Prosecution Insights
Last updated: July 17, 2026
Application No. 19/083,170

ANALYSIS OF BACKUP COPIES TO IDENTIFY MALWARE-ENCRYPTED PRIMARY DATA

Non-Final OA §DP
Filed
Mar 18, 2025
Priority
Oct 27, 2022 — continuation of 12/292,974
Examiner
TRAN, ELLEN C
Art Unit
Tech Center
Assignee
Commvault Systems Inc.
OA Round
1 (Non-Final)
74%
Grant Probability
Favorable
1-2
OA Rounds
2y 0m
Est. Remaining
93%
With Interview

Examiner Intelligence

Grants 74% — above average
74%
Career Allowance Rate
591 granted / 796 resolved
+14.2% vs TC avg
Strong +19% interview lift
Without
With
+19.1%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
17 currently pending
Career history
813
Total Applications
across all art units

Statute-Specific Performance

§101
0.8%
-39.2% vs TC avg
§103
92.6%
+52.6% vs TC avg
§102
3.4%
-36.6% vs TC avg
§112
1.0%
-39.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 796 resolved cases

Office Action

§DP
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 1. This action is responsive to: an original application filed on 18 March 2025 with acknowledgement that this application is a continuation of application 17/975,409 now patent 12,292,974 files on 27 October 2022. 2. Claims 1-20 are currently pending. Claims 1 and 13 are independent claims. 3. The IDS submitted on 25 May 2025 and 11 November 2025 have been considered. Double Patenting 4. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A statutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, please refer to - http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp 5. Claims 1-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,292,974. Although the conflicting claims are not identical, they are not patentably distinct from each other because all the elements/features of claimed system and/or method that performs an analysis of backup copies to identify malware encrypted primary data exist in the patent in similar or different names, essentially performing the same tasks. The table below is a comparison of the pending claims with the patented claims. The difference between the claim set is that the pending claims are worded slightly different but the overall meaning of the claims is the same. The Examiner further notes patent No. 12,292,974 end result is to either “disqualify a second backup copy and “have the first copy be restored” based on SimHash and Shannon entropy similarity and scores. Whereas the pending claims which is an obvious variation of the patented claims, the end result is to either “disqualify a second backup copy” or “utilize a second backup copy” based on SimHash and Shannon entropy similarity and scores. The difference is very subtle and the Examiner does not find the difference patentable distinct, therefore a double patent rejection is applied. PENDING CLAIM 13 PATENTED 12,292,974 CLAIM 15 A computer-implemented method performed by one or more computing devices comprising one or more hardware processors, the computer-implemented method comprising: performing an analysis a first backup copy and a second backup copy to determine whether a second data file is encrypted, wherein the second data file, which is stored at a primary data storage, is a later version of a first data file, wherein the first backup copy was generated from the first data file at a first time, wherein the second backup copy was generated from the second data file after the first time, and wherein the analysis comprises: restoring the first backup copy as a first restored data file at a second data storage that is distinct from the primary data storage, restoring the second backup copy as a second restored data file at the second data storage, applying a SimHash algorithm to the first restored data file and to the second restored data file, applying a Shannon entropy algorithm to the first restored data file and to the second restored data file; based on determining that both of: (a) the first restored data file and the second restored data file are dissimilar, based on the SimHash algorithm, and (b) the second restored data file has high entropy score compared to the first restored data file, based on the Shannon entropy algorithm: (i) causing the second data file and the second backup copy to be disqualified from subsequent storage operations in a system that comprises the first backup copy; and based on determining that both of: (A) the first restored data file and the second restored data file are similar, based on the SimHash algorithm, and (B) the second restored data file has similar entropy score compared to the first restored data file, based on the Shannon entropy algorithm: causing the second data file and the second backup copy to be used for storage operations in the system after the analysis. A computer-implemented method comprising: analyzing a first backup copy and a second backup copy to determine whether a second data file is encrypted, wherein the second data file, which is stored at a primary data storage, is a later version of a first data file, wherein the first backup copy was generated from the first data file at a first time, wherein the second backup copy was generated from the second data file at a second time after the first time, and wherein the analyzing comprises: restoring the first backup copy as a first restored data file at a second data storage that is distinct from the primary data storage, restoring the second backup copy as a second restored data file at the second data storage, obtaining a measure of similarity based on comparing a first similarity score of the first restored data file to a second similarity score of the second restored data file, obtaining an entropy difference based on comparing a first entropy score of the first restored data file to a second entropy score of the second restored data file, based on determining that both of: (a) the measure of similarity between the first restored data file and the second restored data file is greater than a similarity threshold value, wherein the measure of similarity is based on applying a SimHash algorithm to the first restored data file, and (b) the entropy difference between the first restored data file and the second restored data file is greater than an entropy threshold value, wherein the entropy difference is based on applying a Shannon entropy algorithm to the first restored data file: (i) causing the second data file and the second backup copy to be disqualified from storage operations in a data storage management system, wherein the first backup copy and the second backup copy were generated by one or more computerized components of the data storage management system, and (ii) causing the first backup copy to be restored as the first data file at the primary data storage and to replace the second data file at the primary data storage. 6. The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. Linnen et al. U.S. Patent Application Publication No. 2019/0294507 is directed to method and system for calculating a first and second entropy indicator utilized for backup management. The Linnen reference was utilized in the Non/Final Office Action for Application 17/975,409. Linnen et al. U.S. Patent No. 11,023,327 is the patent for the publication noted above. Gaurav et al. U.S. Patent Application Publication No. 2020/0226256 is directed to a system and method that identifies data included in a backup as being potentially infected with malicious software. The Gaurav reference was utilized in the Non/Final Office Action for Application 17/975,409. Borate et al. U.S. Patent Application Publication No. 2022/0100378 is directed to a system and method that detects malware affected snapshots and restores a clean version Chen et al. U.S. Patent Application Publication No. 2022/0067159 is directed to a system that detects ransomware infection in filesystems. Bhave et al. U.S. Patent Application Publication No. 2018/0307839 is direct to a server for detecting ransomware from a storage device that backups a plurality of files. Conclusion 7. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELLEN C TRAN whose telephone number is (571) 272-3842. The examiner can normally be reached Monday-Friday. Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached at 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. ___________________________/ELLEN TRAN/Primary Examiner, Art Unit 2433 27 June 2026
Read full office action

Prosecution Timeline

Mar 18, 2025
Application Filed
Jul 01, 2026
Non-Final Rejection mailed — §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12670268
SECURE EQUIPMENT ACCESS WITH SCREEN MONITORING ENFORCEMENT
2y 8m to grant Granted Jun 30, 2026
Patent 12671569
USING LEVELED HOMOMORPHIC ENCRYPTION IN A CLIENT-SERVER SETTING FOR EVALUATING AN ARTIFICIAL NEURAL NETWORK OVER AN ENCRYPTED INPUT
2y 0m to grant Granted Jun 30, 2026
Patent 12665748
METHOD, COMPUTER PROGRAM AND SYSTEM FOR COLLECTING CONFIDENTIAL DATA FROM SEVERAL DATA PROVIDERS, FOR JOINT ANALYSIS OF SAID DATA
1y 9m to grant Granted Jun 23, 2026
Patent 12647442
SYSTEM AND METHOD FOR PERFORMING DEVICE ATTESTATION
4y 1m to grant Granted Jun 02, 2026
Patent 12639456
Software Engine for Abstracting Security Controls In One-Way Transfer Systems
2y 12m to grant Granted May 26, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
74%
Grant Probability
93%
With Interview (+19.1%)
3y 5m (~2y 0m remaining)
Median Time to Grant
Low
PTA Risk
Based on 796 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month