DETAILED ACTION
The following claims are pending in this office action: 1-20
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings filed on 10/16/2024 are accepted.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/04/2025 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, an initialed and dated copy of Applicant’s IDS form 1449 filed 11/04/2025 is attached to the instant Office action.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 15-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Claims 15-20 do not fall within at least one of the four categories of patent eligible subject matter because, using the broadest reasonable interpretation, the claims are directed to software/data per se. Claims 15-20 recites one or more computer readable storage media. However, para. 0093 of the instant specification states “Storage system 810 may comprise any computer readable storage media ... Examples of storage media include ... virtual memory ... In no case is the computer readable storage media a propagated signal.” Furthermore, para. 0095 describes “Software ... may include ... virtualization software.” In view of the specification, the BRI of “computer readable storage media” is directed to data/software per se, such as, for example, solely software-based paged virtual memory or memory virtualization software. Examiner suggests that Applicant change the preamble in claims 15-20 to one or more non-transitory computer readable storage media.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3, 6-8, 10, 13-15, 17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Abhyankar et al. (US Pub. 2020/0301953) (hereinafter “Abhyankar”) in view of Coull et al. (US Pub. 2024/0007495) (hereinafter “Coull”).
As per claim 1, Abhyankar teaches a method of operating a computing device, the method comprising: ([Abhyankar, para. 0031] “computer programs encoded on computer storage devices ... configured to perform the action of the methods ... computers ... cause the system to perform the actions”)
identifying a file in a datastore having undergone a content revision; ([Abhyankar, para. 0051] “The server system 110 ... access document collections 113 [a datastore], which can include documents [a file] ... edited [having undergone a content revision] ... by users of the system”; [para. 0058] “synonyms for a term can be identified through various types of analysis ... analyze the information in ... document collections 113 ... using edit logs ... that different versions of a document [identifying a file in a datastore] have had text changed from a first term to a second term [have undergone a content revision]”)
generating, for the content revision of the file, a semantic graph for the file based on the content revision, wherein generating the semantic graph comprises: ([Abhyankar, para. 0055] “synonym information ... stored in the core semantic graph data [generating a semantic graph] ... by specifying nodes and/or edges that represent the synonym relationships ... the semantic graph ... nodes corresponding to synonym objects [for the file as the synonyms are obtained from the file undergone a content revision] that specify terms that are alternatives for each other”; [para. 0056] “The server system ... perform various operations to identify and validate synonym relationships ... when building a semantic graph [generating a semantic graph for the file based on the content revision]”)
extracting, from a portion of the file associated with the content revision, ([Abhyankar, para. 0047] “The semantic graph ... use [extract/generate] certain objects [a portion] together in a document [of the file]”; [para. 0056] the document/file is associated with the content revision as the changes in the document is used to identify the synonyms corresponding to the nodes as explained above and in para. 0056) one or more entity nodes and one or more event nodes, and ([Fig. 1] the nodes include, for example, Location/User [an entity node] and filter/metric [event node – see for example, para. 0064: “rate of interaction, amount of interaction, time spent viewing or interacting” and para. 0079: “Filter and prompt objects provide a means to define variables that need to be set either by the programmer, system or end user”])
identifying one or more semantic node relationships; ([Abhyankar, para. 0055] “synonym information ... stored in the core semantic graph data [generating a semantic graph] ... by specifying nodes and/or edges that represent the synonym relationships [identifying one or more semantic node relationships]”)
generating, for the file, an updated semantic graph, wherein generating the updated semantic graph comprises: ([Abhyankar, para. 0058] “a term can be identified through ... a document”; [para. 0125] “Synonym data can be updated to indicate that the first term is a synonym for the second term comprises updating the semantic graph data [generating an updated semantic graph] to add a synonym to data describing one or more elements of the semantic graph”)
correlating, based on node relationships, the semantic graph with any existing semantic graphs for the file or any existing semantic sub-graphs for the file based on semantic node relationships between the semantic graph and the any existing semantic graphs or semantic sub-graphs. ([Abhyankar, para. 0106] “the system can determine a number of instances where both nodes [based on node/semantic node relationships] are linked [correlating the semantic graph] to the same data element [with any existing semantic graphs for the file] ... These measures can be used to determine whether a synonym relationship should be added [generating the updated semantic graph] ... The system can compare the usage statistics 370 with predetermined thresholds, ranges, or profiles to determine whether synonym relationships exist [based on semantic node relationships] ... determine statistics for known synonyms and use those levels to set the appropriate thresholds, ranges, or synonym profiles for identifying a synonym relationship [correlating the semantic graph/generating the updated semantic graph]”; the nodes are a first semantic node in the graph and a second semantic node in the same existing graph, and so “correlating ... the sematic graph with any existing semantic graphs is disclosed”)
Abhyankar does not clearly teach extracting, from the updated semantic graph, a graph feature vector for the file; determining, based on an evaluation of graph feature vector, a probability score for the file; and initiating, based on the probability score, one or more actions in association with the file.
However, Coull teaches extracting, from the updated semantic graph, ([Coull, para. 0027-0028] “an initial/starting semantic graph ... in response to receiving the alert ... the processor ... modifies [updates] ... one or more objects of the semantic graph”) a graph feature vector for the file; ([para. 0028] “in response to receiving the alert, [from the updated semantic graph] the processor calculates ... threat scores ... for each of the objects in the semantic graph ... each of objects/nodes “cmd.exe,” “mimikatz.exe,” and “password.txt” is annotated with an associated threat score... “M=0.0,” “M=2.0,” and “M=0.0,” [graph feature vector for the file]”)
determining, based on an evaluation of graph feature vector, a probability score for the file; and ([Coull, para. 0029] “Once the threat scores are calculated ... modified threat scores [a probability score for the file] ... can be calculated based on the ... threat score [based on an evaluation of the graph feature vector]”; [para. 0034] “a high-risk [probability] ... subgraph... can then be identified/detected ... based on the modified threat scores”)
initiating, based on the probability score, one or more actions in association with the file. ([Coull, para. 0030] “The subgraph [based on the probability score as the subgraph is identified based on the subgraph] can include one or more user-selectable features to authorize and/or initiate/cause remediation of the cyber-threat ... Examples of remediation can include ... deleting a file [actions in association with the file]”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Abhyankar with the teachings of Coull to include extracting, from the updated semantic graph, a graph feature vector for the file; determining, based on an evaluation of graph feature vector, a probability score for the file; and initiating, based on the probability score, one or more actions in association with the file. One of ordinary skill in the art would have been motivated to make this modification because by doing so the practical benefits of reducing processor and/or storage requirements, improving processor efficiency, increasing the data value and/or relevance for a given region of observation, and/or improving the analyst's response time may be achieved. (Coull, para. 0020)
As per claim 3, Abhyankar in view of Coull teaches claim 1.
Abhyankar does not clearly teach wherein: the one or more actions comprise malware mitigation; performing the one or more actions comprises performing the malware mitigation; and wherein performing the malware mitigation comprises checking the file for evidence of a malware event.
However, Coull teaches wherein: the one or more actions comprise malware mitigation; ([Coull, para. 0030] “features to authorize and/or initiate/cause remediation of the cyber-threat [malware mitigation]”)
performing the one or more actions comprises performing the malware mitigation; and ([Coull, para. 0030] “features to ... initiate [performing] ... remediation of the cyber-threat [malware mitigation]”)
wherein performing the malware mitigation comprises checking the file for evidence of a malware event. ([Coull, para. 0031] “sub-graph [the file] is further analyzed by the processor [checking the file] ... based on a pattern of communication identified as a “malicious lateral movement,” [for evidence of a malware event] and a set of relevant mitigations may be associated with the subgraph, such that the subgraph and the associated mitigations are then presented [wherein performing the malware comprises the checking]”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to combine the teachings of Abhyankar and Coull for the same reasons as disclosed above.
As per claim 6, Abhyankar in view of Coull teaches claim 1.
Abhyankar does not clearly teach wherein extracting the graph feature vector from the updated semantic graph for the file is performed in part based on an evaluation of one or more of: one or more semantic graphs for the file; one or more semantic sub-graphs for the file; a number of, and corresponding sizes of, the one or more semantic graphs for the file and the one or more semantic sub-graphs for the file; a volume of nodes for the file; a distribution of event nodes and entity nodes for the file; one or more node relationships for the file; a relevance of a node to a document type for the file; if a user modifying the file is an owner of the file; and a node “in-degree” and node “out-degree” for the file.
However, Coull teaches wherein extracting the graph feature vector from the updated semantic graph for the file ([Coull, para. 0027-0028] “an initial/starting semantic graph ... in response to receiving the alert ... the processor ... modifies ... one or more objects of the semantic graph [updated semantic graph for the file]”) is performed in part based on an evaluation of one or more of: one or more semantic graphs for the file; ([para. 0028] “the processor calculates ... threat scores [extracting the graph feature vector] ... for each of the objects in the semantic graph [performed based on an evaluation of one or more semantic graphs for the file] ... each of objects/nodes “cmd.exe,” “mimikatz.exe,” and “password.txt” is annotated with an associated threat score... “M=0.0,” “M=2.0,” and “M=0.0,” [graph feature vector for the file]”)
one or more semantic sub-graphs for the file; ([Coull, para. 0038] “when a subgraph is detected an alert is presented”; [para. 0026] “In response to receiving the one or more alerts ... the threat score calculator ... can calculate multiple threat scores [extract the graph feature vector] ... based on the alert [based on an evaluation of one or more semantic sub-graphs for the file]”)
a number of, and corresponding sizes of, the one or more semantic graphs for the file and the one or more semantic sub-graphs for the file; (as the extracting is performed based on an evaluation of one or more of the listed items, and evaluation of one or more of the listed items is disclosed, the BRI of the limitation is disclosed)
a volume of nodes for the file; ([Coull, para. 0028] “calculating the threat scores is performed according to the following equation:
M
x
=
∑
i
∈
a
l
e
r
t
s
w
i
n
i
...
n
i
is a number of times the alert type has occurred [a volume] with respect to the modified first object [of nodes for the file]”)
a distribution of event nodes and entity nodes for the file; (as the extracting is performed based on an evaluation of one or more of the listed items, and evaluation of one or more of the listed items is disclosed, the BRI of the limitation is disclosed)
one or more node relationships for the file; ([Coull, para. 0028] “calculating the threat scores is performed according to the following equation:
M
x
=
∑
i
∈
a
l
e
r
t
s
w
i
n
i
...
w
i
is a weight”; [para. 0032] the weightings can be based on a temporal relationship between the triggering/malicious event and events of known maliciousness”)
a relevance of a node to a document type for the file; (as the extracting is performed based on an evaluation of one or more of the listed items, and evaluation of one or more of the listed items is disclosed, the BRI of the limitation is disclosed)
if a user modifying the file is an owner of the file; and (as the extracting is performed based on an evaluation of one or more of the listed items, and evaluation of one or more of the listed items is disclosed, the BRI of the limitation is disclosed)
a node “in-degree” and node “out-degree” for the file. (As the extracting is performed based on an evaluation of one or more of the listed items, and evaluation of one or more of the listed items is disclosed, the BRI of the limitation is disclosed)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to combine the teachings of Abhyankar and Coull for the same reasons as disclosed above.
As per claim 7, Abhyankar in view of Coull teaches claim 1.
Abhyankar also teaches wherein identifying the file in the datastore comprises identifying a write request to the file in the datastore. ([Abhyankar, para. 0058] “synonyms for a term can be identified through various types of analysis ... analyze the information in ... document collections 113 ... using edit logs ... that different versions of a document [identifying a file in a datastore] have had text changed from a first term to a second term [comprises identifying a write request to the file in the datastore]”)
As per claim 8, Abhyankar teaches a computing apparatus comprising: ([Abhyankar, para. 0127] “Embodiments of the invention can be implemented as ... data processing apparatus”)
a storage system; ([Abhyankar, para. 0127] “computer readable medium for ... data processing apparatus”)
a processor operatively coupled to the storage system; and ([Abhyankar, para. 0127] “the term “data processing apparatus” encompasses ... a programmable processor”; [para. 0130] “a processor will receive instructions and data from a read only memory or a random access memory”)
program instructions stored on the storage system that, when executed by a processing system, direct the processing system to: ([Abhyankar, para. 0127] “Embodiments of the invention can be implemented as ... computer program instructions encoded on a computer readable medium for execution by ... an operating system”)
identify a file in a datastore having undergone a content revision; ([Abhyankar, para. 0051] “The server system 110 ... access document collections 113 [a datastore], which can include documents [a file] ... edited [having undergone a content revision] ... by users of the system”; [para. 0058] “synonyms for a term can be identified through various types of analysis ... analyze the information in ... document collections 113 ... using edit logs ... that different versions of a document [identifying a file in a datastore] have had text changed from a first term to a second term [have undergone a content revision]”)
generate, for the content revision of the file, a semantic graph for the file based on the content revision, wherein generating the semantic graph comprises: ([Abhyankar, para. 0055] “synonym information ... stored in the core semantic graph data [generating a semantic graph] ... by specifying nodes and/or edges that represent the synonym relationships ... the semantic graph ... nodes corresponding to synonym objects [for the file as the synonyms are obtained from the file undergone a content revision] that specify terms that are alternatives for each other”; [para. 0056] “The server system ... perform various operations to identify and validate synonym relationships ... when building a semantic graph [generating a semantic graph for the file based on the content revision]”)
extracting, from a portion of the file associated with the content revision, ([Abhyankar, para. 0047] “The semantic graph ... use [extract/generate] certain objects [a portion] together in a document [of the file]”; [para. 0056] the document/file is associated with the content revision as the changes in the document is used to identify the synonyms corresponding to the nodes as explained above and in para. 0056) one or more entity nodes and one or more event nodes, and ([Fig. 1] the nodes include, for example, Location/User [an entity node] and filter/metric [event node – see for example, para. 0064: “rate of interaction, amount of interaction, time spent viewing or interacting” and para. 0079: “Filter and prompt objects provide a means to define variables that need to be set either by the programmer, system or end user”])
identifying one or more semantic node relationships; ([Abhyankar, para. 0055] “synonym information ... stored in the core semantic graph data [generating a semantic graph] ... by specifying nodes and/or edges that represent the synonym relationships [identifying one or more semantic node relationships]”)
generate, for the file, an updated semantic graph, wherein generating the updated semantic graph comprises: ([Abhyankar, para. 0058] “a term can be identified through ... a document”; [para. 0125] “Synonym data can be updated to indicate that the first term is a synonym for the second term comprises updating the semantic graph data [generating an updated semantic graph] to add a synonym to data describing one or more elements of the semantic graph”)
correlating, based on node relationships, the semantic graph with any existing semantic graphs for the file or any existing semantic sub-graphs for the file based on semantic node relationships between the semantic graph and the any existing semantic graphs or semantic sub-graphs. ([Abhyankar, para. 0106] “the system can determine a number of instances where both nodes [based on node/semantic node relationships] are linked [correlating the semantic graph] to the same data element [with any existing semantic graphs for the file] ... These measures can be used to determine whether a synonym relationship should be added [generating the updated semantic graph] ... The system can compare the usage statistics 370 with predetermined thresholds, ranges, or profiles to determine whether synonym relationships exist [based on semantic node relationships] ... determine statistics for known synonyms and use those levels to set the appropriate thresholds, ranges, or synonym profiles for identifying a synonym relationship [correlating the semantic graph/generating the updated semantic graph]”; the nodes are a first semantic node in the graph and a second semantic node in the same existing graph, and so “correlating ... the sematic graph with any existing semantic graphs is disclosed”)
Abhyankar does not clearly teach extract, from the updated semantic graph, a graph feature vector for the file; determine, based on an evaluation of graph feature vector, a probability score for the file; and initiate, based on the probability score, one or more actions in association with the file.
However, Coull teaches extract, from the updated semantic graph, ([Coull, para. 0027-0028] “an initial/starting semantic graph ... in response to receiving the alert ... the processor ... modifies [updates] ... one or more objects of the semantic graph”) a graph feature vector for the file; ([para. 0028] “in response to receiving the alert, [from the updated semantic graph] the processor calculates ... threat scores ... for each of the objects in the semantic graph ... each of objects/nodes “cmd.exe,” “mimikatz.exe,” and “password.txt” is annotated with an associated threat score... “M=0.0,” “M=2.0,” and “M=0.0,” [graph feature vector for the file]”)
determine, based on an evaluation of graph feature vector, a probability score for the file; and ([Coull, para. 0029] “Once the threat scores are calculated ... modified threat scores [a probability score for the file] ... can be calculated based on the ... threat score [based on an evaluation of the graph feature vector]”; [para. 0034] “a high-risk [probability] ... subgraph... can then be identified/detected ... based on the modified threat scores”)
initiate, based on the probability score, one or more actions in association with the file. ([Coull, para. 0030] “The subgraph [based on the probability score as the subgraph is identified based on the subgraph] can include one or more user-selectable features to authorize and/or initiate/cause remediation of the cyber-threat ... Examples of remediation can include ... deleting a file [actions in association with the file]”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Abhyankar with the teachings of Coull to include extract, from the updated semantic graph, a graph feature vector for the file; determine, based on an evaluation of graph feature vector, a probability score for the file; and initiate, based on the probability score, one or more actions in association with the file. One of ordinary skill in the art would have been motivated to make this modification because by doing so the practical benefits of reducing processor and/or storage requirements, improving processor efficiency, increasing the data value and/or relevance for a given region of observation, and/or improving the analyst's response time may be achieved. (Coull, para. 0020)
As per claim 10, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 3.
As per claim 13, the claim language is identical or substantially similar to that of claim 6. Therefore, it is rejected under the same rationale applied to claim 6.
As per claim 14, the claim language is identical or substantially similar to that of claim 7. Therefore, it is rejected under the same rationale applied to claim 7.
As per claim 15, Abhyankar teaches one or more computer readable storage media having program instructions stored thereon that, when executed by at least one processor of a computing device, direct the computing device to: ([Abhyankar, para. 0127] “Embodiments of the invention can be implemented as ... computer program instructions encoded on a computer readable medium for execution by ... a programmable processor”)
identify a file in a datastore having undergone a content revision; ([Abhyankar, para. 0051] “The server system 110 ... access document collections 113 [a datastore], which can include documents [a file] ... edited [having undergone a content revision] ... by users of the system”; [para. 0058] “synonyms for a term can be identified through various types of analysis ... analyze the information in ... document collections 113 ... using edit logs ... that different versions of a document [identifying a file in a datastore] have had text changed from a first term to a second term [have undergone a content revision]”)
generate, for the content revision of the file, a semantic graph for the file based on the content revision, wherein generating the semantic graph comprises: ([Abhyankar, para. 0055] “synonym information ... stored in the core semantic graph data [generating a semantic graph] ... by specifying nodes and/or edges that represent the synonym relationships ... the semantic graph ... nodes corresponding to synonym objects [for the file as the synonyms are obtained from the file undergone a content revision] that specify terms that are alternatives for each other”; [para. 0056] “The server system ... perform various operations to identify and validate synonym relationships ... when building a semantic graph [generating a semantic graph for the file based on the content revision]”)
extracting, from a portion of the file associated with the content revision, ([Abhyankar, para. 0047] “The semantic graph ... use [extract/generate] certain objects [a portion] together in a document [of the file]”; [para. 0056] the document/file is associated with the content revision as the changes in the document is used to identify the synonyms corresponding to the nodes as explained above and in para. 0056) one or more entity nodes and one or more event nodes, and ([Fig. 1] the nodes include, for example, Location/User [an entity node] and filter/metric [event node – see for example, para. 0064: “rate of interaction, amount of interaction, time spent viewing or interacting” and para. 0079: “Filter and prompt objects provide a means to define variables that need to be set either by the programmer, system or end user”])
identifying one or more semantic node relationships; ([Abhyankar, para. 0055] “synonym information ... stored in the core semantic graph data [generating a semantic graph] ... by specifying nodes and/or edges that represent the synonym relationships [identifying one or more semantic node relationships]”)
generate, for the file, an updated semantic graph, wherein generating the updated semantic graph comprises: ([Abhyankar, para. 0058] “a term can be identified through ... a document”; [para. 0125] “Synonym data can be updated to indicate that the first term is a synonym for the second term comprises updating the semantic graph data [generating an updated semantic graph] to add a synonym to data describing one or more elements of the semantic graph”)
correlating, based on node relationships, the semantic graph with any existing semantic graphs for the file or any existing semantic sub-graphs for the file based on semantic node relationships between the semantic graph and the any existing semantic graphs or semantic sub-graphs. ([Abhyankar, para. 0106] “the system can determine a number of instances where both nodes [based on node/semantic node relationships] are linked [correlating the semantic graph] to the same data element [with any existing semantic graphs for the file] ... These measures can be used to determine whether a synonym relationship should be added [generating the updated semantic graph] ... The system can compare the usage statistics 370 with predetermined thresholds, ranges, or profiles to determine whether synonym relationships exist [based on semantic node relationships] ... determine statistics for known synonyms and use those levels to set the appropriate thresholds, ranges, or synonym profiles for identifying a synonym relationship [correlating the semantic graph/generating the updated semantic graph]”; the nodes are a first semantic node in the graph and a second semantic node in the same existing graph, and so “correlating ... the sematic graph with any existing semantic graphs is disclosed”)
Abhyankar does not clearly teach extract, from the updated semantic graph, a graph feature vector for the file; determine, based on an evaluation of graph feature vector, a probability score for the file; and initiate, based on the probability score, one or more actions in association with the file.
However, Coull teaches extract, from the updated semantic graph, ([Coull, para. 0027-0028] “an initial/starting semantic graph ... in response to receiving the alert ... the processor ... modifies [updates] ... one or more objects of the semantic graph”) a graph feature vector for the file; ([para. 0028] “in response to receiving the alert, [from the updated semantic graph] the processor calculates ... threat scores ... for each of the objects in the semantic graph ... each of objects/nodes “cmd.exe,” “mimikatz.exe,” and “password.txt” is annotated with an associated threat score... “M=0.0,” “M=2.0,” and “M=0.0,” [graph feature vector for the file]”)
determine, based on an evaluation of graph feature vector, a probability score for the file; and ([Coull, para. 0029] “Once the threat scores are calculated ... modified threat scores [a probability score for the file] ... can be calculated based on the ... threat score [based on an evaluation of the graph feature vector]”; [para. 0034] “a high-risk [probability] ... subgraph... can then be identified/detected ... based on the modified threat scores”)
initiate, based on the probability score, one or more actions in association with the file. ([Coull, para. 0030] “The subgraph [based on the probability score as the subgraph is identified based on the subgraph] can include one or more user-selectable features to authorize and/or initiate/cause remediation of the cyber-threat ... Examples of remediation can include ... deleting a file [actions in association with the file]”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Abhyankar with the teachings of Coull to include extract, from the updated semantic graph, a graph feature vector for the file; determine, based on an evaluation of graph feature vector, a probability score for the file; and initiate, based on the probability score, one or more actions in association with the file. One of ordinary skill in the art would have been motivated to make this modification because by doing so the practical benefits of reducing processor and/or storage requirements, improving processor efficiency, increasing the data value and/or relevance for a given region of observation, and/or improving the analyst's response time may be achieved. (Coull, para. 0020)
As per claim 17, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 3.
As per claim 20, the claim language is identical or substantially similar to that of claim 6. Therefore, it is rejected under the same rationale applied to claim 6.
Claims 2, 9 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Abhyankar in view of Coull as applied to claims 1, 8 and 15 above, and further in view of Bayomi et al. (US Pub. 2023/0145463) (hereinafter “Bayomi”).
As per claim 2, Abhyankar in view of Coull teaches claim 1.
Abhyankar in view of Coull does not clearly teach wherein: extracting the graph feature vector from the updated semantic graph comprises submitting the updated semantic graph to a machine learning model; the machine learning model is trained on training data including graph feature vectors, a number of files corresponding to the graph feature vectors, and probability scores corresponding to the file; and the machine learning model is configured to receive a graph feature vector as an input.
However, Bayomi teaches wherein: extracting the graph feature vector from the updated semantic graph comprises submitting the updated semantic graph to a machine learning model; ([Bayomi, para. 0027] “a database where the segments ... are saved”; [para. 0059] “The term database ... refer to ... semantic model”; [para. 0079] “the multi-segment document may be used to generate a set of candidate segments [updated semantic graph] ... Afterward, each candidate segment may be provided [submitting the updated semantic graph] to the document segmentation machine learning model 405”; [para. 0031] “outputs of a document segmentation machine learning model comprise a vector ... for the noted input candidate segment [extracting the graph feature vector]”)
the machine learning model is trained on training data including graph feature vectors, ([Bayomi, para. 0074] “FIG. 4 is a data flow diagram of an example process 400 for training a document segmentation machine learning model 405”; [para. 0076] “The process 400 continues when ... each labeled document segment 403 having a particular segment type may be associated with an n-dimensional vector that has a vector value [including graph feature vectors]”) a number of files corresponding to the graph feature vectors, ([para. 0078] “the training engine 404 performs m training iterations ... where m may be determined based at least in part on a count of the labeled document segments [a number of files corresponding to the graph feature vectors]”) and probability scores corresponding to the file; and ([para. 0078] “during each training iteration, the training engine 404 ... determine an inferred prediction that describes an inferred likelihood [probability scores] that the labeled document segment [corresponding to the file] is associated with each segment type”)
the machine learning model is configured to receive a graph feature vector as an input. ([Bayomi, para. 0030] “inputs to a document segmentation machine learning model comprise one or more vectors ... for an input candidate segment”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Abhyankar in view of Coull with the teachings of Bayomi to include wherein: extracting the graph feature vector from the updated semantic graph comprises submitting the updated semantic graph to a machine learning model; the machine learning model is trained on training data including graph feature vectors, a number of files corresponding to the graph feature vectors, and probability scores corresponding to the file; and the machine learning model is configured to receive a graph feature vector as an input. One of ordinary skill in the art would have been motivated to make this modification because trained document segmentation machine learning models can be used to determine document segments which in turn enable adaptive multi-segment summarization techniques which reduces the size of summarization output and improves network transmission efficiency. (Bayomi, para. 0084)
As per claim 9, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 3.
As per claim 16, the claim language is identical or substantially similar to that of claim 3. Therefore, it is rejected under the same rationale applied to claim 3.
Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Abhyankar in view of Coull and Bayomi as applied to claims 2, 9 and 16 above, and further in view of Atighetchi et al. (US Pub. 2020/0364343) (hereinafter “Atighetchi”).
As per claim 4, Abhyankar in view of Coull teaches claim 2.
Abhyankar in view of Coull and Bayomi does not clearly teach wherein: the one or more actions comprise editing assistance; performing the one or more actions comprises performing the editing assistance; and wherein performing the editing assistance comprises checking the file for editing errors.
However, Atighetchi teaches wherein: the one or more actions comprise editing assistance; ([Atighetchi, para. 0073] “The suggested remedial action may supply guidance, in natural language, on what changes ... may successfully remediate the violation”)
performing the one or more actions comprises performing the editing assistance; and ([Atighetchi, para. 0078] “based on one or more violations identified [performing the one or more actions comprises] ... requirements document 116 ... may be revised [performing the editing assistance]”)
wherein performing the editing assistance comprises checking the file for editing errors. ([Atighetchi, para. 0078] “based on one or more violations identified ... [performing the one or more actions comprises] ... analyze requirements document 116 again [checking the file], to determine whether the violation still exists [for editing errors]”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Abhyankar in view of Coull and Bayomi with the teachings of Atighetchi to include wherein: the one or more actions comprise editing assistance; performing the one or more actions comprises performing the editing assistance; and wherein performing the editing assistance comprises checking the file for editing errors. One of ordinary skill in the art would have been motivated to make this modification because these modifications impove the speed, accuracy and thoroughness of analyzing system requirements. (Atighetchi, para. 0035)
As per claim 11, the claim language is identical or substantially similar to that of claim 2. Therefore, it is rejected under the same rationale applied to claim 2.
As per claim 18, the claim language is identical or substantially similar to that of claim 2. Therefore, it is rejected under the same rationale applied to claim 2.
Claims 5, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Abhyankar in view of Coull as applied to claims 1, 8 and 16 above, and further in view of Monhanty et al. (US Pub. 2025/0200281) (hereinafter “Monhanty”).
As per claim 5, Abhyankar in view of Coull teaches claim 1.
Abhyankar also teaches wherein: the file comprises plain text data, image data, or a combination thereof. ([Abhyankar, para. 0083-0084] “Content objects in the semantic graph ... include ... Reports ... invoices, multi-page tables and visualizations”)
Abhyankar in view of Coull does not clearly teach generating the semantic graph for the file having image data comprises leveraging an image-to-text processing model to obtain a textual representation of the image data.
However, Monhanty teaches generating the semantic graph for the file having image data ([Monhanty, para. 0028] “the user ... provide an image of a document [image data] that is used to construct a query of the knowledge graph [generating the semantic graph]”; [para. 0029] “query ... provided to the knowledge graph builder ... to obtain vector embeddings”; [para. 0045] “embedding vectors generated by the knowledge graph builder ... used to create the knowledge graph”) comprises leveraging an image-to-text processing model to obtain a textual representation of the image data. ([Para. 0028] “the request processing unit 152 provides the image of the document to the image-to-text model [leveraging an image-to-text processing model] ... The image-to-text model 172 extracts textual content from an image”)
It would have been obvious before the effective filing date of the claimed invention for one of ordinary skill in the art to have modified the elements disclosed by Abhyankar in view of Coull with the teachings of Monhanty to include generating the semantic graph for the file having image data comprises leveraging an image-to-text processing model to obtain a textual representation of the image data. One of ordinary skill in the art would have been motivated to make this modification because the relationships between the various relevant categories of information can be quickly explored in the knowledge graph to automatically generate visualizations and/or other content that would have otherwise required labor-intensive manual queries to numerous data sources and subsequent analysis of the data obtained to attempt to identify relevant information. (Monhanty, para. 0047)
As per claim 12, the claim language is identical or substantially similar to that of claim 5. Therefore, it is rejected under the same rationale applied to claim 5.
As per claim 19, the claim language is identical or substantially similar to that of claim 5. Therefore, it is rejected under the same rationale applied to claim 5.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Yin et al. (US Pub. 2016/0057159) discloses semantics-aware android malware classification where malware is classified with its semantics converted into a graph where feature vectors of the graph are obtained to determine malware variants.
Siu et al. (US Patent No. 12,524,529) discloses detecting malicious behaviors in software by constructing a knowledge graph that includes textual explanations from source materials and constructing and training a model to identify hidden malicious actions.
Shahul Hameed et al. (US Patent No. 12,081,569) discloses data extracted from data records is used to generate a multipartite graph where clusters are ranked according to some indicator of maliciousness to identify mitigating actions.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHE LIU whose telephone number is (571) 272-3634. The examiner can normally be reached on Monday - Friday: 8:30 AM to 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call (800) 786-9199 (IN USA OR CANADA) or (571) 272-1000.
/ZHE LIU/Examiner, Art Unit 2493