DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on March 12, 2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an 
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “hardware processors operable to establish/transmit/receive/validate/determine” in claim 1; “hardware processors operable to present” in claim 2; “hardware processors operable to transmit/receive/establish” in claim 3; “hardware processors operable to transmit/receive/generate/establish” in claim 4; “hardware processors operable to generate/establish/transmit/receive/validate/determine” in claim 5; “hardware processors operable to scramble” in claim 6; “hardware processors operable to establish/generate/transmit/receive/ determine” in claim 7; “hardware processors operable to present” in claim 8; “hardware processors operable to generate” in claim 9; “hardware processors operable to transmit/receive/establish” in claim 10; “hardware processors operable to transmit/receive/generate/establish” in claim 11; “hardware processors operable to establish/transmit/receive” in claim 12; and “hardware processors operable to establish/transmit/receive” in claim 13.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 

Claims 1-25 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-16 of U.S. Patent No. 10,693,893.  Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are directed towards related subject from the patented ‘893 claims in that the claims of the ‘893 patent contain all of the limitations of the instant application. The ‘893 patented claims are directed towards a method for detecting man-in-the-middle attacks, whereas the claims of the instant application are directed towards a system and computer readable storage medium used for detecting man-in-the-middle attacks.  It would have been obvious to a person of ordinary skill in the art at the time of the effective filing date of the claimed invention to substitute one statutory class of invention for another which would not affect the outcome of the claimed invention. Claims 1-16 of the instant application therefore are not patentably distinct from the earlier filed ‘893 application claims, and as such, is unpatentable for obvious-type double patenting.  Claims 1-25 of the instant application therefore are not patentably distinct from the earlier patented claims, and as such, is unpatentable for obvious-type double patenting.



Allowable Subject Matter
Claims 1-25 are allowed, however they are rejected under obvious-type double patenting requiring the filing of a terminal disclaimer.
The following is a statement of reasons for the indication of allowable subject matter:
As per claim 1, it was not found to be taught in the prior art of a system of detecting a man-in-the-middle (MITM) during HTTPS communications, the system comprising: one or more storage devices; one or more hardware processors coupled to the one or more storage devices; the one or more hardware processors operable to establish a TCP connection to an IP address of a domain name; the one or more hardware processors operable to transmit a TLS message using the TCP connection, a SNI of the TLS message including the domain name; the one or more hardware processors operable to receive a TLS reply message including the certificate for the domain name; the one or more hardware processors operable to validate the received certificate; the one or more hardware processors operable to establish a TLS connection in response to validation of the received certificate; the one or more hardware processors operable to transmit a HTTP GET message using the TLS connection, a URL of the HTTP GET message including an alternate domain name and a target web page associated with the alternate domain name, the alternate domain name being different from the domain name; the one or more hardware processors operable to receive a HTTP OK message including the target web page; and the one or more hardware processors operable to determine that a man-in-the-middle is intercepting the HTTPS communications based on the receipt of the target web page.
As per claim 7, it was not found to be taught in the prior art of a system of detecting a man-in-the-middle (MITM) during HTTPS communications, the system comprising: one or more storage devices; one or more hardware processors coupled to the one or more storage devices; the one or more hardware processors operable to establish a TCP connection to an IP address of a domain name; the one or more hardware processors operable to generate an alternate domain name using a domain generation algorithm; the one or more hardware processors operable to transmit a TLS message using the TCP connection, a SNI of the TLS message including the generated alternate domain name; the one or more hardware processors operable to receive a TLS reply message including a certificate for the generated alternate domain name; and the one or more hardware processors operable to determine that a man-in-the-middle is intercepting the HTTPS communications based on the receipt of the certificate.
As per claim 14, it was not found to be taught in the prior art of a computer readable storage medium storing a program of instructions executable by a machine to perform a method of detecting a man-in-the-middle (MITM) during HTTPS communications, the method comprising: transmitting a query to a DNS for an IP address of a domain name; receiving, from the DNS, the IP address of the domain name; generating an alternate IP address different than the IP address of the domain name; transmitting a TCP message to the alternate IP address; receiving a TCP acknowledgement message from the alternate IP address; establishing a TCP connection with the alternate IP address in response to the received TCP acknowledgment; transmitting a TLS message using the TCP connection, a SNI of the TLS message including the domain name; receiving a TLS reply message including a certificate for the domain name; validating the received certificate; establishing a TLS connection in response to validation of the received certificate; transmitting a HTTP GET message using the TLS connection, a URL of the HTTP GET message including the domain name and a target web page associated with the domain name; receiving a HTTP OK message including the target web page; and determining that a man-in-the-middle is intercepting the HTTPS communications based on the receipt of the target web page.
As per claim 16, it was not found to be taught in the prior art of a computer readable storage medium storing a program of instructions executable by a machine to perform a method of detecting a man-in-the-middle (MITM) during HTTPS communications, the method comprising: establishing a TCP connection to an IP address of a domain name; transmitting a TLS message using the TCP connection, a SNI of the TLS message including the domain name; receiving a TLS reply message including the certificate for the domain name; validating the received certificate; establishing a TLS connection in response to validation of the received certificate; transmitting a HTTP GET message using the TLS connection, a URL of the HTTP GET message including an alternate domain name and a target web page associated with the alternate domain name, the alternate domain name being different from the domain name; receiving a HTTP OK message including the target web page; and determining that a man-in-the-middle is intercepting the HTTPS communications based on the receipt of the target web page.
As per claim 20, it was not found to be taught in the prior art of a computer readable storage medium storing a program of instructions executable by a machine to perform a method of detecting a man-in-the-middle (MITM) during HTTPS communications, the method comprising: establishing a TCP connection to an IP address of a domain name; generating an alternate domain name using a domain generation algorithm; transmitting a TLS message using the TCP connection, a SNI of the TLS message including the generated alternate domain name; receiving a TLS reply message including a certificate for the generated alternate domain name; and determining that a man-in-the-middle is intercepting the HTTPS communications based on the receipt of the certificate.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Lee, US 2020/0252426 is relied upon for disclosing of identifying different domain names in regards to the detection of man-in-the-middle attacks, see paragraph 0094.
Moore, US 2020/0304476 is relied upon for disclosing of detecting man-in-the-middle attacks, wherein various parameters are checked during the process, see paragraph 0030.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER A REVAK whose telephone number is (571)272-3794.  The examiner can normally be reached on 5:30am - 3:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LYNN FEILD can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/CHRISTOPHER A REVAK/Primary Examiner, Art Unit 2431