Examiner’s Comments
Instant office action is in response to communication filed 3/8/2021.
IDS filed 3/8/2021 has been considered
Claims 1-25 are allowed

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: The primary reasons for allowance of the claims are applicant’s arguments and the inclusion of the limitation, inter alia, “detecting potentially malicious code accessing data in a computer system having a cache to store data from a storage, the computer program product comprising a computer readable storage medium having computer readable program code embodied therein that when executed performs operations, the operations comprising: adding a trap cache segment to the cache for a location in the storage, the cache implemented in at least one memory device, the storage implemented in at least one storage device separate from the at least one memory device; indicating the trap cache segment as a trap cache segment; adding cache segments to the cache having data from locations in the storage that are not indicated as trap cache segments; processing a memory function call from a process executing in the computer system to read a target cache segment from the cache; determining whether the target cache segment includes the trap cache segment; and blocking the memory function call and treat the process as a potentially malicious process in response to determining that the target cache segment includes the trap cache segment.” that is in all claims which is not found in the prior art references previously relied upon or any new references found.

The closest art of record Ben Whitham (NPLwith IDS dated 9/12/2018 "Canary Files: Generating Fake Filesto detect critical data loss from complex computer networks") teaches Canary Files and a Canary File management system. A Canary File is a fake computer document that is placed amongst real documents in order to aid in the early detection of unauthorised data access, copying or modification. The name originates from canaries, which were used within coalmines as an early warning to miners. This paper also introduces the Serinus System, a Canary File management system designed to address some of the key challenges associated with operating a cyber deception capability. The Serinus System automates Canary Files generation using content and fde statistics drawn from three sources: (1) Internet harvested documents, (2) documents collected from across the entire enterprise environment, and (3) documents within the specific target directory. Each data source is allocated a weighting based on the strength of their relationship to the target directory. The weighting is seeded with a random value to avoid discovery by simple statistical based fake fde detection systems. Research is continuing to assess the performance of both Canary Files and the Serinus System.” but does not teach the indicated subject matter above.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.” In event of any post-allowance papers (e.g. IDS, 312 amendment, petition, etc.), Applicant is exhorted to mail papers to the Production Control branch in Publications or faxed to post-allowance papers correspondence branch at (703) 308-5864 to expedite issuing process or call PUB's Customer Service if any questions at (703) 305-8497.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMON P KANAAN whose telephone number is (571)270-3906.  The examiner can normally be reached on M-F (7AM-4PM).

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SIMON P KANAAN/Primary Examiner, Art Unit 2492