DETAILED ACTION
This office action is in response to the application filed on 11/26/2024. Claim(s) 1-10 is/are pending and are examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-3, 6, and 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee (US 11,070,981 B2), hereinafter Lee in view of Howard (US 10,356,064 B1), hereinafter Howard.
Regarding Claim(s) 1 and 8 Lee teaches:
A detection and protection system for fake relay stations in a telecommunication network, comprising: (Lee Col. 1-2 Ln. 65-67 and 1, methods, systems, devices, and apparatuses that support information protection to detect fake base stations.)
a plurality of signal relay stations, wherein the radio terminal is communicated with the signal relay stations, the threat detection device performs a wireless signal scanning, and the processor identifies the signal relay stations according to a result of the wireless signal scanning and judges whether there are fake relay stations among the signal relay stations;(Lee Col. Ln. teaches, a real base station (e.g., a base station verified by the network) may broadcast a first set of information in an unprotected message to a set of UEs in a coverage area. An unregistered UE in the coverage area may receive the first set of information in an unprotected message prior to an authentication procedure. This first set of information may include system information, for example, in the form of a master information block (MIB), one or more system information blocks (SIBs), or some combination of these. If a fake base station intercepts and modifies the message before relaying the message to the UE, the UE may receive different information (e.g., a second set of information) than the first set of information transmitted by the verified base station. The UE may then transmit an indication of the received second set of information to the verified base station in a protected message (e.g., relayed through the fake base station). If the UE determines that the initially received information is different from the information received in the protected re-transmission, the UE may identify that the message was modified by a fake base station. Based on this detection of the fake base station, the UE may detach from the fake base station and reattach to a different base station in order to communicate with the network.)
Lee does not appear to explicitly teach but in related art:
a core network comprising a threat detection device, which comprises a radio terminal and a processor; and (Howard Col. 2 Ln. 20-40 teaches, the central authority may include a processor unit, a memory unit 132, an input/output device, and a network interface. The memory may include instructions for a whitelist generator and a database. The network interface may include a transmitter and a receiver.)
wherein, the processor decodes the information in the result of the wireless signal scanning, compares the identification information of each signal relay station in the information with a white list, so as to identify whether the signal relay stations include fake relay stations which do not belong to the white list, wherein the white list contains the identification information of legitimate relay stations; and (Howard Col. 13-14 Ln. 64-67 and 1-5 teaches, the white list verifier for instance may detect or otherwise determine that another communications node is joining or entering the network. The white list verifier may, in conjunction with the network interface and with the comparator, apply any number of communication techniques or protocols to detect the other communications node is joining the network. Col. 15 Ln. 18-25 teaches, responsive to determining that the identifier of the other communications node does not match any of the entries of the list of communications nodes, the white list verifier may determine that the other communications node joining the network is not on the list of communications nodes and is not authorized to receive the cryptographic key generated by the master communications node.)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Lee with Howard, to modify the system for detecting fake base stations of Lee with the white list verifier method of Howard. The motivation to do so, Howard Col. 14 Ln. 64-66, to determine whether the other communications node joining the network is included in the list of communications nodes authorized.
Lee in view of Howard does not appear to explicitly teach but in related art:
wherein in case that the fake relay stations are identified, the processor sends out an alarming message. (Teshome ¶ 37 teaches, a failed IoT device is detected by a near peer when the failed IoT device receives a token with an invalid value or outside of a scheduled time period. the near peer sends the alert through server information handling system using the out-of-band network interface so that server information handling system provides the alert to all relevant IoT devices.)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Lee in view of Howard with Teshome, to modify the system for detecting fake base stations of Lee with the white list verifier method of Howard with the Iot threat prevention system of Teshome. The motivation to do so, Teshome ¶ 37, to prevent spread of malicious code and related actions.
Regarding Claim(s) 2 Lee-Howard-Teshome teaches:
The detection and protection system for fake relay stations in a telecommunication network according to claim 1, (Lee-Howard-Teshome teaches the parent claim above.) wherein in a case that the telecommunication network is a mobile communication network, the signal relay stations are base stations and the fake relay stations are fake base stations; (Lee Col. 2 Ln. 5-12 teaches, In some wireless communications systems, a base station verified by a network may transmit a first set of information to a UE in an unprotected message. If a fake base station intercepts and modifies the message before relaying the message to the UE, the UE may receive different information (e.g., a second set of information) than the transmitted first set of information.) or when the telecommunication network is an Internet of Things, the signal relay stations are Internet of Things gateways and the fake relay stations are fake Internet of Things gateways. (Teshome ¶ 31 teaches the concept, A token scheduler manages communication of the token schedule to the IoT gateway devices, or, alternatively, receives token transfer schedules generated by the IoT gateway devices locally.)
The motive given in Claim 1 is equally applicable to the above claim.
Regarding Claim(s) 3 Lee-Howard-Teshome teaches:
The detection and protection system for fake relay stations in a telecommunication network according to claim 2, (Lee-Howard-Teshome teaches the parent limitation above.) wherein the telecommunication network is the mobile communication network, and the identification information comprises: a System information block (SIB), or a main information block (MIB). (Lee Col. 3 Ln. 60-65 teaches, the first set of information includes a first master information block (MIB), a first set of system information blocks (SIBs), or a combination thereof, and the second set of information includes a second MIB, a second set of SIBs, or a combination thereof.)
Regarding Claim(s) 6 Lee-Howard-Teshome teaches:
The detection and protection system for fake relay stations in a telecommunication network according to claim 1, (Lee-Howard-Teshome) wherein when the fake relay station is identified, the threat detection device sends out the alarming message (Teshome ¶ 37 teaches, a failed IoT device is detected by a near peer when the failed IoT device receives a token with an invalid value or outside of a scheduled time period. the near peer sends the alert through server information handling system using the out-of-band network interface so that server information handling system provides the alert to all relevant IoT devices.) to stop the core network signal from connecting with the fake relay station. (Lee Col. 2 Ln. 27-30 teaches, Based on this detection of the fake base station, the UE may detach from the fake base station and reattach to a different base station in order to communicate with the network.)
Claim(s) 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee-Howard-Teshome as applied to claim 1 above, and further in view of GERSHONY (WO 2020/105025 A1), hereinafter Gersh.
Regarding Claim(s) 7 Lee-Howard-Teshome teaches:
The detection and protection system for fake relay stations in a telecommunication network according to claim 1, further comprising (Lee-Howard-Teshome teaches the parent claim above.)
Lee-Howard-Teshome does not appear to explicitly teach but in related art:
a memory unit for storing the identification information of each fake relay station in a fake relay station blacklist, (Gersh Pg. 27 Ln. 15-26 teaches, which all relevant IDs (IMSI/IMEI) are transmitted to the Catcher e.g. IMSI catcher and retrieved. All retrieved IDs (IMSI/IMEI) are typically compared to "Black Lists and/or White Lists" for targets' segregation. The system generates and maintains a data base of targets aka "Target Book", which may include "Black Lists and/or White Lists". Monitoring systems for secret services include IMSI Catchers; such devices act as a false base station to implement a man-in-the-middle attack in mobile networks.) wherein after the radio terminal carries out the wireless signal scanning, the processor compares the fake relay station blacklist with the identification information of each signal relay station to identify whether there is the fake relay station among the signal relay stations. (Gersh Pg. 27 Ln. 15-26 teaches, which all relevant IDs (IMSI/IMEI) are transmitted to the Catcher e.g. IMSI catcher and retrieved. All retrieved IDs (IMSI/IMEI) are typically compared to "Black Lists and/or White Lists" for targets' segregation.)
It would have been obvious to one with ordinary skill the art, prior to the applicant's earliest effective filing date, to combine the teachings of Lee-Howard-Teshome, to modify the system for detecting fake base stations of Lee with the white list verifier method of Howard with the Iot threat prevention system of Teshome with the blacklist of Gersh. The motivation to do so constitutes applying a known technique of checking connections against a blacklist to known devices and/or methods for detecting fake relays ready for improvement to yield predictable results preventing attacks from fake relays.
Allowable Subject Matter
Claim(s) 4-5 and 9-10 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 2021/0204175 A1- When a wireless station is in an area where two radio access technology (RAT) connections are present, the intelligent connectivity switching mechanisms can include responding to a user interface prompt, evaluating one or more signal-to-noise (SNR)-related metrics, or comparing an application, task or activity to a whitelist
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB BENEDICT KNACKSTEDT whose telephone number is (703)756-5608. The examiner can normally be reached Monday-Friday 8:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached on (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/J.B.K./Examiner, Art Unit 2408
/LINGLAN EDWARDS/Supervisory Patent Examiner, Art Unit 2408