP OF NODES
2y 5m to grant Granted Mar 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
83%
Grant Probability
90%
With Interview (+7.5%)
2y 7m
Median Time to Grant
Low
PTA Risk
Based on 448 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month