DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) was submitted on 02/22/2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Amendment
This is in response to the amendments filed on 02/22/2021. Claims 1, 2, 4, and 5 have been amended. Claim 3 has been canceled. Claims 1-2, 4-9, and 16-21 are currently pending, and claims 16-21 are withdrawn from further consideration. Claims 1-2 and 4-9 have been considered below.

Response to Arguments
In view of the replacement drawing for FIG. 1 filed 02/22/2021, the objections with respect to the drawing has been withdrawn.
Applicant’s arguments, see pages 9-10, filed 02/22/2021, with respect to the rejection of claims 1-9 under 35 U.S.C. 103 have been considered but are moot because the arguments do not apply to the reference being newly cited in the current rejection. Applicant's amendment necessitated the new ground(s) of rejection as will be discussed below.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4, 5, and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Bruss et al. (US 10,397,272 B1; hereinafter, “Bruss”) in view of Dasgupta et al. (US 2011/0173142 A1; hereinafter, “Dasgupta”).

Regarding claim 1:
Bruss teaches:
A non-transitory computer-readable medium with instructions stored thereon that, when executed by a processor, cause the processor to perform operations (col. 14, ll. 60-63: These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner) comprising: 
receiving an email addressed to a recipient who is an employee of an enterprise (col. 4, ll. 57-61: Sender devices 190a-190c transmit emails to an enterprise or organization (e.g., to addresses associated with the organization or its employees). For example, email server 110 may receive emails from one or more email sender devices 190a-190c. --- It is noted that one of its employees teaches a recipient); 
determining an identity of a sender based on an analysis of the email (col. 8, ll. 23-28: Semi-structured, header data (e.g., semi-structured data) may be analyzed using a random decision forest classifier. Header data may include, as non-limiting examples, sender address, sender domain, IP addresses, time sent, and recovered listing (e.g., list of servers and computers through which the message was routed; path of delivery). --- It is noted that sender address teaches an identity of a sender; header data including sender address is analyzed teaches determining based on analysis of the email);
… 
applying the first set of models to the email to produce a first output indicative of whether the email is representative of a malicious email (col. 4, ll. 61-64: MTA filter 120 may filter out certain identified malicious emails (e.g., phishing emails), and forward the remainder emails to appropriate reception devices 130a-130c. --- It is noted that MTA filter 120 (i.e., filtering) teaches a first set of models as will be stated below; identified emails teaches a first output; and phishing emails teaches a malicious email); 
determining, based on the first output, that the email may be a malicious email (col. 4, l. 67- col. 5, l. 8: in some embodiments, MTA filter 120 may transmit the remaining emails to attack-detection server 140. In some cases, attack-detection server 140 may analyze all emails sent from MTA filter 120. In some implementations MTA filter 120 may transmit all emails to attack-detection server 140, and tag malicious emails (i.e., emails the MTA filter 120 has identified as malicious) for refinement of attack-detection server 140 and/or for a secondary check on maliciousness. --- It is noted that MTA filter 120 may transmit the remaining emails teaches based on the first output; attack-detection server 140 may analyze all emails sent from MTA filter 120 and tag malicious emails teaches determining that the email may be a malicious email); 
(col. 5, ll. 18-52: Attack-detection server 140 analyzes the forwarded emails and provides immediate feedback to the reception devices 130a-130c. For example, if attack-detection server 140 determines that the forwarded email is legitimate or malicious, attack-detection server 140 may indicate the same to reception devices 130a-130c. In some cases, attack-detection server 140 may not be able to determine whether the forwarded email is malicious, attack-detection server 140 may then send the same to analyst device 150. An analyst may access the analyst device 150 and determine whether the emails are malicious. The determination may be sent back to attack-detection server 140, which may then refine its analysis models. … Moreover, by iteratively refining or retraining the machine learning algorithms, attack-detection server 140 may quickly adapt to identify new malicious emails (e.g., new types of malicious emails or new approaches of malicious emails); col. 7, ll. 1-10: Attack-detection server 140 may utilize various machine-learning structures to identify malicious emails. For example, in some embodiments, attack-detection server 140 may utilize supervised learning from historical, labeled emails. The inventors found a surprising benefit in segmenting email data and utilizing different models for different types of data. For example, by segmenting the data, specialized models may be tailored to the specific data segment, while any biases and noise can be averaged out by combining the different models. --- It is noted that analysis models and different models being used in attack-detection server 140 and analyst device 150 teaches applying a second set of models; identify new malicious emails teaches a second output; new types of malicious emails and different types of data teaches a given type of malicious email; and determines that the email is legitimate or malicious teaches produce a second output indicative of malicious email; It is noted that the claim does not specify what the given type is, thus for the sake of examination, it is interpreted as any kind of types); and 
(col. 5, ll. 18-20: Attack-detection server 140 analyzes the forwarded emails and provides immediate feedback to the reception devices 130a-130c; col. 6, ll. 48-60: attack-detection server 140 may analyze all emails received from MTA filter 120 automatically. If attack-detection server 140 detects any false positives (e.g., legitimate emails that were tagged as malicious), attack-detection server 140 may forward the same to the appropriate reception device 130 a-130 c. If attack-detection server 140 identifies an email delivered to a reception device 130 a-130 c as malicious, it may notify the appropriate respective reception device 130 a-130 c. In some cases, attack-detection server 140 may initiate a quarantine of the malicious email delivered to the reception device 130 a-130 c, or place certain access restrictions on the identified email. --- It is noted that for example, provides immediate feedback and initiate a quarantine teaches performing an action; the emails teaches with respect to the email; analyzed emails teaches based on the second output).
Bruss is silent about:
obtaining a first set of models that includes (i) a first model trained using past emails sent by the sender that have been verified as non-malicious and (ii) a second model trained using past emails received by the recipient that have been verified as non-malicious, 
wherein the first model is trained to identify deviations in features, content, or context that are representative of changes in behavior of the sender, and 
wherein the second model is trained to identify deviations in features, content, or context that are representative of changes in behavior of the recipient.
Dasgupta, in the same field of endeavor, teaches:
obtaining a first set of models (see FIGs . 2A and 2B, which teach a first set of models) that includes (i) a first model trained using past emails sent by the sender that have been verified as non-malicious (para. [0047]: Sender behavior parameters associated sender IDs may be initially collected in operation 302. … For instance, a service provider administrator may assess behavior patterns to determine spammers and non-spammers and their associated behavior patterns; para. [0048]: A spam detection model may then be generated or modified to predict a spam indicator for an unknown sender ID based on the known sender IDs and their associated sender behavior parameters and spam indicators in operation 306. … If an email by an unknown sender has been sent, behavior parameters for the current unknown sender may then be collected in operation 310; para. [0034]: The known sender behavior patterns may be utilized by learning system 258 to generate or modify a spam prediction model. That is, the known sender behavior patterns are used as a training set. The behavior patterns may include identifying information for a plurality of known behaviors for known spammers and known non-spammers as described herein; para. [0018]: Techniques of the present invention provide a training process for generating a model for facilitating spam filtering. --- It is noted that a spam detection model teaches a first model; a spam detection model generated or modified based on the known sender IDs and their associated sender behavior parameters teaches the first model is trained using past emails sent by the sender; collected sender behavior parameters associated sender IDs teaches using past emails sent; the behavior patterns include information for a plurality of known behaviors for known non-spammers teaches emails that have been verified as non-malicious) and (ii) a second model trained using past emails received by the recipient that have been verified as non-malicious (para. [0025]: Recipient patterns for emails from known non-spammers may be logged in operation 204; para. [0030]: As such known senders continue to send email after they have been identified as spammers (e.g., after they have been blacklisted) or non-spammers (e.g., after they are white-listed), recipient patterns for associated sender ID's can be logged. Referring back to FIG. 2A, a probabilistic model for predicting spammers based on the logged recipient patterns may then be generated or modified based on the known behavior patterns of known spammers and non-spammers in operation 206; para. [0018]: Techniques of the present invention provide a training process for generating a model for facilitating spam filtering. --- It is noted that a probabilistic model generated based on the logged recipient patterns teaches a second model trained using past emails received by the recipient; emails from non-spammers (e.g., white-listed) teaches emails verified as non-malicious), 
wherein the first model is trained to identify deviations in features, content, or context that are representative of changes in behavior of the sender (para. [0052]: When an email is sent, a sender ID associated with the current email may then be determined in operation 404. For instance, the sender ID for the email is noted. It may then be determined whether the current sender ID is associated with a spam indicator that was generated by a spam prediction model in operation 406. For instance, it is determined whether the sender ID is associated with a spam or non-spam designation that was determined by a spam prediction model, e.g., in a black- or white-list). Sender IDs that are associated with a potential spammer indicator may be reassessed by the prediction model; para. [0046]: Each behavior pattern may be stored as an accessible fingerprint that helps in locating, searching and comparing behavior patterns quickly. --- It is noted that a spam detection model generated or modified based on the known sender IDs and their associated sender behavior parameters teaches the first model is trained base on behavior of the sender; determined by a spam prediction model and comparing behavior patterns teaches identify deviations in features, here, comparing implies identify deviations), and 
wherein the second model is trained to identify deviations in features, content, or context that are representative of changes in behavior of the recipient (para. [0028]: In another example, spam may be identified by detecting particular words or statistical content which tend to be contained in spam emails … If recipients (e.g., a specified number or percentage of recipients) do not reverse a spam definition in a specified time period, the associated sender ID may then be identified as a spammer so that their email behavior patterns can be subsequently monitored; para. [0030]: Referring back to FIG. 2A, a probabilistic model for predicting spammers based on the logged recipient patterns may then be generated or modified based on the known behavior patterns of known spammers and non-spammers in operation 206. --- It is noted that a probabilistic model generated or modified based on the known behavior patterns teaches the second model is trained base on behavior of the recipient; detecting particular words or statistical content which tend to be contained in emails teaches identify deviations in features, content, or context, and which teaches representative of changes in behavior of the recipient). 
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Bruss’s system by enhancing Bruss’s MTA filter to use a set of models trained using sender pattern and recipient pattern, as taught by Dasgupta, in order to initially filter unsolicited bulk emails based on sender pattern and recipient pattern.
The motivation is to quickly while accurately separate safe emails from the bulk emails by using the known behavior patterns.

Regarding claim 2:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 1. 
Bruss further teaches:
wherein the second output indicates that the email is not of the given type of malicious email (col. 5, ll. 42-46: Moreover, by iteratively refining or retraining the machine learning algorithms, attack-detection server 140 may quickly adapt to identify new malicious emails (e.g., new types of malicious emails or new approaches of malicious emails); col. 6, ll. 48-60: attack-detection server 140 may analyze all emails received from MTA filter 120 automatically. If attack-detection server 140 detects any false positives (e.g., legitimate emails that were tagged as malicious), attack-detection server 140 may forward the same to the appropriate reception device 130 a-130 c. --- It is noted that detects any false positives teaches the second output indicates that the email is not a malicious email; and new types of malicious emails teaches a given type of malicious email), and 
wherein performing the action comprises: 
forwarding the email to an inbox of the employee (col. 6, ll. 48-60: attack-detection server 140 may analyze all emails received from MTA filter 120 automatically. If attack-detection server 140 detects any false positives (e.g., legitimate emails that were tagged as malicious), attack-detection server 140 may forward the same to the appropriate reception device 130a-130c. --- It is noted that any false positives (e.g., legitimate emails that were tagged as malicious) is forwarded to the appropriate reception device teaches forwarding the email to an inbox of the employee; reception device teaches the employee; and it is inherent that legitimate emails are forwarded to an inbox).

Regarding claim 4:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 1. 
Bruss further teaches:
wherein each model of the second set of models is associated with a different type of malicious email (col. 7, ll. 1-10: Attack-detection server 140 may utilize various machine-learning structures to identify malicious emails. For example, in some embodiments, attack-detection server 140 may utilize supervised learning from historical, labeled emails. The inventors found a surprising benefit in segmenting email data and utilizing different models for different types of data. For example, by segmenting the data, specialized models may be tailored to the specific data segment, while any biases and noise can be averaged out by combining the different models. --- It is noted that utilizing different models for different types of data teaches each model is associated with a different type of malicious email).

Regarding claim 5:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 4. 
Bruss further teaches:
wherein each model in the second set of models produces a separated output when applied to the email (FIG. 2B & col. 9, ll. 38-56: Meanwhile, the raw text data may initially be fed into a recurrent neural network (RNN), such as long short-term memory recurrent neural network (LSTM RNN). Outputs from the FFNN and LSTM RNN are then fed into a fully-connected dense layer. --- It is noted that FFNN and LSTM RNN teaches multiple models; and each output from FFNN and LSTM RNN teaches a separated output), and 
wherein the operations further comprise: 
applying a third model designed to aggregate the separate outputs produced by the second set of models into a comprehensible visualization component (FIG. 2B & col. 9, ll. 38-56: FIG. 2B illustrates another example machine-learning structure that may be implemented by the attack-detection server 140 in some implementations. In FIG. 2B, both engineered and meta attributes (e.g., headers/header derived or other semi-structured data such as answers to: “do the sender's email address and name match,” “does the email address domain recur in the body of the email,” “what day of the week was the email sent?”) and raw text (e.g., email subject-line, email body, or other unstructured email data) may all be fed into a single unified neural network (UNN). Within the UNN, the engineered and meta files may first be fed into a feed forward neural network (FFNN). … Outputs from the FFNN and LSTM RNN are then fed into a fully-connected dense layer, which outputs a determination as to whether the email is likely malicious (e.g. has a probability of being malicious that exceeds a threshold); col. 7, ll. 16-22: In some embodiments, attack-detection server 140 may generate a sanitized version of the malicious email and exchange the malicious email with the sanitized version in the user account. The sanitized version may include a visual representation of the malicious email, with all active elements removed (e.g., removing all links and attachments, and changing a reply address). --- It is noted that a single unified neural network (UNN) teaches a third model; and include a visual representation of the malicious email teaches produced into a comprehensible visualization component).

Regarding claim 7:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 1. 
Bruss further teaches:
	wherein the second output indicates that the email includes a primary link to a resource hosted by a network-accessible hosting service (col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link…;  col. 10, ll. 10-15: In some cases, the system may review threat feeds and other enrichment sources to better identify whether the hosting server/network of a specific IP address is reputable (e.g., if the host system is not reputable, then the link is more likely not reputable) --- It is noted that the output from the attack-detection server teaches the second output; the link teaches a primary link; and a hosting service/network teaches a network-accessible hosting service), and 
wherein performing the action comprises: 
following the primary link so that the resource is accessed using a virtual web browser (col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine) --- It is noted that navigate to the link teaches following the primary link; and virtual machine teaches a virtual web browser),
(col. 10, ll. 33-37: As non-limiting examples, attributes of an email body analyzed may include any HTML elements (e.g., disregarding tags generated by an email client), raw text with all html elements removed, and count of links (e.g., hyperlinks or URLs) in the email body); col. 10, ll. 46-48: With email analysis, there is often a one-to-many relationship between sets of information. For example, for any given email, there are multiple links and attachments; col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine). --- It is noted that count of links teaches the secondary link; it is inherent that each link links to corresponding resource, thus count of links itself teaches any secondary links to secondary resources; and virtual machine teaches a virtual web browser), 
for each secondary link, 
following the secondary link so that the corresponding secondary resource is accessed using the virtual web browser (col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine). The attack-detection server 140 may analyze re-routing from the link, any automatic downloads, or web page data from the navigated to link to help determine the email's legitimacy. --- It is noted that navigate to the link and re-routing from the link teaches following the secondary link; and virtual machine teaches the virtual web browser), and 
analyzing content of the corresponding secondary resource to determine whether the secondary link represents a security threat (col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine). The attack-detection server 140 may analyze re-routing from the link, any automatic downloads, or web page data from the navigated to link to help determine the email's legitimacy. --- It is noted that analyze web page data from the navigated teaches analyzing content of the corresponding secondary resource; determine the email's legitimacy teaches determine whether the secondary link represents a security threat), and 
determining whether the primary link represents a security threat based on whether any secondary links were determined to represent security threats (col. 9, l. 63- col. 10, l. 1: The attack-detection server 140 may analyze re-routing from the link, any automatic downloads, or web page data from the navigated to link to help determine the email's legitimacy; col. 10, ll. 10-15: In some cases, the system may review threat feeds and other enrichment sources to better identify whether the hosting server/network of a specific IP address is reputable (e.g., if the host system is not reputable, then the link is more likely not reputable)). 

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Bruss et al. (US 10,397,272 B1; hereinafter, “Bruss”) in view of Dasgupta et al. (US 2011/0173142 A1; hereinafter, “Dasgupta”), and further in view of Uriel (US 2018/0084003 A1; hereinafter, “Uriel”).

Regarding claim 6:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 1. 
Bruss further teaches:
wherein the second output indicates that the email includes a link to a Hypertext Markup Language (HTML) resource (col. 10, ll. 33-37: As non-limiting examples, attributes of an email body analyzed may include any HTML elements (e.g., disregarding tags generated by an email client), raw text with all html elements removed, and count of links (e.g., hyperlinks or URLs) in the email body), and 
wherein performing the action comprises: 
(col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine)), 
…, and 
analyzing … to determine whether the link represents a security threat (col. 9, l. 63- col. 10, l. 1: The attack-detection server 140 may analyze re-routing from the link, any automatic downloads, or web page data from the navigated to link to help determine the email's legitimacy).
Bruss in view of Dasgupta is silent about:
wherein performing the action comprises: … extracting a Document Object Model (DOM) for the HTML resource …, and analyzing the DOM …
Uriel teaches:
wherein performing the action comprises: … extracting a Document Object Model (DOM) for the HTML resource …, and analyzing the DOM … (Para. [0073]: The subset of JavaScript functions/methods include those which can be used to enumerate over an HTML page DOM and extract information from the HTML page DOM, and which can dynamically create DOM elements; Para. [0002]: Determining whether a web page displayed on an endpoint client includes malicious content may be accomplished by scanning elements of the web page, for example, document object model (DOM) elements of an HTML page or JavaScript file attached to the web page.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Bruss in view of Dasgupta’s system by enhancing Bruss in view of Dasgupta’s attack-detection server to extract and analyze information from the HTML page DOM, as taught by Uriel, in order to determine the email's legitimacy which includes HTML elements and hyperlinks.
. 

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Bruss et al. (US 10,397,272 B1; hereinafter, “Bruss”) in view of Dasgupta et al. (US 2011/0173142 A1; hereinafter, “Dasgupta”), and further in view of Mahajan et al. (“Finding HTML Presentation Failures Using Image Comparison Techniques”, 2014; hereinafter, “Mahajan”).

Regarding claim 8:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 1. 
Bruss further teaches:
wherein the second output indicates that the email includes a link to a Hypertext Markup Language (HTML) resource (col. 10, ll. 33-37: As non-limiting examples, attributes of an email body analyzed may include any HTML elements (e.g., disregarding tags generated by an email client), raw text with all html elements removed, and count of links (e.g., hyperlinks or URLs) in the email body), and 
wherein performing the action comprises: 
following the link so that the HTML resource is accessed using a virtual web browser (col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine)), 
… the HTML resource through the virtual web browser (col. 9, l. 63- col. 10, l. 1: In some implementations, attack-detection server 140 may navigate to the link (e.g., in a sandbox or virtual machine)), 
...
(col. 9, l. 63- col. 10, l. 1: The attack-detection server 140 may analyze re-routing from the link, any automatic downloads, or web page data from the navigated to link to help determine the email's legitimacy).
Bruss in view of Dasgupta is silent about:
wherein performing the action comprises: 
…
capturing a screenshot …, 
applying a computer vision algorithm designed to identify similarities between the screenshot and a library of verified sign-in websites. 
Mahajan teaches:
wherein performing the action comprises: 
…
capturing a screenshot … (section 3.1: The first phase of the approach detects presentation failures by comparing the screenshot of a web page under test, as rendered in a browser, with its expected appearance, the oracle.), 
applying a computer vision algorithm designed to identify similarities between the screenshot and a library of verified sign-in websites (General term: Algorithms; section 3: The goal of our approach is to automatically detect and localize presentation failures in web pages … the set of HTML elements; section 3.1: The first phase of the approach detects presentation failures by comparing the screenshot of a web page under test, as rendered in a browser, with its expected appearance, the oracle. --- It is noted that approach and algorithm teaches applying a computer vision algorithm; the screenshot of a web page under test teaches the screenshot; the oracle teaches a library of verified sign-in websites; and comparing the screenshot of a web page under test with the oracle teaches identify similarities).

The motivation is to determine whether an email includes malicious content regardless of the language or structure of the email by applying a vision algorithm. 

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Bruss et al. (US 10,397,272 B1; hereinafter, “Bruss”) in view of Dasgupta et al. (US 2011/0173142 A1; hereinafter, “Dasgupta”), and further in view of Woods et al. (US 2019/0068616 A1; hereinafter, “Woods”).

Regarding claim 9:
Bruss in view of Dasgupta teaches:
The non-transitory computer-readable medium of claim 1. 
Bruss further teaches:
wherein the second output indicates that the email includes an attachment (col. 8, ll. 45-56: In some cases, the attack-detection server 140 (e.g., acting alone or in conjunction with one or more other devices within the system 100 a/100 b) may receive the email, parse the email into portions (e.g., header, subject line, body text, URLs or other embedded links, etc.), and organize the email portions to be analyzed using the machine-learning models. In some cases, features derived from one or more of URL analysis, header analysis, and attachment analysis may be fed into a nonparametric model (e.g., a random-forest classifier or gradient boosting machine).), and 
wherein performing the action comprises: 
(col. 10, ll. 46-62: each email feature (e.g., links, attachments) may be analyzed to determine what is statistically relevant. --- It is noted that attachments may be analyzed teaches opening the attachment), and 
determining whether the attachment represents a security threat based on an analysis of content of the attachment (attack-detection server 140 may generate a sanitized version of the malicious email and exchange the malicious email with the sanitized version in the user account. The sanitized version may include a visual representation of the malicious email, with all active elements removed (e.g., removing all links and attachments, and changing a reply address) --- It is noted that removing all attachments from the malicious email teaches determining whether the attachment represents a security threat).
Bruss in view of Dasgupta is silent about:
opening the attachment within a secure processing environment.
Woods teaches:
opening the attachment within a secure processing environment (para. [0018]: In some embodiments, or in combination with any of the embodiments herein, the invention is structured to identify that the electronic communication comprises an attachment based on analyzing the electronic communication; transmit the attachment to a sandbox system; and determine that the attachment is malicious based on operating the attachment at the sandbox system).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Bruss in view of Dasgupta’s system by enhancing Bruss in view of Dasgupta’s attack-detection server to transmit the attachment to a sandbox system, as taught by Woods, in order to determine if the attachments are malicious by analyzing in the isolated environment.
The motivation is to allow the server to become infected by executing or performing action upon suspicious payloads/attachments in the sandbox environment, so that indicators of .

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Van Prakash (US 2016/0014151 A1) discloses that a method comprises receiving a received message by a recipient from a sender, obtaining one or more message characteristic by parsing the received message based on at least one of a set of predetermined message characteristics, the message characteristic comprising one or more of a sender message characteristic or a recipient message characteristic, storing the message characteristic in a database, applying a classification engine to the message characteristic to define a message characteristic pattern, receiving a new received message, applying the classification engine to the new received message to define a new received message characteristic pattern, comparing the new received message characteristic pattern to the message characteristic pattern to determine whether the new received message characteristic pattern is similar to the message characteristic pattern and using the results of the comparison to influence the likelihood of the received message being a phishing message.

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WANSIK YOU whose telephone number is (571)270-3360.  The examiner can normally be reached on 7:30-5:30 M-Th.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR PATEL can be reached on (571)-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/W.Y./Examiner, Art Unit 2491                                                                                                                                                                                                        




/ASHOKKUMAR B PATEL/            Supervisory Patent Examiner, Art Unit 2491