DETAILED ACTION
The following claims are pending in this office action: 10-23
The following claims are amended: 10, 14, 15, 16, 17, 19, 22 and 23
The following claims are new: -
The following claims are cancelled: 1-9
Claims 10-23 are rejected. This rejection is FINAL.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
RESPONSE TO ARGUMENTS
The 35 USC 112(b) rejections to claims 10-23 are withdrawn based on the amendments. 
Applicant’s arguments pertaining to 35 USC 103 filed in the amendment filed 12/18/2013 have been fully considered but are moot in view of new grounds of rejection.  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 10, 12, 14, 16, 18, and 22-23 are rejected under 35 U.S.C. 103 as being unpatentable over Kong et al., (US Pub. 2017/0353481) (hereinafter “Kong”) in view of Boutnaru et al., (US Pub. 2015/0150131) (hereinafter “Boutnaru”).  
As per claim 10, Kong teaches an evaluation device comprising: processing circuitry; ([Kong, para. 0119; pg. 1 of the provisional, describing embodiments to be run on a phone] embodiments may take the form of an entirely hardware embodiment…that all generally be referred to herein as a “circuit,” “module” or “system”)
to generate an attack sample, which is data simulating an unauthorized act intended to exert a function on a system; ([Kong, para. 0029; pg. 2 of the provisional, malicious applications generate malware attacks] describes a malicious application on a client device that may launch [generate] a malware attack [an attack sample].  [Para. 0026; pg. 1 of the provisional, describing malicious functions and behaviors] the terms “malware”… as used invoke malicious behaviors, such as stealing information, changing signal strength, or remotely control a client device [malware is data for simulating an unauthorized attack on a system]) 
to compare the attack sample generated and a normal state model, which is data acquired by modeling an authorized act on the system, to generate, based on the comparison result, information for revising the attack sample to be more similar to data simulating the authorized act modeled by the normal state model, and to feed back the generated information; ([Kong, para. 0062; pg. 8 of the provisional, describing checking if a resource feature appears in the confusion feature set, and then mutating the original vector to be the same] the device determines [compares] whether a resource feature R of the malware sample [the attack sample generated] is present in a confusion feature set [a normal state model].  If the resource feature R [the attack sample generated] is present in a feature vector [information for revising the attack sample] of a confusion feature set [a normal state model], the optimal pattern coverage engine mutates the attack sample [revising the attack sample] to be the same as the feature vector of a confusion feature set [to be more similar to data simulating the authorized act modeled by the normal state model].  [Para. 0043; also pg. 2 of the provisional, where resource features are resources obtained by malicious behavior] a resource feature R is an attack sample as this is data simulating an unauthorized act – a feature of malware intended to cause malicious behavior.  ([Kong, para. 0029; fig. 4; page 1 of the provisional, describing feature confusion] a confusion feature set is a set of features in a benign application that a malicious application may copy to evade detection.  [Para. 0079; Fig. 4; page 1, Fig. 1 of the provisional] features [including the feature confusion set] extracted from benign apps is a normal state model [this is data {features}, acquired {extracted} by modeling an authorized act {by analyzing} the benign app {which provides authorized acts on the system}].  [Para. 0043] this process of extracting and transforming features is called the W3H analysis.  [Para. 0049; pg. 1 of the provisional, variants are fed back into the feature extraction model] old features [including the feature vector of the confusion feature set, the information for revising the attack sample] from the W3H analysis are fed back to the optimal pattern coverage engine for pattern mutation and further analysis)
to check whether the revised attack sample reflecting the information fed back still exerts the function of the unauthorized act [on a simulated system]; and ([Kong, para. 0066; fig. 15, block 803; para. 0109; pg. 8 of the provisional, the mutated malware must pass a validation test] device tests each mutation generated [the revised attack sample reflecting the information fed back] by applying a validation/program test to determine whether malicious behaviors [function of the unauthorized act] of the original malware sample have been preserved [is still exerted].  Performing tests of a revised attack sample on a simulated system will be taught later)
to verify, by using the revised attack sample still exerting the intended function, a detection technique implemented in a security product for detecting the unauthorized act.  ([Kong, para. 0066; Fig. 15, block 805; para. 0110; pg. 5 of the provisional, program testing to find mutated apps that are labeled as “benign” by malware detection techniques] the device tests [verifies] each mutation generated [the revised attack sample still exerting the intended function] by applying a conventional/traditional malware detection technique/model [a detection technique implemented in a security product for detecting the unauthorized act] to determine robustness of the mutation.  A mutation that evades detection is a successful malware variant)

However, Boutnaru teaches to check whether the revised attack sample reflecting the information fed back still exerts the function of the unauthorized act on a simulated system. ([Boutnaru, para. 0066] in some embodiments, the Evaluator determines whether the mutated code [revised attack sample reflecting the information fed back] is still malicious or not [still exerts the function of the unauthorized act] using Dynamic Analysis.  A Dynamic Analyzer performs the Dynamic Analysis on the variants…, and in some embodiments…based on various predefined parameters and/or testing performed on virtual machines (VM) or physical machines, or running the variant in a Sandbox [on a simulated system])
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the elements disclosed by Kong to include the additional element to check whether the revised attack sample reflecting the information fed back still exerts the function of the unauthorized act on a simulated system.  One of ordinary skill in the art would have been motivated to make this modification as adding capacity to evaluate and benchmark security product’s ability [i.e. on a virtual environment] allows the user to determine which security product is better (Boutnaru, para. 0003-0004).  

As per claim 12, Kong, in view of Boutnaru teaches claim 10. 
Kong does not explicitly teach the processing circuitry generates the attack sample by executing an attack module, which is a program for simulating the unauthorized act, and in case there is non-reflected information generated, the processing circuitry sets a parameter of the attack module in accordance with the non-reflected information and then executes the attack module.
([Boutnaru, para. 0016] the malware evolution engine, processing circuitry generating an attack sample by executing an attack module, is a program to generate malware variants of malware specimens.  [Para. 0049] the evolutionary engine may include, one or more of the following generic operators: [Para. 0056] automatically simulating methods that are widely used by hackers [simulating the unauthorized act])
and in case there is non-reflected information generated, the processing circuitry sets a parameter of the attack module in accordance with the non-reflected information and then executes the attack module. (Non-reflected information is understood from the specification as any information that is not fed back to the system for adjustment, but still necessary for configuration of the attack module [instant application, para. 0074].  [Boutnaru, para. 0017] the processing circuitry sets a parameter of the malware evolution engine that are not fed back to the system for adjustment [the variants, and not the parameters to configure the variants are fed back to produce a new generation of variants – see para. 0048])
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the elements disclosed by Kong to include the additional elements of the processing circuitry generates the attack sample by executing an attack module, which is a program for simulating the unauthorized act, and in case there is non-reflected information generated, the processing circuitry sets a parameter of the attack module in accordance with the non-reflected information and then executes the attack module.  One of ordinary skill in the art would have been motivated to make this modification because setting such parameters allow the user to automatically (i.e. automatically re-writing relevant headers to automatically allow the program to be loaded and executed instead of requiring user supervision/input) simulate methods that are widely used by hackers so that the user may benchmark a security product’s ability (Boutnaru, para. 0055-0056; para. 0004).

As per claim 14, Kong, in view of Boutnaru teaches claim 10. 
Kong also teaches the processing circuitry simulates the unauthorized act by using the revised attack sample still exerting the intended function and checks whether the simulated unauthorized act is detected by the detection technique and, when not detected, registers the used revised attack sample as an evaluation-purpose attack sample in a database.  ([Kong, para. 0066; Fig. 15, block 805; para. 0110; pg. 5 of the provisional, program testing to find mutated apps that are labeled as “benign” by malware detection techniques] the device tests [simulates the unauthorized act] each mutation generated [by using the revised attack sample still exerting the intended function] by applying a conventional/traditional malware detection technique/model to determine robustness of the mutation.  A mutation that evades detection is a successful malware variant [checks whether the simulated unauthorized act is detected by the detection technique].  Successful malware variants [when not detected] are used in training a classification model [registers the revised attack sample].  [Para. 0067; pg. 10 of the provisional, a table of malware variants generated] in the training phase the inference engine maintains a malicious app database [in a database])
At the time of filing it would have been obvious to one of ordinary skill in the art to combine the teachings of Kong and Boutnaru for the same reasons as disclosed above.

As per claim 16, the claim language is identical or substantially similar to that of claim 14. Therefore, it is rejected under the same rationale applied to claim 14.

As per claim 18, Kong, in view of Boutnaru teaches claim 10. 
Kong also teaches the processing circuitry generates the normal state model from a normal sample, which is data having the authorized act recorded thereon. ([Kong, para. 0079; page 2 of the provisional, features of benign apps are extracted] benign apps [a normal sample, or data having the authorized act recorded upon] is fed to the W3H analysis engine and features of the benign app [normal state models] are extracted.  ([Para. 0079; Fig. 4; page 1, Fig. 1 of the provisional] features extracted from benign apps is a normal state model [this is data {features}, acquired {extracted} by modeling an authorized act {by analyzing} the benign app {which provides authorized acts on the system}).It would have been obvious to one of ordinary skill in the art before the effective filing date of the present application to combine the teachings of Kong and Boutnaru for the same reasons as disclosed above.  

As per claim 22, this claim recites a security product evaluation method comprising of the steps disclosed in the device of claim 10, has claim language that is identical or substantially similar to that of claim 10, and thus is rejected with the same rationale applied against claim 10.  

As per claim 23, Kong teaches a non-transitory computer readable medium storing an evaluation that causes a computer to execute.  
This claim recites a non-transitory computer readable medium storing an evaluation program that causes a computer to execute processes disclosed in the device of claim 10, has claim language that is identical or substantially similar to that of claim 10, and thus is rejected with the same rational applied against claim 10.  

Claims 11, 13, 15, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kong et al., (US Pub. 2017/0353481) (hereinafter “Kong”), in view of Boutnaru et al., (US Pub. 2015/0150131) (hereinafter “Boutnaru”), and further in view of Powell et al., (US Pub. 2015/0379343) (hereinafter “Powell”).  


Kong also teaches wherein the processing circuitry ([Kong, para. 0119; pg. 1 of the provisional, describing embodiments to be run on a phone] embodiments may take the form of an entirely hardware embodiment…that all generally be referred to herein as a “circuit,” “module” or “system”)
extracts a feature of the attack sample generated ([Kong, para. 0079; page 2 of the provisional, features of malware attacks are extracted] malware attacks [attack samples, or data having the authorized act recorded upon] is fed to the W3H analysis engine and features of the attack sample are extracted].  
calculates a score indicating a similarity between the feature extracted and a feature of the normal state model, and ([Kong, para. 0061, pg. 9 of the provisional, describing the semantic distance  as a weighted sum between the current mobile app behavior and the app in the training set for attributes such as feature confusion] the device determines [calculates], for each feature vector of the confusion feature set [a feature of the normal state model] , a corresponding confusion weight [a score].  The weight score is indicative of how many benign app features that can be projected to [is similar to] a malware feature vector.  The higher the score, the greater the similarity between the malware feature vector [the feature extracted], and the confusion feature set [a feature of the normal state model])
increases the similarity by adjusting the feature extracted [and generates information indicating a feature after adjustment as information to be fed back, when the score calculated is smaller than a threshold]. ([Kong, para. 0062; pg. 8 of the provisional, describing checking if a resource feature appears in the confusion feature set, and then mutating the original vector to be the same] the device mutates a feature vector of the attack sample generated to be the same as the feature vector of a confusion feature set.  Generating information indicating a feature after adjustment as information to be fed back, when the score calculated is smaller than a threshold will be taught later.

However, Powell teaches generating information indicating a feature after adjustment as information to be fed back, when the score calculated is smaller than a threshold. ([Powell, para. 0040] if an extraction method [a feature] results in a measured accuracy of less than that threshold [score calculated is smaller than a threshold], then a feedback operation is required which adjusts/re-trains the extraction methods [indicating a feature after adjustment, in this case the adjusted/trained extraction method, as information to be fed back to get a higher score - see Fig. 2A].
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the elements disclosed by Kong and Boutnaru to include the additional element of generating information indicating a feature after adjustment as information to be fed back, when the score calculated is smaller than a threshold.  One of ordinary skill in the art would have been motivated to make this modification as the use of such feedback allows the process to learn and continually improve its output in accordance with the score (Powell, para. 0029 and para. 0040).  

As per claim 13, the claim language is identical or substantially similar to that of claim 12. Therefore, it is rejected under the same rationale applied to claim 12.

As per claim 15, the claim language is identical or substantially similar to that of claim 14. Therefore, it is rejected under the same rationale applied to claim 14.

As per claim 17, the claim language is identical or substantially similar to that of claim 14. Therefore, it is rejected under the same rationale applied to claim 14.

Claims 19-21 are rejected under 35 U.S.C. 103 as being unpatentable over Kong et al., (US Pub. 2017/0353481) (hereinafter “Kong”), in view of Boutnaru et al., (US Pub. 2015/0150131) (hereinafter “Boutnaru”), and further in view of Tong et al., (US Pub. 2020/0019702) (hereinafter “Tong”).  

As per claim 19, Kong, in view of Boutnaru teaches claim 18. 
Kong also teaches the processing circuitry ([Kong, para. 0119; pg. 1 of the provisional, describing embodiments to be run on a phone] embodiments may take the form of an entirely hardware embodiment… that all generally be referred to herein as a “circuit,” “module” or “system”)
extracts the feature of the normal sample acquired, and ([Kong, para. 0079; page 2 of the provisional, features of benign apps are extracted] benign apps [a normal sample, or data having the authorized act recorded upon] is fed to the W3H analysis engine and features of the benign app [normal state models] are extracted].  
learns the feature extracted to generate the normal state model.  ([Kong, para. 0061; pg. 8 of the provisional, describing generating a confusion attack, and confusion feature sets] device identifies [learns] confusion feature sets [normal state models] that can be projected to [generated by] features of the benign apps [the features extracted from the normal sample])
Kong does not explicitly teach acquires the normal sample from outside.  
However, Tong teaches acquires the normal sample from outside. ([Tong, para. 0075] computing devices may download applications from the application store [the outside].  [Para. 0038] An application in the normal application set [the normal sample] is run in a virtual environment)
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the elements disclosed by Kong to include the additional element of acquires the normal sample from outside.  One of ordinary skill in the art would have been motivated to make this modification because the application store may cache and manage various applications for upload, download, and the like, which when combined with the results of malware detection, may assist users in making decisions on application downloads (Tong, para. 0076-0077).

As per claim 20, Kong, in view of Boutnaru teaches claim 18.
Kong does not teach wherein the processing circuitry updates the normal state model every time one or more new normal samples are acquired, and the processing circuitry compares the attack sample generated and a latest normal state model generated.
However, Tong teaches wherein the processing circuitry updates the normal state model every time one or more new normal samples are acquired.  ([Tong, para. 0065]) the normal pattern set [the normal state model] may be updated according to the malware detection result.  When the unknown application [new sample] is determined as a normal application [a new normal sample], the normal pattern set may be updated by considering the unknown application as one of the applications in the normal application set.  After updating, the processing circuitry generates the normal pattern)
and the processing circuitry compares the attack sample generated and a latest normal state model generated. ([Tong, Fig. 1, step 104, then 106, and then 108] after generating the normal pattern, the processing circuitry obtains an unknown application, and then determines a malware detection result.  [Para. 0058] the malware detection result is determined for the unknown application [the attack sample generated disclosed in Kong and Boutnaru, see above] based on comparison between the unknown application’s calling map with the malware pattern set and the normal pattern set [a latest normal state model generated])
It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the elements disclosed by Kong to include the additional elements of wherein the processing circuitry updates the normal state model every time one or more new normal samples are acquired, and the processing circuitry compares the attack sample generated and a latest .  One of ordinary skill in the art would have been motivated to make this modification because a static analysis cannot exhaust all features to achieve comprehensive detection.  By using a dynamic method to collect the normal state model and compare it to new attack samples, the solution can effectively find runtime problems and identify malware and normal applications in a generic way through a uniform process (Tong, para. 0035-0036).
As per claim 21, the claim language is identical or substantially similar to that of claim 20. Therefore, it is rejected under the same rationale applied to claim 20.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  Lin (US Patent No. 903178) discloses malware beaconing activity detection including extracting feature sets based on the conversations and determining that the conversation is anomalous based on the feature sets.  Orhan (US Patent No. 10607011) discloses monitoring and extracting behavior of applications and comparing such behavior with patterns previously extracted.  Keller et al. (US Pub. 2016/0098561) discloses extracting energy emitted by one device and comparing that with the energy emitted by an unmodified device.  Cochenour (US 2015/0172300) discloses generating a behavior model and determining an abnormal attempt to access protect data based in a variation from the behavior model.   Shen (US 2015/0058984) discloses distilling a malware program by providing a benign program, extracting the instruction set, and splicing it into a malware program.   Eiland et al. (US 2010/0107254 discloses an intrusion detection method that generates normal and attack grammars/models from data to determine an attack based on closeness of fit to such models.  
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHE LIU whose telephone number is (571) 272-3634.  The examiner can normally be reached on Monday - Friday: 8:30 AM to 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call (800) 786-9199 (IN USA OR CANADA) or (571) 272-1000.

/ZHE LIU/Examiner, Art Unit 2493                                     

/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                         1/14/2021