Prosecution Insights
Last updated: July 17, 2026
Application No. 18/954,287

System and Method for Detecting Rogue Devices and Implementing Security Measures on a Communications Network

Non-Final OA §112
Filed
Nov 20, 2024
Priority
Nov 20, 2023 — provisional 63/601,052
Examiner
ZHAO, DON GORDON
Art Unit
2493
Tech Center
2400 — Computer Networks
Assignee
Castnet Inc.
OA Round
1 (Non-Final)
87%
Grant Probability
Favorable
1-2
OA Rounds
6m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 87% — above average
87%
Career Allowance Rate
691 granted / 791 resolved
+29.4% vs TC avg
Strong +16% interview lift
Without
With
+16.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 2m
Avg Prosecution
19 currently pending
Career history
803
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
82.5%
+42.5% vs TC avg
§102
1.9%
-38.1% vs TC avg
§112
8.2%
-31.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 791 resolved cases

Office Action

§112
/20/2024DETAILED ACTION Claims 1-13 are presented on 11/20/2024 for examination on merits. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Examiner's Instructions for filing Response to this Office Action When the Applicant submits amendments regarding to the claims in response the Office Action, the Examiner would appreciate Applicant if a clean copy of the claims is provided to facilitate the prosecution which otherwise requires extra time for editing the marked-up claims from OCR. Please submit two sets of claims: Set #1 as in a typical filing which includes indicators for the status of claim and all marked amendments to the claims; and Set #2 as an appendix to the Arguments/Remarks for a clean version of the claims which has all the markups removed for entry by the Examiner. Claim Objections Claims 1-4, 6-10, and 12 are objected to because of the following informalities: Claims 1-4, 6-10, and 12 each recite “the remote server” referring to the instance of at least one remote server defined in step A. In the claims, the recitations of “the remote server” is deficient, because at least one remote server suggests that the limitation also include more than one remote server whereas the limitation of “the remote server” is singular. Claims 3 and 6-8 each recite “the authorized user account” deficiently, as compared to the instance of “at least one authorized user account” in the claims for the same aforementioned reasons. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (B) CONCLUSION—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention. The rejection(s) under 35 U.S.C. 112(b) is/are determined by the following reasons: Claims 1, 6-7, 9, and 12 are unclear with respect to the limitation(s) for discovered device, Claim 1 recites two instances of “a discovered device” without linking them. This causes the recitations of “the discovered device” to be unclear in the claim, and also causes the recitations of “the discovered device” to be unclear in the subsequent claims 6-9 and 12. It is also noted that claims 6-7, 9, and 12 each redefines “a discovered device” without considering the same limitation in claim 1. Claims 2-4 each recite two or more instances of “a discovered network” without linking them. As such, the recitations are unclear. Claims 2-4 also recite “the discovered network” unclearly or lacking sufficient antecedent basis. Claims 1-4, 6-10, and 12 each recite “the remote server” unclearly (in a singular form) as compared the instance of at least one remote server defined in step A which include a plurality of remote servers. Claims 3 and 6-8 each recite “the authorized user account” unclearly (in a singular form) when compared to the instance of “at least one authorized user account” in the claims, which suggests inclusion of a plurality of authorized user accounts. Claim 4 recites “the network status” unclearly or lacking sufficient antecedent basis. Claim 12 recites “the device status” unclearly or lacking sufficient antecedent basis. Claims 1-4, 6-10, and 12 each recite “the steps” unclearly. This is because the limitation for “the steps” keep expending as more steps are added to the steps from the independent claims. As such, the recited limitations “the steps” are not a particular set of steps and thus unclear in the scope of the limitations. Claim 4 while depending on claim 2 recites the limitation “each discovered network” without pointing out whether the limitation is the same as the one in claim 2. As the claimed invention may repetitively performing network and device discovery with the network monitoring devices (STEP C), it is unclear to determine the scope of the discovered network(s) in claim 4. Claim 6-8 and 12 each as a dependent claim of claim 1 recite the limitation “each discovered device” without pointing out whether the limitation is the same as the one in claim 2. As the claimed invention may repetitively performing network and device discovery with the network monitoring devices (STEP C), it is unclear to determine the scope of the discovered device(s) in the claims. Claims 2-13 are also rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, because they depend from the rejected base claim 1. Allowable Subject Matter Claims 1-13 are allowable over prior art. The following is an examiner's statement of reasons for allowance: Claim 1 recite a sequence of steps "C) performing network and device discovery with the network monitoring devices; D) classifying each discovered device with the remote server, if the network and device discovery is performed; E) authenticating a discovered device with the remote server, if the discovered device is classified as a supported device; F) designating a discovered device as an unclassified device with the remote server, if the discovered device is not classified; G) assigning a device risk level to each unclassified device with the remote server; H) performing at least one security countermeasure with the remote server, if the discovered device is classified as an unauthorized device, or if the designated device risk level of the unclassified device exceeds the risk level threshold." These steps and features thereof, in combination with the other limitations in the claim(s), are not anticipated by, nor made obvious over the prior art of record. It is noted that the first closest prior art Vivanco (US 8918843 B1) discloses a method of detecting unauthorized tethering by a wireless device wherein a plurality of wireless devices in communication with an access node is detected, and a suspect device list of wireless devices which are not authorized for tethering is determined from among the plurality of detected wireless devices; see the Abstract. Vivanco’s system addresses the problem of rouge or unauthorized tethering that is of great concern to network operators and providers. While Vivaco contemplated using a suspect device list for removing by the network node based on the determined resource usage of the at least one first wireless device (col. 3, lines 43-67 and col. 4, lines 1-13), Vivaco does not classify any discovered device with the remote server after performing device discovery, nor does Vivaco assign a device risk level to any unclassified device with the remote server. It is noted that the second closest prior art Whelan (US 20040003285 A1) discloses techniques for detecting rouge or unauthorized wireless access points by configuring authorized access points and mobile units to listen to all wireless traffic in its cell and report all detected wireless devices to a monitor reported devices against a list of authorized network devices. Whelan relies on a list of wireless devices received from the access point to determine the presence of an unauthorized device rather than working with a remote server to authenticate a discovered device. Whelan is silent about classifying the discovered device and designating a discovered device as an unclassified device with the remote server when the discovered device is not classified. The Examiner further considered the following prior art references that are pertinent to applicant's disclosure: Bhagwat (US 20060002331 A1) discloses intrusion detection in wireless communication networks for prevent unauthorized access to the LAN over WiFi. Bhagwat classifies the APs in Active_AP_List into categories, such as "authorized", "unauthorized" and "external" (par. 0061-0062), which is storage locally at a sniffer apparatus rather than with the remote server. Bhagwat does not have a remote server for authenticating a discovered device. Mannengal (US 20230370334 A1) discloses networked device discovery and management in which unrecognized devices may be detected (par. 0274-0283). Mannengal’s device discovery and management are based on the ontology graph and artificial intelligence. Brindza (US 20110055928 A1) discloses a method for detecting unauthorized wireless devices in a network. Brindza’s detection platform retrieves an identifier (e.g., a media access control (MAC) address) associated with a suspect wireless device from the network connection log to determine the suspect device at the wireless device without classifying each discovered device with the remote server. Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”). Any inquiry concerning this communication or earlier communications from the examiner should be directed to DON ZHAO whose telephone number is (571)272.9953. The examiner can normally be reached on Monday to Friday, 7:30 A.M to 5:00 P.M EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571.272.3862. The fax phone number for the organization where this application or proceeding is assigned is 571.273.8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800.786.9199 (IN USA OR CANADA) or 571.272.1000. /Don G Zhao/Primary Examiner, Art Unit 2493 04/09/2026
Read full office action

Prosecution Timeline

Nov 20, 2024
Application Filed
Apr 22, 2026
Non-Final Rejection mailed — §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676871
Computer Security and Methods of Use Thereof
1y 9m to grant Granted Jul 07, 2026
Patent 12665919
METHOD AND SYSTEM FOR IMPLEMENTING A SERVICE THAT SIMPLIFIES NETWORK CYBER DEFENSE CAPABILITIES
3y 4m to grant Granted Jun 23, 2026
Patent 12665901
INFORMATION PROCESSING APPARATUS AND SERVICE PROVIDING SYSTEM
3y 2m to grant Granted Jun 23, 2026
Patent 12665921
RISK SCORING OF CLOUD PERMISSION ASSIGNMENTS USING SUPERVISED MACHINE LEARNING
2y 6m to grant Granted Jun 23, 2026
Patent 12665904
SECURE ASSET MANAGEMENT INFRASTRUCTURE FOR ENFORCING ACCESS CONTROL POLICIES
2y 2m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
87%
Grant Probability
99%
With Interview (+16.3%)
2y 2m (~6m remaining)
Median Time to Grant
Low
PTA Risk
Based on 791 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month