Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This is a reply to the application filed on 03/31/2025, in which, claim(s) 1-8 are pending. Claim(s) 1, 3, 5 and 7 are independent.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 03/31/2025, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.
Drawings
The drawings filed on 03/31/2025 are accepted by The Examiner.
Double Patenting
A rejection based on double patenting of the “same invention” type finds its support in the language of 35 U.S.C. 101 which states that “whoever invents or discovers any new and useful process... may obtain a patent therefor...” (Emphasis added). Thus, the term “same invention,” in this context, means an invention drawn to identical subject matter. See Miller v. Eagle Mfg. Co., 151 U.S. 186 (1894); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957).
A statutory type (35 U.S.C. 101) double patenting rejection can be overcome by canceling or amending the claims that are directed to the same invention so they are no longer coextensive in scope. The filing of a terminal disclaimer cannot overcome a double patenting rejection based upon 35 U.S.C. 101.
Claims 1-8 are non-provisionally rejected under 35 U.S.C. 101 as claiming the same invention as that of claims 1-8 of US Patent No. 12,267,369.
Instant Application 19/096,623
Patent US 12,267,369 B2
Claim 1. A system for cybersecurity analysis and protection employing a cyber decision platform, comprising one or more computers with executable instructions that, when executed, cause the system to:
execute a plurality of Internet search tasks for a domain name comprising searches for, and receipt of search results for, one or more domain name system records;
identify Internet protocol addresses associated with the domain name from the one or more domain name system records;
execute a first plurality of Internet protocol address scanning tasks comprising an open port scan for each Internet protocol address identified and a vulnerability scan for each open port; receive a list of open ports, associated vulnerabilities, and a baseline and service fingerprint profile for the domain name;
execute a second plurality of Internet protocol address scanning tasks comprising a port scan detection task for each Internet protocol address identified; and
store the received search results and the results of the first and second pluralities of Internet protocol address scanning tasks;
receive a cybersecurity scoring model, the cybersecurity scoring model comprising category weights for the one or more domain name system records, the list of open ports, and associated vulnerabilities and further comprising an algorithm for combining the categories using the category weights;
compute a cybersecurity score by applying the algorithm to the weighted categories;
and generate a cybersecurity portion of a baseline and service fingerprint profile for the domain name based on the cybersecurity score.
Claim 2. The system of claim 1, wherein the executable instructions, when executed, further cause the system to:
receive a data packet associated with a detected port scan;
generate and send a reply data packet with a modified header, the modified header comprising a flag and a bad sequence number to compel a sniffing machine to return a response data packet, the response data packet revealing the sniffing machine's Internet protocol address; and
block the sniffing machine's Internet protocol address.
Claim 1. A system for cybersecurity analysis and protection employing a cyber decision platform, comprising one or more computers with executable instructions that, when executed, cause the system to:
execute a plurality of Internet search tasks for a domain name comprising searches for, and receipt of search results for, one or more domain name system records;
identify Internet protocol addresses associated with the domain name from the one or more domain name system records;
execute a first plurality of Internet protocol address scanning tasks comprising an open port scan for each Internet protocol address identified and a vulnerability scan for each open port; receive a list of open ports, associated vulnerabilities, and a baseline and service fingerprint profile for the domain name;
execute a second plurality of Internet protocol address scanning tasks comprising a port scan detection task for each Internet protocol address identified; and
store the received search results and the results of the first and second pluralities of Internet protocol address scanning tasks;
receive a cybersecurity scoring model, the cybersecurity scoring model comprising category weights for the one or more domain name system records, the list of open ports, and associated vulnerabilities and further comprising an algorithm for combining the categories using the category weights;
compute a cybersecurity score by applying the algorithm to the weighted categories;
and generate a cybersecurity portion of a baseline and service fingerprint profile for the domain name based on the cybersecurity score.
Claim 2. The system of claim 1, wherein the executable instructions, when executed, further cause the system to:
receive a data packet associated with a detected port scan;
generate and send a reply data packet with a modified header, the modified header comprising a flag and a bad sequence number to compel a sniffing machine to return a response data packet, the response data packet revealing the sniffing machine's Internet protocol address; and
block the sniffing machine's Internet protocol address.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-8 are non-provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over:
Claims 1-2 of Patent 11,968,235.
Although the conflicting claims are not identical, they are not patentably distinct from each other because claims 1-8 are anticipated by claims 1-2 of Patent 11,968,235.
Instant Application 19/096,623
Patent US 11,968,235 B2
Claim 5. A method for cybersecurity analysis and protection using distributed computing services, comprising the steps of:
executing a plurality of Internet search tasks for a domain name comprising searches for, and receipt of search results for, one or more domain name system records; identifying Internet protocol addresses associated with the domain name from the one or more domain name system records;
executing a first plurality of Internet protocol address scanning tasks comprising an open port scan for each Internet protocol address identified and a vulnerability scan for each open port; receiving a list of open ports, associated vulnerabilities, and a baseline and service fingerprint profile for the domain name;
executing a second plurality of Internet protocol address scanning tasks comprising a port scan detection task for each Internet protocol address identified; and storing the received search results and the results of the first and second pluralities of Internet protocol address scanning tasks;
receiving a cybersecurity scoring model, the cybersecurity scoring model comprising category weights for the one or more domain name system records, the list of open ports, and associated vulnerabilities and further comprising an algorithm for combining the categories using the category weights; computing a cybersecurity score by applying the algorithm to the weighted categories; and generating a cybersecurity portion of a baseline and service fingerprint profile for the domain name based on the cybersecurity score.
Claim 2. A method for cybersecurity analysis and protection using distributed computing services, comprising the steps of:
receiving a domain name for reconnaissance and scoring;
creating a first queue of Internet search tasks for a domain name using an in-memory associative array service, the search tasks comprising searches for, and receipt of search results for, one or more domain name system records; implementing the first queue of Internet search tasks through one or more selectable attribute nodes of a public-facing proxy network; identifying Internet protocol addresses associated with the domain name from the one or more domain name system records;
creating a second queue of Internet protocol address scanning tasks for the identified Internet protocol addresses, the scanning tasks comprising an open port scan for each Internet protocol address identified and a vulnerability scan for each open port; implementing the second queue of Internet protocol address scanning tasks and receiving a list of open ports, associated vulnerabilities, and a baseline and service fingerprint profile for the domain name; creating a third queue of Internet protocol address scanning tasks for the identified Internet protocol addresses, the scanning tasks comprising a port scan detection task for each Internet protocol address identified; implementing the third queue of Internet protocol address scanning tasks wherein a data packet associated with a detected port scan is sent to a data packet modifier; storing the search results received from the first queue of Internet search tasks and the list of open ports, associated vulnerabilities, and baseline and service fingerprint profile from the second queue of Internet protocol address scanning tasks;
receiving a cybersecurity scoring model, the cybersecurity scoring model comprising category weights for the one or more domain name system records, the list of open ports, and associated vulnerabilities and further comprising an algorithm for combining the categories using the category weights; calculating a cybersecurity score by applying the algorithm to the weighted categories; generating a cybersecurity portion of the baseline and service fingerprint profile for the domain name based on the cybersecurity score; receiving at the data packet modifier the data packet associated with a detected port scan; generating and sending a reply data packet with a modified header, the modified header comprising a flag and bad sequence number to compel a sniffing machine to return a response data packet, the response data packet revealing the sniffing machine's Internet protocol address; and blocking the sniffing machine's Internet protocol address.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497