DETAILED ACTION
Claims 1,  8, 15 and 20 have been amended. 
No claims have been added. No claims have been cancelled.
Claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments filed on 1/21/21 have been considered.	
Remarks directed to the newly added feature are moot in view of the new grounds of rejection necessitated by the claim amendments.
The argument that there is no motivation to modify Segal with Shin is not persuasive because the provided motivation further indicates that Shin also provides a method by which a network administrator of the network can control communication between the network internal devices. And although Segal’s method provides administrator control, Shin’s administrator control provides more control via rule setting, see at least [Shin, para.0084].
Remarks regarding the Park reference are moot in view of the new grounds of rejection necessitated by the claim amendments.

Double Patenting rejection
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 

Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-11 of U.S. Patent No. 10356045 because the claims of the issued patents anticipate and/or render obvious the claims in the current application in view of the prior art references applied in the current rejection.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

Claim 20 is rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the and the netmask facilitates the determination, by the smart appliance, as to whether an internet address is directly coupled to the local network or is not directly coupled to the local network”, however the written description does not provide support for this feature.

Claim Rejections - 35 USC § 103
 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

  	Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Segal et al (US Pub. No.2015/0020188) in view of Babbar et al (US Pub.No.2006/0002324), further in view of Shin et al (US Pub.No.2007/0064689) and Danielson et al (US Pub.No.2016/0269436).

Re Claim 1. Segal discloses a method comprising: intercepting, at a network traffic hub within a local network, a message from a smart appliance directed to the router (i.e. The DNS Proxy 54 serves to intercept received DNS packets) [Segal, para.0046, note: the gateway host of Segal discloses a traffic hub and the DNS proxy 54 as shown in Fig.3 is part of the gateway host therefore intercepting by the DNS proxy 54 discloses intercepting at a network traffic hub], [Segal, Fig.2, shows messages directed to the router are forward to the gateway host which is within local network 20], the router being configured to communicate messages between the smart appliance and a computing device on a different network (i.e. The local network 20 includes a router 22, representative of all routers on the local network 20, and is similar to the router 12 detailed above, a controlled host 24 and a gateway host 30) [Segal, para.0026, Fig.2] , (i.e. a home, local, or private network 10 (collectively referred to as a "local network"), as shown in a broken line box, typically includes a router 12, either wired or wireless, and multiple hosts 14, that connect to one or more networks, such as wide area networks, including public networks, such as the Internet 16, via the routers 12) [Segal, para.0002],
Segal does not explicitly disclose whereas Babbar does: the message including a request for an internet address to be assigned to the smart appliance (i.e.  The wireless device may obtain IP configuration from the wireless network, for example, in response to receiving a DHCP message from the terminal equipment ………… The router IP address may also be an IP address that the wireless device spoofs…………….. The wireless device (acting as the DHCP server) then performs a DHCP transaction with the terminal equipment (acting as the DHCP client).  Via this DHCP transaction, the wireless device provides to the terminal equipment (1) the host IP address that ) [Babbar, para.0039-0042, see also Fig.7 and corresponding description],
 	Segal in view of Babbar does not explicitly disclose whereas Shin does: the smart appliance being communicatively connected to the local network via a switch and configured to receive information from outside the local network via the router (i.e. Fig. 1 is a diagram of an example of a system construction implementing a communication control method according to the present invention.  In a LAN environment where a plurality of devices (EQ-1, EQ-2,.  . . , EQ-10) are linked through a layer-2 switch 50) [Shin, Para.0042, Fig.1 shows appliances, switch 50 and router 30 such that the appliances receive external traffic via router 30], (i.e. when a predetermined device in the LAN 40 broadcasts an ARP packet to communicate with any other network internal device in step S100, communication control apparatus EQ-X receives the ARP packet and detects the network layer address and data link layer address included in the ARP packet in step S102) [Shin, para.0082]; 
 	Segal in view of Babbar and Shin further discloses: intercepting, at the network traffic hub, a response to the message from the router, the response comprising an internet address and a netmask (i.e. The DNS Proxy 54 controls the flow of DNS packets, to give the gateway host 30 full control over DNS packets and responses thereto for each controlled host, from which it intercepts the DNS packets.  The DNS proxy 54 will either forward the intercepted DNS packets to an external DNS ) [Segal, para.0045, note: changing resolved DNS responses implicitly discloses changing resolved DNS responses received from the DNS server 32 via the router, Fig.5B-2 shows internet addresses and net-masks rewritten];
 	Segal in view of Babbar and Shin further discloses: modifying, by the network traffic hub, the netmask in the response (i.e. ARP spoof packets may be sent by the gateway host to any node on the local network subnet in order to manipulate its ARP table thus redirecting packets to the gateway host. For example, ARP spoof packets may be sent to a controlled host 24 associating the IP address of the router 22 with the MAC address of the gateway host 30, ARP spoof packets may be sent to the router 22 associating the IP address of the controlled host 24 with the MAC address of the gateway host 30, and ARP spoof packets may be sent to a controlled host 24 associating the IP address of a different host on the local network 20 with the with the MAC address of the gateway host 30….. These spoof packets, once received in the controlled host 24, cause a rewrite of the ARP Table 24a of the controlled host 24, to rewrite the entry within the controlled host 30 ARP table 30b that contains the association between the router 22 IP address and it's MAC address to associate the router 22 IP ) [Segal, para.0040-0041, Fig.5B2, see also Shin, 0069-0070] such that subsequent intra-network traffic sent from the smart appliance directly to a second smart appliance within the local network is instead sent to the network traffic hub, the second smart appliance being a different device than the router (i.e. In order to perform communication control in a network, such as `permission`/`cut-off`/`packet forwarding` of communication between internal devices linked to the network, the ARP table should be generated such that the ARP table of each device can be manipulated, such as generating or modifying contents of the ARP table desired by the outside and the ARP table thus manipulated from the outside can be used when communication with a predetermined network layer address is required.. …..For reference, request packet-1 can be regarded as an ARP request packet for communication of device EQ-2 with device EQ-1. Device EQ-1 corresponding to the destination MAC address (that is, MAC-1) of this request packet-1 receives this packet. Also, device EQ-1 recognizes that the MAC address of device EQ-2 is BLOCK. By this recognition, the packet which device EQ-1 transmits to device EQ-2 is actually received by communication control apparatus EQ-X whose MAC address is BLOCK) [Shin, para.0044-0047, Fig.1 depicts Shin’s internal devices includes multiple smart appliances different than the rout], (i.e. Accordingly, packets transmitted by the two devices EQ-1 and EQ-2 are transferred to communication control apparatus EQ-X whose MAC address is MX.  That is, by ) [Shin, para.0070]; 
 	Segal further discloses: transmitting, from the network traffic hub, the response with the modified netmask to the smart appliance (i.e. ARP spoof packets may be sent by the gateway host to any node on the local network subnet in order to manipulate its ARP table thus redirecting packets to the gateway host.  For example, ARP spoof packets may be sent to a controlled host 24 associating the IP address of the router 22 with the MAC address of the gateway host 30, ARP spoof packets may be sent to the router 22 associating the IP address of the controlled host 24 with the MAC address of the gateway host 30, and ARP spoof packets may be sent to a controlled host 24 associating the IP address of a different host on the local network 20 with the with the MAC address of the gateway host 30…………………………………. These spoof packets, once received in the controlled host 24, cause a rewrite of the ARP Table 24a of the controlled host 24, to rewrite the entry within the controlled host 30 ARP table 30b that contains the association between the router 22 IP address and it's MAC address to associate the router 22 IP address with the gateway host 30 MAC address, This rewrite renders the gateway host 30, as a "man in the middle," (rerouted) at the Ethernet level to the gateway host 30, giving the gateway host 30 full control of network traffic, to and from the controlled hosts 24), [Segal, para.0040-0041, see also para.0006, Fig.2 shows packets sent from local nodes are sent first via the router 22 and then forwarded to gateway host 30], (i.e. acts similarly on packets it receives (inbound) from over the local network 20) [Segal, para.0041-0042, Fig.2 therefore local traffic is also sent first via the router 22 and then forwarded to gateway host 30]; 
Shin further discloses: receiving, at the network traffic hub, communications from the smart appliance intended for the second smart appliance(i.e. Accordingly, packets transmitted by the two devices EQ-1 and EQ-2 are transferred to communication control apparatus EQ-X whose MAC address is MX.  That is, by manipulating the ARP table of related devices, packets transmitted by a predetermined device desiring to communicate with another device in the network can always be made to be transferred to communication control apparatus EQ-X) [Shin, para.0070],
Segal in view of Babbar and Shin does not explicitly disclose whereas Segal in view of Babbar, Shin and Danielson does: and forwarding the received communications to a remote server; and in response to receiving an indication from the remote server that the smart appliance likely includes embedded malicious code based on an analysis processing system 100 may be implemented by a plurality of distributed systems residing in one or more geographic regions……………. processing system 100 may use performance data received from a plurality of devices in a system, such as network 1 or one or more of systems 4A-D, to assess the level of trust of one or more components within the system, such as one or more of components 3A-M. In certain implementations, processing system 100 may establish groups for the monitored components.  Processing system 100 may then use a combination of real-time and historical information to model the behavior of one or more representative components for each group.  Further, processing system 100 may compare the modeled behavior of a representative component for each group with the actual behavior of each component in the group to determine whether the behavior of each component is consistent with the model.  System 100 may use the results of such comparison to determine whether one or more component is acting anomalously and, consequently, has a reduced level of trust.  In response to determining that the one or more component is acting anomalously, system 100 may provide notifications informing users, administrators, and/or related components about the anomalous behavior.  In certain implementations, system 100 may ) [Danielson, para.0027,0029].  
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify Segal with Babbar because there is a need in the art for techniques to support dynamic configuration of IP for a terminal equipment coupled to a wireless device that is in communication with a wireless network, which does not directly support DHCP [Babbar, para.0007].
		It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify Segal in view of Babbar with Shin because Shin’s apparatus is capable of controlling communication between the network internal devices, and provides a method by which a network administrator of the network can control communication between the network internal devices [Shin, para.0007].
 	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify Segal in view of Babbar and Shin with Danielson because in Danielson a statistical significance test may be used to determine whether a component is not trustworthy.  In particular, if the components behavior deviates from the model by a statistically significant amount (e.g., based on some predetermined level of significance), it may be determined that  [Danielson, para.0021].

Re Claims 8 and 15. these claims recite features similar to claim 1 and therefore they are rejected in a similar manner.

Re Claims 2, 9 and 16. Segal in view of Babbar, Shin and Danielson dislcoses the features of claims 1, 8 and 15, Seal in view of Shin further discloses: wherein the message is sent through the switch, and wherein the network traffic hub intercepts the message between the switch and the router (i.e. the communication control apparatus is disposed, not at the gateway of the communication path of the network, but at an arbitrary place inside the network, for example, on the same level as that of the other internal devices inside the network, and forcibly applies a communication control rule, which is based on manipulation of address information of an address resolution protocol (ARP) table, to devices requiring communication control such that communication of only those devices can be selectively controlled.  By doing so, the function of the conventional firewall server, which in a predetermined network, cuts off unnecessary communication between network internal resources and external network resources, is performed, and at the same time, controlling communication between network internal resources is ) [Shin, para.0022, Fig.1 shows all messages must be transmitted through the switch 50].  
	The same motivation to modify with Shin, as in claim 1, applies.

Re Claims 3, 10 and 17. Segal in view of Babbar, Shin and Danielson discloses the features of claims 1, 8 and 15, Segal further discloses: wherein the modified netmask prevents the message from leaving the local network before the message is received by the network traffic hub (i.e. The DNS Proxy 54 serves to intercept received DNS packets) [Segal, para.0046, note: the gateway host of Segal discloses a traffic hub and the DNS proxy 54 as shown in Fig.3 is part of the gateway host therefore intercepting by the DNS proxy 54 discloses intercepting at a network traffic hub].  

Re Claims 4, 11 and 18. Segal in view of Babbar, Shin and Danielson discloses the features of claims 1, 8 and 15, Danielson further discloses: wherein the server is configured to analyze the forwarded communications to identify malicious behavior performed by the smart appliance (i.e. processing system 100 may use performance data received from a plurality of devices in a system, such as network 1 or one or more of systems 4A-D, to assess the level of trust of one or more components within the system, such as one or more of components 3A-M. In certain implementations, processing system 100 may establish groups for the monitored components.  Processing system 100 may then use a ) [Danielson, para.0029].  
The same motivation to modify with Danielson, as in claim 1, applies.

Re Claims 5, 12 and 19. Segal in view of Babbar, Shin and Danielson discloses the features of claims 1, 8 and 15, Babbar further discloses: wherein the message is one of a DHCP discover message or a DHCP request message [Babbar, Fig.7 and corresponding description].
a need in the art for techniques to support dynamic configuration of IP for a terminal equipment coupled to a wireless device that is in communication with a wireless network, which does not directly support DHCP [Babbar, para.0007].

Re Claims 6, 13 and 20. Segal in view of Babbar, Shin and Danielson discloses the features of claims 1, 8 and 15, Babbar further discloses: wherein the response is one of a DHCP offer message or a DHCP acknowledge message [Babbar, Fig.7 and corresponding description].
	Babbar further discloses the feature of claim 20: and the netmask facilitates the determination, by the smart appliance, as to whether an internet address is directly coupled to the local network or is not directly coupled to the local network (i.e. The NIC-Em uses the subnet mask to determine whether a given destination host to which the NIC-Em desires to send data is located within or outside of the subnet) [Babbar, para.0035].
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify Segal in view of Shin and Danielson with Babbar because there is a need in the art for techniques to support dynamic configuration of IP for a terminal equipment coupled to  [Babbar, para.0007]. 

Re Claims 7 and 14. Segal in view of Babbar, Shin and Danielson discloses the features of claims 1, 8 and 15, Segal in view of Shin further discloses: wherein the message is sent to the router through one or more network switches (i.e. Fig. 1 is a diagram of an example of a system construction implementing a communication control method according to the present invention.  In a LAN environment where a plurality of devices (EQ-1, EQ-2,.  . . , EQ-10) are linked through a layer-2 switch 50) [Shin, Para.0042, Fig.1].
 	The same motivation to modify Segal with Shin, as in claim 1 above, applies.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NOURA ZOUBAIR whose telephone number is (571)270-7285.  The examiner can normally be reached on Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571-272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434