Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Status
Claims 2, 4-10, 12-18 and 20-24 are pending.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 2-9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vasudevan (US 2019/0253443) in view of Bhatwadekar (US 10,789,553) in view of Gelardi (US 12,039,021) in view of Cernach (US 2020/0287839)
Examiner Note: Hereafter, above references will be entered as reference combination A.
Regarding claim 2, Vasudevan discloses:
receiving interaction data for a sequence of user interactions performed by entity;
encoding the interaction data for the sequence of user interactions into encoded interaction data having a standardized format that is based on
(i) an event type of each user interaction in the sequence of user interactions and
Vasudevan [0043] For user activity on a system, a typical UID will be a combination of user name, system hostname, process name and event type where user name is the name or login identifier for a specific user, system hostname identifies the host, process name identifies a process (or processes) being run, and event type specifies the user activity being performed.
(ii) a calculated time period indicating a duration of time elapsed between each of one or more user interactions in the sequence of user interactions and an immediately preceding user interaction in the sequence of user interactions Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Bhatwadekar discloses:
Bhatwadekar column 10 lines 30-50, For example, a user service may be to provide a communication alert to a user when a user may be delayed for boarding a flight from an airport. For such a user service the plurality of events may include calculating the time at across the plurality of user interaction stages, for example, the time required to reach the airport, time required for the security check-in, the time required for commuting up to a boarding terminal. In accordance with an embodiment of the present disclosure, the user may create an event library for each of the plurality of user services. The system 110 may be configured so that each of the event libraries may be stored in the event catalog. The event library may be updated based on user input. The event library may be updated based on a modification in the orchestration data. The content aggregator 130 may obtain the orchestration data associated with each of the plurality of events present in the event loop for providing a user service from the plurality of user services. The content aggregator 130 may update the event loop based on a modification in any of the plurality of user services or across any of the plurality of user interaction stages.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Bhatwadekar for the purpose of providing a communication alert to a user when a user may be delayed for boarding a flight from an airport, see above.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Bhatwadekar because Bhatwadekar’s teachings are from the same field of endeavor as the claimed invention, the system may obtain orchestration data on a real-time basis, see abstract.
providing the encoded interaction data for the sequence of user interactions to a trained machine learning model that is trained to classify sequences of user interactions as valid or invalid;
Vasudevan discloses elements of the claimed invention as noted does not disclose above limitation. However, Gelardi discloses:
Gelardi claim 1, A computer implemented method of access control for a user device having at least one component for determining behaviors of a user of the user device, the method comprising: accessing a first machine learning classifier trained based on at least one prior behavior of the user using the user device, the first machine learning classifier classifying user behavior as compliant or non-compliant such that compliant behavior is determined by the first machine learning classifier to be consistent with prior behavior for permitting access to the user device; and responsive to a determination by the first machine learning classifier that a subsequent behavior is classified as non-compliant,
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Gelardi for the purpose of determining behavior of a user of the user device.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Gelardi because Gelardi’s teachings are from the same field of endeavor as the claimed invention, see Gelardi below:
from the abstract: A computer implemented method of access control for a user device having at least one component for determining behaviors of the user. The method including accessing a first machine learning classifier trained based on at least one prior behavior of the user using the device, the classifier classifying user behavior as compliant or non-compliant.
receiving, as an output of the trained machine learning model, a classification of the sequence of user interactions;
Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Cernoch discloses:
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
Cernoch [0245] Further, the global user parameter data points and the local user parameter data points can each be fed into a machine-learning model to generate a result that indicates a likelihood that the user will access a resource (e.g., the likelihood being represented by the normalized user parameter). The parameter generator 1325 can implement the machine-learning techniques to compute the global and/or local parameters for a user. For example, the combination of the global user parameter and the local user parameter may be implemented using one or more ensemble method learning algorithms.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Cernoch for the purpose of providing detection layers to detect and/or control unauthorized access to databases associated with primary load management system.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Cernoch because Cernoch’s teachings are from the same field of endeavor as the claimed invention, see Cernoch below:
from the abstract: The present disclosure generally relates to controlling access to resources by selectively processing requests stored in a task queue to prioritize certain requests over others, thereby preventing automated scripts from accessing the resources.
controlling distribution of content to the entity based on the classification of the sequence of user interactions.
Cernoch [0255] blocks the detected communications, systems, or users.
Cernoch [0217] Certain aspects and features of the present disclosure include modifying the user parameters of some or all user requests stored in the digital queue based on one or more data sources determined or identified by a client associated with the digital queue. A normalization system provided by the primary load management system may receive or access the user parameters associated with the users in the digital queue. For example, a user parameter may be a score or value representing a likelihood that a particular user is a human user. Each queue position in the queue may store metadata identifying a user, such as a user identifier, a unique token value, and resource identifier, and so on. Further, the dynamic, protocol-based scoring of users provides a bot mitigation technique that identifies human users over automated scripts (e.g., bots) in a targeted and client-specific manner. For instance, because a user is ordered in a queue based on his or her client- or event-specific user parameter before being provided access to the interface, human users are provided with access to the interface earlier than detected bot users, thereby inhibiting bot traffic.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
Interpretation in light of the specification, see below:
[0010] In some implementations, receiving the interaction data includes collecting, for a given entity, multiple sets of interaction data corresponding to interactions with multiple different portions of content, generating an interaction signature comprises generating a separate interaction signature for each set of the interaction data corresponding to the interactions with each different portion of content, and the method includes classifying the given entity as an actual user or an automated bot based on labels assigned to each set of the interaction data or an aggregate label assigned to the multiple sets of interaction data in aggregate, wherein preventing distribution of the set of content comprises preventing distribution of the set of content when the given entity is classified as the automated bot.
4. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises distributing content to the entity in response to the classification of the sequence of user interactions being valid.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
5. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises reducing an amount of content distributed to the entity in response to the classification of the sequence of user interactions being invalid.
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
6. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises adjusting distribution criteria for a digital component based on at least on the classification of the sequence of user interactions.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
7. Reference combination A discloses wherein adjusting the distribution criteria for the digital component comprises adjusting the distribution criteria based on classifications for multiple entities.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
8. Reference combination A discloses wherein the classification of the sequence of user interactions comprises a classification as an actual user or a classification as an automated bot.
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
Cernoch [0245] Further, the global user parameter data points and the local user parameter data points can each be fed into a machine-learning model to generate a result that indicates a likelihood that the user will access a resource (e.g., the likelihood being represented by the normalized user parameter). The parameter generator 1325 can implement the machine-learning techniques to compute the global and/or local parameters for a user. For example, the combination of the global user parameter and the local user parameter may be implemented using one or more ensemble method learning algorithms.
9. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises refraining for providing a specific type of content to the entity.
Vasudevan [0027] The content filter 112 can use any of a variety of obfuscation techniques to filter the shared data based on the disclosure factor 120. Such obfuscation techniques can include, for example, removing or preventing transmission of certain types of content, modifying content elements to reduce the fidelity of the content, substituting certain content elements for other more-general or less-personal content elements, and the like. For example, text messages (one example of content) to be multicast to the other mobile devices can be selectively modified based on the disclosure factor 120 to remove terms that reference the user's identity, gender, age, etc. As another example, a disclosure factor 120 indicating that the user is very familiar with all of the other users may cause the content filter 112 to permit all photographs to be shared, a disclosure factor 120 indicating that the user is only somewhat familiar with the most of the other users may cause the content filter 112 to render the photographs at a lower resolution before sharing, and a disclosure factor 120 indicating the user is unfamiliar with most of the other users may cause the content filter 112 to block the sharing of photographs that depict human faces.
Claim(s) 10-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vasudevan (US 2019/0253443) in view of Bhatwadekar (US 10,789, 553) in view of Gelardi (US 12,039,021) in view of Cernach (US 2020/0287839)
Examiner Note: Hereafter, above references will be entered as reference combination A.
10. Vasudevan discloses:
one or more processors; and
one or more memory elements including instructions that, when executed, cause the one or more processors to perform operations comprising:
Vasudevan [0026] The central processing unit 122 may be a logic circuitry such as a microprocessor that responds to and processes instructions fetched from the main memory 124. The CPU 122 may use instruction level parallelism, thread level parallelism, different levels of cache, and multi-core processors. A multi-core processor may include two or more processing units on a single computing component.
receiving interaction data for a sequence of user interactions performed by entity;
encoding the interaction data for the sequence of user interactions into encoded interaction data having a standardized format that is based on
(i) an event type of each user interaction in the sequence of user interactions and
Vasudevan [0043] For user activity on a system, a typical UID will be a combination of user name, system hostname, process name and event type where user name is the name or login identifier for a specific user, system hostname identifies the host, process name identifies a process (or processes) being run, and event type specifies the user activity being performed.
(ii) a calculated time period indicating a duration of time elapsed between each of one or more user interactions in the sequence of user interactions and an immediately preceding user interaction in the sequence of user interactions. Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Bhatwadekar discloses:
Bhatwadekar column 10 lines 30-50, For example, a user service may be to provide a communication alert to a user when a user may be delayed for boarding a flight from an airport. For such a user service the plurality of events may include calculating the time at across the plurality of user interaction stages, for example, the time required to reach the airport, time required for the security check-in, the time required for commuting up to a boarding terminal. In accordance with an embodiment of the present disclosure, the user may create an event library for each of the plurality of user services. The system 110 may be configured so that each of the event libraries may be stored in the event catalog. The event library may be updated based on user input. The event library may be updated based on a modification in the orchestration data. The content aggregator 130 may obtain the orchestration data associated with each of the plurality of events present in the event loop for providing a user service from the plurality of user services. The content aggregator 130 may update the event loop based on a modification in any of the plurality of user services or across any of the plurality of user interaction stages.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Bhatwadekar for the purpose of providing a communication alert to a user when a user may be delayed for boarding a flight from an airport, see above.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Bhatwadekar because Bhatwadekar’s teachings are from the same field of endeavor as the claimed invention, the system may obtain orchestration data on a real-time basis, see abstract.
providing the encoded interaction data for the sequence of user interactions to a trained machine learning model that is trained to classify sequences of user interactions as valid or invalid;
Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Gelardi discloses:
Gelardi claim 1, A computer implemented method of access control for a user device having at least one component for determining behaviors of a user of the user device, the method comprising: accessing a first machine learning classifier trained based on at least one prior behavior of the user using the user device, the first machine learning classifier classifying user behavior as compliant or non-compliant such that compliant behavior is determined by the first machine learning classifier to be consistent with prior behavior for permitting access to the user device; and responsive to a determination by the first machine learning classifier that a subsequent behavior is classified as non-compliant,
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Gelardi for the purpose of determining behavior of a user of the user device.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Gelardi because Gelardi’s teachings are from the same field of endeavor as the claimed invention, see Gelardi below:
from the abstract: A computer implemented method of access control for a user device having at least one component for determining behaviors of the user. The method including accessing a first machine learning classifier trained based on at least one prior behavior of the user using the device, the classifier classifying user behavior as compliant or non-compliant.
receiving, as an output of the trained machine learning model, a classification of the sequence of user interactions; and
Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Cernach discloses:
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
Cernoch [0245] Further, the global user parameter data points and the local user parameter data points can each be fed into a machine-learning model to generate a result that indicates a likelihood that the user will access a resource (e.g., the likelihood being represented by the normalized user parameter). The parameter generator 1325 can implement the machine-learning techniques to compute the global and/or local parameters for a user. For example, the combination of the global user parameter and the local user parameter may be implemented using one or more ensemble method learning algorithms.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Cernoch for the purpose of providing detection layers to detect and/or control unauthorized access to databases associated with primary load management system.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Cernoch because Cernoch’s teachings are from the same field of endeavor as the claimed invention, see Cernoch below:
from the abstract: The present disclosure generally relates to controlling access to resources by selectively processing requests stored in a task queue to prioritize certain requests over others, thereby preventing automated scripts from accessing the resources.
controlling distribution of content to the entity based on the classification of the sequence of user interactions.
Cernoch [0255] blocks the detected communications, systems, or users.
Cernoch [0217] Certain aspects and features of the present disclosure include modifying the user parameters of some or all user requests stored in the digital queue based on one or more data sources determined or identified by a client associated with the digital queue. A normalization system provided by the primary load management system may receive or access the user parameters associated with the users in the digital queue. For example, a user parameter may be a score or value representing a likelihood that a particular user is a human user. Each queue position in the queue may store metadata identifying a user, such as a user identifier, a unique token value, and resource identifier, and so on. Further, the dynamic, protocol-based scoring of users provides a bot mitigation technique that identifies human users over automated scripts (e.g., bots) in a targeted and client-specific manner. For instance, because a user is ordered in a queue based on his or her client- or event-specific user parameter before being provided access to the interface, human users are provided with access to the interface earlier than detected bot users, thereby inhibiting bot traffic.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
Interpretation in light of the specification, see below:
[0010] In some implementations, receiving the interaction data includes collecting, for a given entity, multiple sets of interaction data corresponding to interactions with multiple different portions of content, generating an interaction signature comprises generating a separate interaction signature for each set of the interaction data corresponding to the interactions with each different portion of content, and the method includes classifying the given entity as an actual user or an automated bot based on labels assigned to each set of the interaction data or an aggregate label assigned to the multiple sets of interaction data in aggregate, wherein preventing distribution of the set of content comprises preventing distribution of the set of content when the given entity is classified as the automated bot.
12. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises distributing content to the entity in response to the classification of the sequence of user interactions being valid.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
13. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises reducing an amount of content distributed to the entity in response to the classification of the sequence of user interactions being invalid.
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
14. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises adjusting distribution criteria for a digital component based on at least on the classification of the sequence of user interactions.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
15. Reference combination A discloses wherein adjusting the distribution criteria for the digital component comprises adjusting the distribution criteria based on classifications for multiple entities.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
16. Reference combination A discloses wherein the classification of the sequence of user interactions comprises a classification as an actual user or a classification as an automated bot.
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
Cernoch [0245] Further, the global user parameter data points and the local user parameter data points can each be fed into a machine-learning model to generate a result that indicates a likelihood that the user will access a resource (e.g., the likelihood being represented by the normalized user parameter). The parameter generator 1325 can implement the machine-learning techniques to compute the global and/or local parameters for a user. For example, the combination of the global user parameter and the local user parameter may be implemented using one or more ensemble method learning algorithms.
17. Reference combination A discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises refraining for providing a specific type of content to the entity.
Vasudevan [0027] The content filter 112 can use any of a variety of obfuscation techniques to filter the shared data based on the disclosure factor 120. Such obfuscation techniques can include, for example, removing or preventing transmission of certain types of content, modifying content elements to reduce the fidelity of the content, substituting certain content elements for other more-general or less-personal content elements, and the like. For example, text messages (one example of content) to be multicast to the other mobile devices can be selectively modified based on the disclosure factor 120 to remove terms that reference the user's identity, gender, age, etc. As another example, a disclosure factor 120 indicating that the user is very familiar with all of the other users may cause the content filter 112 to permit all photographs to be shared, a disclosure factor 120 indicating that the user is only somewhat familiar with the most of the other users may cause the content filter 112 to render the photographs at a lower resolution before sharing, and a disclosure factor 120 indicating the user is unfamiliar with most of the other users may cause the content filter 112 to block the sharing of photographs that depict human faces.
Claim(s) 18-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vasudevan (US 2019/0253443) in view of Bhatwadekar (US 10,789,553) in view of Gelardi (US 12,039,021) in view of Cernach (US 2020/0287839)
Examiner Note: Hereafter, above references will be entered as reference combination A.
18. Vasudevan discloses
receiving interaction data for a sequence of user interactions performed by entity;
encoding the interaction data for the sequence of user interactions into encoded interaction data having a standardized format that is based on
(i) an event type of each user interaction in the sequence of user interactions and
Vasudevan [0043] For user activity on a system, a typical UID will be a combination of user name, system hostname, process name and event type where user name is the name or login identifier for a specific user, system hostname identifies the host, process name identifies a process (or processes) being run, and event type specifies the user activity being performed.
(ii) a calculated time period indicating a duration of time elapsed between each of one or more user interactions in the sequence of user interactions and an immediately preceding user interaction in the sequence of user interactions. Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Bhatwadekar discloses:
Bhatwadekar column 10 lines 30-50, For example, a user service may be to provide a communication alert to a user when a user may be delayed for boarding a flight from an airport. For such a user service the plurality of events may include calculating the time at across the plurality of user interaction stages, for example, the time required to reach the airport, time required for the security check-in, the time required for commuting up to a boarding terminal. In accordance with an embodiment of the present disclosure, the user may create an event library for each of the plurality of user services. The system 110 may be configured so that each of the event libraries may be stored in the event catalog. The event library may be updated based on user input. The event library may be updated based on a modification in the orchestration data. The content aggregator 130 may obtain the orchestration data associated with each of the plurality of events present in the event loop for providing a user service from the plurality of user services. The content aggregator 130 may update the event loop based on a modification in any of the plurality of user services or across any of the plurality of user interaction stages.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Bhatwadekar for the purpose of providing a communication alert to a user when a user may be delayed for boarding a flight from an airport, see above.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Bhatwadekar because Bhatwadekar’s teachings are from the same field of endeavor as the claimed invention, the system may obtain orchestration data on a real-time basis, see abstract.
providing the encoded interaction data for the sequence of user interactions to a trained machine learning model that is trained to classify sequences of user interactions as valid or invalid;
Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Gelardi discloses:
Gelardi claim 1, A computer implemented method of access control for a user device having at least one component for determining behaviors of a user of the user device, the method comprising: accessing a first machine learning classifier trained based on at least one prior behavior of the user using the user device, the first machine learning classifier classifying user behavior as compliant or non-compliant such that compliant behavior is determined by the first machine learning classifier to be consistent with prior behavior for permitting access to the user device; and responsive to a determination by the first machine learning classifier that a subsequent behavior is classified as non-compliant,
learning classifier that a subsequent behavior is classified as non-compliant,
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Gelardi for the purpose of determining behavior of a user of the user device.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Gelardi because Gelardi’s teachings are from the same field of endeavor as the claimed invention, see Gelardi below:
from the abstract: A computer implemented method of access control for a user device having at least one component for determining behaviors of the user. The method including accessing a first machine learning classifier trained based on at least one prior behavior of the user using the device, the classifier classifying user behavior as compliant or non-compliant.
receiving, as an output of the trained machine learning model, a classification of the sequence of user interactions; and
Vasudevan discloses elements of the claimed invention as noted but does not disclose above limitation. However, Cernoch discloses:
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
Cernoch [0245] Further, the global user parameter data points and the local user parameter data points can each be fed into a machine-learning model to generate a result that indicates a likelihood that the user will access a resource (e.g., the likelihood being represented by the normalized user parameter). The parameter generator 1325 can implement the machine-learning techniques to compute the global and/or local parameters for a user. For example, the combination of the global user parameter and the local user parameter may be implemented using one or more ensemble method learning algorithms.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Vasudevan to obtain above limitation based on the teachings of Cernoch for the purpose of providing detection layers to detect and/or control unauthorized access to databases associated with primary load management system.
Furthermore, one of ordinary skill in the art would have been motivated to look to the analogous art of Cernoch because Cernoch’s teachings are from the same field of endeavor as the claimed invention, see Cernoch below:
from the abstract: The present disclosure generally relates to controlling access to resources by selectively processing requests stored in a task queue to prioritize certain requests over others, thereby preventing automated scripts from accessing the resources.
controlling distribution of content to the entity based on the classification of the sequence of user interactions.
Cernoch [0255] blocks the detected communications, systems, or users.
Cernoch [0217] Certain aspects and features of the present disclosure include modifying the user parameters of some or all user requests stored in the digital queue based on one or more data sources determined or identified by a client associated with the digital queue. A normalization system provided by the primary load management system may receive or access the user parameters associated with the users in the digital queue. For example, a user parameter may be a score or value representing a likelihood that a particular user is a human user. Each queue position in the queue may store metadata identifying a user, such as a user identifier, a unique token value, and resource identifier, and so on. Further, the dynamic, protocol-based scoring of users provides a bot mitigation technique that identifies human users over automated scripts (e.g., bots) in a targeted and client-specific manner. For instance, because a user is ordered in a queue based on his or her client- or event-specific user parameter before being provided access to the interface, human users are provided with access to the interface earlier than detected bot users, thereby inhibiting bot traffic.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
Interpretation in light of the specification, see below:
[0010] In some implementations, receiving the interaction data includes collecting, for a given entity, multiple sets of interaction data corresponding to interactions with multiple different portions of content, generating an interaction signature comprises generating a separate interaction signature for each set of the interaction data corresponding to the interactions with each different portion of content, and the method includes classifying the given entity as an actual user or an automated bot based on labels assigned to each set of the interaction data or an aggregate label assigned to the multiple sets of interaction data in aggregate, wherein preventing distribution of the set of content comprises preventing distribution of the set of content when the given entity is classified as the automated bot.
19. Reference combination A discloses wherein the time of occurrence of each user interaction relative to one or more other users interactions in the sequence of user interactions comprises a delay period indicating an amount of time between the interaction and a previous interaction that occurred prior to the interaction.
Vasudevan [0042] Feature engineering needs to be performed for the activity logs once the feature list has been finalized. The objective of feature engineering is to combine the selected features into a single indicator feature that can be used to generate a time series of the user activities. For this purpose, distinct combinations of the user name and all selected features, except time stamps, may be identified from the activity log and the system may assign a unique ID (UID) to each distinct combination.
20. Reference combination a discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises distributing content to the entity in response to the classification of the sequence of user interactions being valid.
Cernoch [0227] Accordingly, the control of which users are granted access to the interface and the order in which the users are granted access to the interface has a practical application in blocking bots from accessing servers, thereby managing network loads. Thus, certain implementations described herein improve the technology of managing network or Internet traffic load experienced at the interface by controlling access to the interface in a client-specific and automatic manner.
21. Reference combination a discloses wherein controlling distribution of content to the entity based on the classification of the sequence of user interactions comprises reducing an amount of content distributed to the entity in response to the classification of the sequence of user interactions being invalid.
Cernoch [0255] Each of bot 1405, server 1410, computer 1415, and mobile device 1420 may individually transmit a communication (each at any time) to primary load management system 1465. For example, each communication received may correspond to a request to access an interface that enables users to request assignment of access rights to a particular resource. That is, each of bot 1405, server 1410, computer 1415, and mobile device 1420 may be requesting access to the same resource. Detection layers 1425, 1430, and 1435 can detect and/or control unauthorized access to databases associated with primary load management system 1465. It will be appreciated that any number of detection layers may be implemented, and the various detection layers may be the same or different from each other. For example, detection layers 1425, 1430, and 1435 may each include a detection system or service that detects the presence of bots, hackers, specific systems (e.g., secondary management systems), or unauthorized user access using any number of detection techniques (e.g., IP blocking, client time limits, client request frequency limits, client request limits on access inventory, reverse TURING tests, speed or frequency of queries during a time period, API access behavior pattern evaluation, bot pattern evaluation of sensor data associated with the device transmitting the communication, and other suitable techniques), and then blocks the detected communications, systems, or users. Bots and other devices, however, may sometimes pass through the detection layers undetected. As illustrated in FIG. 14, communications from bot 1405, server 1410, computer 1415, and mobile device 1420 pass through detection layers 1425, 1430, and 1435 undetected. In this situation, primary load management system 1465 may still prevent bots and other bad actors from requesting access rights to a resource by prioritizing certain requests, such as the communication from mobile device 1420, over other requests, such as the communication from bot 1405 using the normalization system 1450.
Claim(s) 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over reference combination A in view of Lackner (US 2019/0171542).
Regarding claim 22, reference combination A discloses elements of the claimed invention as noted but does not disclose wherein encoding the interaction data for the sequence of user interactions into encoded interaction data having a standard format comprises generating an interaction signature for the sequence of user interactions. However, Lackner discloses:
Lackner [0103] The transaction context data 561 may be used to uniquely identify the user interaction that caused the monitored render process, e.g. by an identifier for the browser on which the user interaction was performed, an identifier for the content view (i.e. timestamp describing the time at which the content was loaded by the browser) on which the user interaction was performed and an identifier of the performed user interaction (e.g. identifier for the user interaction element of the content used for the user interaction and a timestamp describing the time at which the user interaction was performed). A monitoring system that also monitors and traces end-to-end transactions from the browser side to the server side may use transaction context data of the same content and format to identify user interactions causing a traced transaction executions.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify reference combination A to obtain above limitation based on the teachings of Lackner for the purpose of providing monitoring and rendering dynamically updated web pages, see abstract.
Claim(s) 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over reference combination A in view Yang (US 2017/0337804)
Regarding claim 23, reference combination A discloses elements of the claimed invention as noted but does not disclose wherein encoding the interaction da for the sequence of user interactions into encoded interaction data having a standardized format comprises generating interaction signature for each visit to a resource, wherein each interaction resource includes a portion of the sequence of user interactions. However, Yang discloses:
Yang It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify reference combination A to obtain above limitation based on the teachings of Lackner for the purpose of providing monitoring and rendering dynamically updated web pages, see abstract.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify reference combination A to obtain above limitation based on the teachings of Yang for the purpose of providing an alert that is selected from a set of three or more alert modes based on one or more environmental conditions associated with the electronic device, see [0002].
Claim(s) 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over reference combination A in view Mandaviya (US 10,853,424).
Regarding claim 24, reference combination A discloses elements of the claimed invention as noted but does not disclose wherein encoding the interaction data for the sequence of user interactions into encoded interaction data having a standardized format comprises generation an interaction signature for each user session of [[with]] a resource, wherein each interaction resource includes a portion of the sequence of user interactions.
Mandaviya The analytics server 115 may identify and associate persona segments 110 using other methods, such as measuring inter-persona distance, as discussed in FIG. 7B. In some embodiments, the analytics server 115 may determine a current or most recent session based on the user interaction data 305. The analytics server 115 may obtain or identify a session identifier 132 from user interaction data 305 for the recent or current session and may determine or identify a grouping of persona segments 110 that correspond to the session identifier 132.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify reference combination A to obtain above limitation based on the teachings of Mandaviya for the purpose of including received user interaction data from a user device for a session associated with a user account, wherein the user interaction data comprises indications of user interaction of interaction by a user account with a website.
Response to Arguments
Applicant’s arguments with respect to claim(s) 2, 4-10, 12-18 and 20-24 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ETIENNE PIERRE LEROUX whose telephone number is (571)272-4022. The examiner can normally be reached M-F 8:00 am to 4:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Apu Mofiz can be reached at 571 272 4080. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ETIENNE P LEROUX/Primary Examiner of Art Unit 2161