DETAILED ACTION
This office action is in response to the correspondence filed on 01/27/2020. This application is a 371 National Stage of PCT/CN2016/078843 has a foreign application CN201510416040 filed on   07/15/2015. Claims 1-18 are pending and are examined. 

Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. 15505835, filed on 07/15/2015. It is noted, however, that applicant has not filed a certified copy of CN201510416039.


Information Disclosure Statement
The information disclosure statement (IDS) was submitted on 01/27/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.



Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. 
Claims 1-5, 7-14, and 16-18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 3-4, 6, 9, 11, and 13 of U.S. Patent No. 10574673 B2. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims in the instant application are simply broader in scope than the ones in the issued patent. The instant application has the basic elements of detecting whether a webpage browsing request encounters a network attack and discarding certain information while the issued patent are narrower in scope in which they have the same basic elements plus performing network data transmission in a secure manner, etc. as seen in the example below in claim 1 of the instant application and claim 1 of the issued patent. The additional features of the issued patent are also presented in the dependent claims of the instant application.

Instant Application
U.S. Patent No. 10574673 B2 
1. A secure network data transmission method, for a browser client terminal, wherein the secure network data transmission method comprises:
determining whether a webpage browsing request encounters a network attack according to domain name resolution information; and


2. The method according to claim 1, wherein determining whether a webpage browsing request encounters a network attack according to domain name resolution information comprises:
comparing the domain name resolution information with attack rules; and
determining, according to the comparing the domain name resolution information with attack rules, whether the webpage browsing request encounters a network attack.

obtaining attack rules sent by a rule configuration server, wherein the attack rules include a set of keywords;

comparing obtained attack rules with the feedback information, to determine, according to a comparison result, whether the webpage browsing request encounters a network attack;
if determining that the webpage browsing request encounters a network attack, performing network data transmission in a secure manner;
determining whether the obtained attack rules conform to a preset format; and
if any of the obtained attack rules do not conform to the preset format, discarding the any of the obtained attack rules that do not conform to the preset format.




Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-4, and 10-13 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Liu et al. (US Pub No. 2015/0358276 A1, referred to as Liu).
Regarding claims 1 and 10, taking claim 10 as exemplary, Liu anticipates,
10. A network attack determining system, comprising one or more processors and one or more non-transitory computer-readable memories coupled to the one or more processors and configured with instructions executable by the one or more processors to cause the system to perform operations comprising: (Liu: [0022])
determining whether a webpage browsing request encounters a network attack according to domain name resolution information; and (Liu: [0009], [0012]; detect a potential attack of a DNS request that is initiated by a client, based on a predefined security constraint, the identity of the DNS server, etc.)
in response to determining that the webpage browsing request encounters a network attack, discarding the domain name resolution information. (Liu: [0009], [0012]; discard the domain name resolution result based on the predefined security constraint.)


Regarding claims 2 and 11, taking claim 11 as exemplary, Liu anticipates,
11. The system according to claim 10, wherein determining whether a webpage browsing request encounters a network attack according to domain name resolution information comprises: (Liu: [0009], [0012])
comparing the domain name resolution information with attack rules; and (Liu: [0012]; based on predefined security constraint (attack rules), the DNS server and the like can be verified (comparing).)
determining, according to the comparing the domain name resolution information with attack rules, whether the webpage browsing request encounters a network attack. (Liu: [0012]; determine and avoid potential attack.)


Regarding claims 3 and 12, taking claim 12 as exemplary, Liu anticipates,
12. The system according to claim 11, wherein determining, according to the comparing the domain name resolution information with attack rules, whether the webpage browsing request encounters a network attack comprises: (Liu: [0009], [0012])
determining, according to the attack rules and the domain name resolution information, legality of an IP address comprised in the domain name resolution information; and (Liu: [0009], [0012]; detect a potential attack of a DNS request including a network address (IP address) that is initiated by a client, based on a predefined security constraint, the identity of the DNS server, etc.)
determining, according to the legality of the IP address comprised in the domain name resolution information, whether the webpage browsing request encounters a network attack, (Liu: [0041]; security constraint can include a black list of network addresses (illegal).) and if the IP address is legal, determining that the webpage browsing request encounters no network attack, (Liu: [0042]; security constraint can include a white list of network addresses (legal/no attack).) or if the IP address is illegal, determining that the webpage browsing request encounters a network attack. (Liu: [0041]; security constraint can include a black list of network addresses (illegal/attack).)


Regarding claims 4 and 13, taking claim 13 as exemplary, Liu anticipates,
13. The system according to claim 12, wherein the determining, according to the attack rules and the domain name resolution information, legality of an IP address comprised in the domain name resolution information comprises: (Liu: [0009], [0012], [0041]; see claim 12)
obtaining a target attack rule in the attack rules by using the webpage browsing request, wherein the attack rules comprise a domain name, an IP address, and a rule type identifier, and (Liu: [0012], [0041]; security constraint includes DNS server, network addresses, black/white list, etc.)
wherein a domain name comprised in the target attack rule is the same as a to-be-accessed domain name in the webpage browsing request; (Liu: [0036-0037]; first storage has DNS records that can regarded as DNS cache.)
traversing the target attack rule, to determine whether the IP address comprised in the domain name resolution information is comprised in the target attack rule; and (Liu: [0040]; a second storage can be used for caching and only legal DNS records are stored.)
if the IP address comprised in the domain name resolution information is not comprised in the target attack rule, determining that the IP address comprised in the domain name resolution information is legal; or (Liu: [0041]; a second storage can be used for caching and only legal DNS records are added if it’s not already there.)
if the IP address comprised in the domain name resolution information is comprised in the target attack rule, determining, according to the target attack rule, whether the IP address comprised in the domain name resolution information is legal, (Liu: [0041]; a second storage can be used for caching and only legal DNS records are stored.) and if a rule type identifier, in the target attack rule, corresponding to the IP address comprised in the domain name resolution information is a legal identifier, determining that the IP address is legal, (Liu: [0042]; security constraint can include a white list of network addresses (legal/no attack).) or if a rule type identifier, in the target attack rule, corresponding to the IP address comprised in the domain name resolution information is an illegal identifier, determining that the IP address is illegal. (Liu: [0041]; security constraint can include a black list of network addresses (illegal).) 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 5 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Liu in view of Levy et al. (US Pub No. 2013/0195457 A1, referred to as Levy).
Regarding claims 5 and 14, taking claim 14 as exemplary, Liu discloses,
14. The system according to claim 11, wherein determining, according to the comparing the domain name resolution information with attack rules, whether the webpage browsing request encounters a network attack comprises: (Liu: [0009], [0012])
obtaining a target attack rule in the attack rules by using the webpage browsing request, wherein the attack rules comprise a tempering keyword, a non-tempered information expression, and a tempered information expression, and the non-tempered information expression comprised in the target attack rule corresponds to the webpage browsing request; (Liu: [0043-0044]; additionally, the first security constraint can also control the processing of the DNS request based on keywords. For example, keywords can be one or more predefined words indicating a potential attack risk.)
traversing the target attack rule, to determine whether a … keyword in the response information matches a tempering keyword in the target attack rule; (Liu: [0043-0044]; additionally, the first security constraint can also control the processing of the DNS request based on keywords. For example, keywords can be one or more predefined words indicating a potential attack risk.)
if the … keyword in the response information matches the tempering keyword in the target attack rule, determining whether the … content in the response information matches a tempered information expression in the target attack rule; and (Liu: [0043-0044]; additionally, the first security constraint can also control the processing of the DNS request based on keywords. For example, keywords can be one or more predefined words indicating a potential attack risk.)
if the … content matches the tempered information expression in the target attack rule, determining that the webpage browsing request encounters a network attack. (Liu: [0043-0044]; additionally, the first security constraint can also control the processing of the DNS request based on 
Liu does not explicitly disclose, however Levy teaches,
… respond header content (Levy: [0033]; the packets can be analyzed to find keywords that can be signatures or patterns of viruses, worms, malwares intend to harm devices connected. The analysis may be performed on the header.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings of Levy into the teachings of Liu with a motivation to perform deep-packet inspection to detect malicious traffic in a security application (Levy abstract and [0033]).


Claims 6, 9, 15, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Liu in view of Martini et al. (US Patent No. 8,739,243 B1, referred to as Martini).
Regarding claims 6 and 15, taking claim 15 as exemplary, Liu discloses,
15. The system according to claim 11, further comprising:
Liu does not explicitly disclose, however Martini teaches,
analyzing the attack rules according to domain names included in the attack rules to obtain a two-dimensional data structure of each attack rule. (Martini: Coln. 7, ls. 43-55; network rules can include a list of domain names and IP address mapped to security policies, content classifications, or directions for handling of network traffic (2-dimensional data structure).)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings of Martini into the teachings of Liu with a motivation to eliminate the need to keep a mapping of IP addresses to domain name regardless of changes to the Martini: Coln. 7, ls. 43-55).


Regarding claims 9 and 18, taking claim 18 as exemplary, Liu discloses,
18. The system according to claim 10, 
Liu does not explicitly disclose, however Martini teaches,
wherein obtaining webpage data using a proxy server comprises: (Martini: Coln. 1, ls. 34-37, 47-52; the MitM gateway acts as a proxy of the server.)
encrypting the webpage browsing request; (Martini: Coln. 1, ls. 47-52; encrypted communication between devices can be used.)
sending the encrypted webpage browsing request to the proxy server for the proxy server to decrypt the encrypted webpage browsing request, (Martini: Coln. 1, ls. 34-37, 47-52; the MitM gateway acts as a proxy of the server receives an encrypted message from the device (encrypted webpage browsing request) perform domain name resolution on a decrypted webpage browsing request, (Martini: Coln. 1, ls. 52-55; Coln. 1, ls. 67 – Coln. 2, ls. 1- 9; the MitM gateway can decrypt and inspect the communication including check the DNS requests.) access a target server corresponding to a domain name resolution result, to obtain network data corresponding to the decrypted webpage browsing request, and encrypt the network data; and (Martini: Coln. 1, ls. 52-55; Coln. 1, ls. 67 – Coln. 2, ls. 1- 9; sends DNS request and encrypt communication traffic.)
receiving encrypted network data returned by the proxy server. (Martini: Coln. 1, ls. 67 – Coln. 2, ls. 1- 9; encrypt communication traffic.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings of Martini into the teachings of Liu with a motivation to Martini abstract).

Claims 7 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Liu in view of Lee et al. (US Pub No. 2010/0269149 A1, referred to as Lee).
Regarding claims 7 and 16, taking claim 16 as exemplary, Liu discloses,
16. The system according to claim 10, further comprising:
Liu does not explicitly disclose, however Lee teaches,
in response to determining that the webpage browsing request encounters a network attack, performing a network data transmission in a secure manner. (Lee: [0008]; when there is an attack attempt on a request message, reject the reception of the request message, and perform a digital signature/verification and encryption/decryption process on a transmitted/received message, i.e., discarding the malicious traffic and securing the non-malicious traffic. In addition, it would have been obvious to one ordinary skill in the art to secure the data communication after a network attack was detected to prevent further attack.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings of Lee into the teachings of Liu with a motivation to provide a web service method which provide secure web services irrespective of the format of a web service request message in web environment (Lee: [0006]).


Claims 8 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Liu in view of Holloway et al. (US Pub No. 8,613,089 A1, referred to as Holloway).
Regarding claims 8 and 17, taking claim 17 as exemplary, Liu discloses,
17. The system according to claim 10, further comprising:
Liu does not explicitly disclose, however Holloway teaches,
in response to determining that the webpage browsing request encounters a network attack, obtaining webpage data using a proxy server. (Holloway: Coln. 20, ls. 22-28; proxy service can add additional set of protections if the customer is under attack.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Holloway of into the teachings of Liu with a motivation to identify attacks and provide additional protections by adding additional proxy services. (Holloway abstract).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The listed references disclose relevant inventions of trusted domain name management.
Paugh; James et al. (US 20160099961 A1) 
ANTONAKAKIS; Manos et al. (US 20120198549 A1) 
Liu; Jiawei et al. (US 20120304292 A1) 
Please see PTO-892. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KA SHAN CHOY/Examiner, Art Unit 2435

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435