Prosecution Insights
Last updated: July 17, 2026
Application No. 19/071,591

AUGMENTED SECURITY RECOGNITION TASKS

Non-Final OA §102
Filed
Mar 05, 2025
Priority
Feb 15, 2019 — provisional 62/806,423 +3 more
Examiner
JHAVERI, JAYESH M
Art Unit
Tech Center
Assignee
SOPHOS Limited
OA Round
1 (Non-Final)
83%
Grant Probability
Favorable
1-2
OA Rounds
1y 1m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 83% — above average
83%
Career Allowance Rate
458 granted / 552 resolved
+23.0% vs TC avg
Strong +31% interview lift
Without
With
+30.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 5m
Avg Prosecution
9 currently pending
Career history
561
Total Applications
across all art units

Statute-Specific Performance

§101
0.9%
-39.1% vs TC avg
§103
83.1%
+43.1% vs TC avg
§102
10.5%
-29.5% vs TC avg
§112
2.0%
-38.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 552 resolved cases

Office Action

§102
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. DETAILED ACTION Claims 1-20 are pending in this office action. Priority Priority is claimed to PRO 62806423, filed 02/15/2019. Specification The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant's cooperation is requested in correcting any errors of which applicant may become aware in the specification. Information Disclosure Statement The information disclosure statements (IDS's) submitted on 03/05/2025 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Omum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321 (c) or 1.321 (d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). Claims 1-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over various claims of application# 18/323,607, now patent# 12,271,474 (referred to as ‘474 hereinafter). With regards to ‘474, claims 1-20 of ‘474 patent claim all the limitations set forth in the instant claims. Particularly, the instant independent claims 1, 18, 20 are covered by the subject matter of narrower independent claims 1, 18 and 20 respectively of ‘474. Similarly, the instant claims 2-17 are covered by claims 2-17 resp. of ‘474, and the instant claim 19 is covered by claim 19 of ‘474. As various limitations in the above claims of ‘474 cover the limitations of the instant claims, the instant claims are not patentably distinct from the specified claims of ‘474 as discussed above. Further, the system and computer program product (computer-readable medium) claims carry out method steps in a computing environment of the device/system. Therefore, it would be obvious to be able to carry out steps of a method, using a system or device or by computer executable computer program product code stored in a statutory computer readable medium executed by a processor. This is a non-provisional obviousness type double patenting rejection because the conflicting claims have been patented. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-5, 13-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Johns et al. (US 2019/0132334 A1, Johns hereinafter). For claim 1, Johns teaches a system for conducting a security recognition task, the system comprising: a memory configured to store a model and training data, each sample of the training data including a security recognition task label for training the model to perform the security recognition task, the security recognition task label indicative of whether or not each said sample is a security threat, wherein each said sample includes auxiliary information and wherein each said sample is associated with a portable executable file (Fig. 2; para 0016, 0019, 0022, 0041 - memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets with labels (as security recognition task labels) that recognize or indicate respective file samples as associated with security threat or benign sources are received and stored; memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets are executable file samples as associated with security threat or benign sources are received and analyzed; para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature or hashes, features and file types); and one or more processors communicably linked to the memory (para 0023, 0040) and comprising a training unit (Fig. 2; para 0022, 0059 - training unit for training of neural network model) , para 0050 - samples or training sets are received and stored for the neural network model training, wherein multiple layers are used for training for multiple targets such as classifying security tasks for different data types) wherein the training unit is configured to: receive the training data and the model from the memory and subsequently provide the training data to the model (Fig. 2; para 0016, 0019, 0022-0023, 0041, 0050 - samples or training sets are received and stored for the neural network model training, wherein multiple layers are used for training for multiple targets such as classifying security tasks for different data types), receive the auxiliary information, the auxiliary information including detection data for each sample of the training data from one or more trusted authorities (para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature or hashes, features and file types; also para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators as received auxiliary information), and train the model, as a multi-target neural network, using the training data to predict the detection data in the auxiliary information as well as the security recognition task label for the security recognition task, thereby improving performance of the security recognition task (Fig. 2; para 0016, 0019, 0022-0023, 0041, 0050 - samples or training sets are received and stored for the neural network model training, wherein multiple layers are used for training for multiple targets such as classifying security tasks for different data types; para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators, wherein threat score is based on features which is produced by classifier logic as a prediction or likelihood of attack on a new sample of file); and a prediction unit configured to use the security recognition task model output to perform the security recognition task on a new sample (Fig. 1-2; para 0069, 0106 - classifier logic produces a threat score as a prediction or likelihood of attack; para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators, wherein threat score is based on features which is produced by classifier logic as a prediction or likelihood of attack on a new sample of file). For claim 2, Johns teaches the claimed subject matter as discussed above, and further teaches wherein the training unit is further configured to jointly optimize a security recognition task loss function and an auxiliary information loss function (para 0059-0060, 0064-0066, 0069 - error determination for optimization of security (attack) recognition task and score computation towards determining of attack likelihood or threat/benign indicators). For claim 3, Johns teaches the claimed subject matter as discussed above, and further teaches the system of claim 2, wherein the training unit is further configured to assign a first weight to the security recognition task loss function and a second weight to the auxiliary information loss function (para 0056-0057, 0059-0060, 0065-0066 - different weights are determined in each of the error scenarios of security task recognition and auxiliary information recognition). For claim 4, Johns teaches the claimed subject matter as discussed above, and further teaches the system of claim 3, wherein the first weight is greater than the second weight (para 0057-0060, 0063-0066, - weight/score value ranges, adjustments and comparison with known score depends on initial indicator received with the file and labeled as malicious or benign with respect to the file, which pertains to the first weight, and is utilized in training the NN with regards to that respective data set such that it is considered higher than further auxiliary feature analysis). For claim 5, Johns teaches the claimed subject matter as discussed above, and further teaches Johns teaches wherein the new sample includes a portable executable file (Fig. 2; para 0016, 0019, 0022, 0041 - memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets are executable file samples as associated with security threat or benign sources are received and analyzed). For claim 13, Johns teaches wherein the training data comprises a plurality of training samples, each associated with a single portable executable file (Fig. 2; para 0016, 0019-0022, 0041 - samples or training sets are plurality of executable file samples as associated with security threat or benign sources are received and analyzed). For claim 14, Johns teaches the system of claim 38, wherein a training sample of the plurality of training samples comprises one or more features, a security recognition task label, and auxiliary information (para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature/hashes, features and file types). For claim 15, Johns teaches the system of claim 39, wherein the one or more features of the training sample correspond to one or more features extracted from the single portable executable file (para 0019, 0022, 0050, 0074 - samples with features extracted, indicators, signature/hashes etc.). For claim 16, Johns teaches the system of claim 39, wherein the auxiliary information comprises one of a per-authority label or a textual label (para 0035, 0061-0062, 0102 - byte sequence labels which can be construed as textual, parameters and executable file receiving operation from authority possessing the same). For claim 17, Johns teaches wherein the security recognition task comprises recognizing portable executable files as malware (Fig. 2; para 0016, 0019, 0022, 0041 - memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets are executable file samples as associated with security threat or benign sources are received and analyzed). For claim 18, Johns teaches a method for conducting a security recognition task, comprising: storing a security recognition task model in a memory, the security recognition task model trained to perform the security recognition task using training data, each item of the training data including: a threat sample associated with a portable executable file, a security recognition task label indicative of whether or not the threat sample is a security threat (Fig. 2; para 0016, 0019, 0022, 0041 - memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets with labels (as security recognition task labels) that recognize or indicate respective file samples as associated with security threat or benign sources are received and stored; memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets are executable file samples as associated with security threat or benign sources are received and analyzed; para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature or hashes, features and file types), and auxiliary information including detection data associated with the threat sample by one or more trusted authorities (para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature or hashes, features and file types; also para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators as received auxiliary information), wherein the security recognition task model is trained as a multi-target neural network to predict the auxiliary information and the security recognition task, thereby improving performance of the security recognition task (Fig. 2; para 0016, 0019, 0022-0023, 0041, 0050 - samples or training sets are received and stored for the neural network model training, wherein multiple layers are used for training for multiple targets such as classifying security tasks for different data types; para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators, wherein threat score is based on features which is produced by classifier logic as a prediction or likelihood of attack on a new sample of file); and using the security recognition task model output to perform the security recognition task by predicting the security recognition task label for a new sample (Fig. 1-2; para 0069, 0106 - classifier logic produces a threat score as a prediction or likelihood of attack; para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators, wherein threat score is based on features which is produced by classifier logic as a prediction or likelihood of attack on a new sample of file). For claim 19, Johns teaches the claimed subject matter as discussed above, and further teaches wherein the security recognition task model is trained by jointly optimizing a security recognition task Loss function and an auxiliary information loss function (para 0059-0060, 0064-0066, 0069 - error determination for optimization of security (attack) recognition task and score computation towards determining of attack likelihood or threat/benign indicators). For claim 20, Johns teaches a non-transitory computer readable medium comprising computer executable code embodied in a non-transitory computer readable medium that, when executed by one or more processors (Fig. 2; para 0040-0041, 0107), cause the one or more processors to perform the steps of providing a security recognition task model in a memory, the security recognition task model trained as a multi-target neural network to predict auxiliary information and a security recognition task for one or more samples (Fig. 2; para 0016, 0019, 0022-0023, 0041, 0050 - memory for training and storing a neural network logic or model for security recognition tasks such as threat detection; samples or training sets are received and stored for the neural network model training, wherein multiple layers are used for training for multiple targets such as classifying security tasks for different data types; para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators, wherein threat score is based on features which is produced by classifier logic as a prediction or likelihood of attack on a new sample of file), wherein each sample of training data includes: a threat sample associated with a portable executable file, a security recognition task label indicative of whether or not the threat sample is a security threat (Fig. 2; para 0016, 0019, 0022, 0041 - memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets with labels (as security recognition task labels) that recognize or indicate respective file samples as associated with security threat or benign sources are received and stored; memory for training and storing a neural network logic or model for security recognition tasks such as threat detection, wherein labeled samples or training sets are executable file samples as associated with security threat or benign sources are received and analyzed; para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature or hashes, features and file types), and auxiliary information including detection data associated with the threat sample by one or more trusted authorities (para 0019-0023, 0050, 0074 - samples with auxiliary information such as indicators, signature or hashes, features and file types; also para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators as received auxiliary information); and using an output from the security recognition task model to perform the security recognition task by predicting the security recognition task label for a new sample (Fig. 1-2; para 0069, 0106 - classifier logic produces a threat score as a prediction or likelihood of attack; para 0056, 0064-0066, 0069 - feature weighing and prediction of attack indicators, wherein threat score is based on features which is produced by classifier logic as a prediction or likelihood of attack on a new sample of file). Allowable Subject Matter Claims 6-12 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base independent claim 1 and any intervening claims in addition to overcoming the above-specified rejections. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Saxe et al. (US 9,690,938 B1) and Moskowitch et al. (US 2007/0294768 A1) are cited to show methods, computer program products and systems pertinent to machine learning model training and neural network models with training data sets comprising various attributes for malware detection and security. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAYESH JHAVERI whose telephone number is (571)270-7584. The examiner can normally be reached on Mon-Fri 9 AM to 5 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JAYESH M JHAVERI/Primary Examiner, Art Unit 2433
Read full office action

Prosecution Timeline

Mar 05, 2025
Application Filed
Jun 16, 2026
Non-Final Rejection mailed — §102 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682088
POLICY CONSISTENCY VERIFICATION APPARATUS, POLICY CONSISTENCY VERIFICATION METHOD, AND POLICY CONSISTENCY VERIFICATION PROGRAM
2y 6m to grant Granted Jul 14, 2026
Patent 12670255
GENERATION DEVICE, GENERATION METHOD, AND GENERATION PROGRAM
2y 1m to grant Granted Jun 30, 2026
Patent 12652282
EVENT BASED AUTHENTICATION
1y 7m to grant Granted Jun 09, 2026
Patent 12627653
SECURED DIRECT ACCESS FOR CUSTOMER SERVICE
2y 4m to grant Granted May 12, 2026
Patent 12619786
SYSTEM AND METHODS FOR SMART REGISTER APPLICATIONS
3y 4m to grant Granted May 05, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
83%
Grant Probability
99%
With Interview (+30.8%)
2y 5m (~1y 1m remaining)
Median Time to Grant
Low
PTA Risk
Based on 552 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month