DETAILED ACTION
The present application is being examined under the pre-AIA  first-to-invent provisions.
This is in reply to papers filed on 2021-05-17. Claims 1-24 are pending. Claims 1, 13, 24 is/are independent.

Allowable Subject Matter
Claim(s) 5-6, 17-23 would be allowable if rewritten to overcome the rejection(s) for double patenting set forth in this Office action.
Claim(s) 8-12 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. § 112 and the rejection(s) for double patenting set forth in this Office action.

Information Disclosure Statement PTO-1449
The Information Disclosure Statement(s) submitted by applicant on 2020-10-12, 2021-04-01, 2021-05-17 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.

Drawings
The drawings (Fig. 4) are objected to because the drawings include color drawings and the conditions for acceptance of color drawings have not been satisfied. See 37 CFR 1.84(a-b).  Further, the color used in Fig. 4 (a yellow lightning bolt) does not appear to be necessary as the only practical medium by which to disclose the subject matter sought to be patented in this 
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Claim Rejections - 35 U.S.C. § 112
The following is a quotation of 35 U.S.C. § 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claim(s) 8-12 is/are rejected under 35 U.S.C. § 112(b) or 35 U.S.C. § 112 ¶ 2 (pre-AIA ) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
In claim 8, the phrase "a plurality of files included in the container file" makes the claims ambiguous and therefore indefinite.  Because the claim fails to clearly state which of multiple possible antecedents the phrase "a plurality of files" relates to, the claim is amenable of multiple plausible constructions (e.g., "a file that includes a plurality of files" recited in claim 7 and a new entity), leaving a person having ordinary skill in the art unable to determine what the Applicant does and does not regard as the invention.  See Ex parte Kenichi Miyazaki, 89 U.S.P.Q. 2d 1207, *11 (BPAI 2008).
In claim 9, the phrase "the plurality of files" makes the claims ambiguous and therefore indefinite.  The claim suffers the same defects as claim 8 mutatis mutandis.
Dependent claims 10-12 are rejected for the reasons presented above with respect to rejected claims 8, 9 and in view of their dependence thereon.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and  In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR § 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement.
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR § 3.73(b).
Claim(s) 1-6, 13-18, 24 is/are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over the claim(s) of U.S. Patent 10503901. The table below sets forth exemplary claim(s).

16861026 (Instant Application)
U.S. Patent 10503901  (App 15345439)
1. A system, comprising: at least one processor; and at least one memory including program code which when executed by the at least one processor provides operations comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is 

Patented claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS METHOD, it nonetheless discloses a METHOD APPARATUS.

1. A system, comprising: at least one processor; and at least one non-transitory memory including program code which when executed by the at least 



Patented claim 2 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

2. The system of claim 1, wherein the at least one file rendering the historical container file malicious comprises a malicious file.

3. The system of claim 2, wherein the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code.

Patented claim 3 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

3. The system of claim 2, wherein the malicious file comprises unwanted data, an unwanted portion of 



Patented claim 4 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

4. The system of claim 1, wherein the at least one file rendering the historical container file malicious comprises a benign file rendering the historical container file malicious when combined with another benign file from the historical container file.

5. The system of claim 1, wherein the trained machine learning model comprises a trained neural network.

Patented claim 5 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

5. The system of claim 1, wherein the machine learning model comprises a neural network.

6. The system of claim 5, wherein the trained neural network comprises a trained convolutional neural network.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

6. The system of claim 5, wherein the neural network comprises a convolutional neural network.

13. A method, comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is configured to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious, wherein the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order; and providing, as an output, an indication of whether the container file includes the at least one file rendering the container file malicious.

Patented claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.



Patented claim 2 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.

15. The method of claim 14, wherein the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code.

Patented claim 3 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.

16. The method of claim 13, wherein the at least one file rendering the container file malicious comprises a benign file rendering the container file malicious when combined with another benign file from the container file.

Patented claim 4 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.

17. The method of claim 13, wherein the trained machine learning model comprises a trained neural network.

Patented claim 5 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.

18. The method of claim 17, wherein the trained neural network comprises a trained convolutional neural network.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.

24. A non-transitory computer-readable storage medium including program code which when executed by at least one processor causes operations comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is configured to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious, wherein the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order; and providing, as an output, an indication of 

Patented claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a APPARATUS, it nonetheless discloses a METHOD.



Claim(s) 1-11, 13-14, 16-22, 24 is/are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over the claim(s) of U.S. Patent 10637874. The table below sets forth exemplary claim(s).

16861026 (Instant Application)
U.S. Patent 10637874 (App 15345444)
1. A system, comprising: at least one processor; and at least one memory including program code which when executed by the at least one processor provides operations comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is trained to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious, wherein the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order; and providing, as an output by the trained machine learning model, an indication of whether the container file includes the at least one file rendering the container file malicious.

Patented claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

1. A system, comprising: at least one processor; and at least one memory including program code which when executed by the at least one processor provides operations comprising: extracting features from each of a plurality of files in a container file; generating, for each file, a feature vector comprising the corresponding extracted features; processing, using the feature vectors, the container file with a trained machine learning model, wherein the trained machine learning model is trained to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious; and providing, as an output by the trained machine learning model, an indication of whether the container file includes the at least one file rendering the container file malicious; wherein the trained machine learning model is a convolutional neural network that comprises: at least one convolutional layer (i) concurrently processing the plurality of feature vectors in groups of 



Patented claim 2 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

2. The system of claim 1, wherein the at least one file rendering the container file malicious comprises a malicious file.

3. The system of claim 2, wherein the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code.

Patented claim 3 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

3. The system of claim 2, wherein the malicious file comprises unwanted data, 



Patented claim 4 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

4. The system of claim 1, wherein the at least one file rendering the container file malicious comprises a benign file rendering the container file malicious when combined with another benign file from the container file.

5. The system of claim 1, wherein the trained machine learning model comprises a trained neural network.

Patented claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.


6. The system of claim 5, wherein the trained neural network comprises a trained convolutional neural network.

Patented claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.


7. The system of claim 1, wherein the container file comprises a file that includes a plurality of files.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

6. A method for implementation by one or more data processors forming part of at least one computing device, the method comprising: extracting features from each of a plurality of files in a container file; generating, for each file, a feature vector comprising the corresponding extracted features; processing, using the feature vectors, the container file with a trained machine learning model, wherein the trained machine learning model is configured to determine a classification for the container file indicative of whether the container file includes a plurality of files 


8. The system of claim 7, wherein the trained machine learning model comprises a pooling layer configured to apply a maximum pooling function to the container file, and wherein applying the maximum pooling function identifies a maximum feature from a plurality of files included in the container file.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a APPARATUS.


9. The system of claim 8, further comprising: receiving the container file by at least receiving a plurality of feature vectors, and wherein each of the plurality of feature vectors includes one or more features of a corresponding one of the plurality of files.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

10. The system of claim 9, wherein the trained machine learning model comprises a convolution layer configured to generate a first feature map by at least applying a first kernel to a plurality of overlapping groups of feature vectors.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a APPARATUS.


11. The system of claim 10, wherein applying the first kernel includes computing a dot product between features included in the first kernel and features included in a first overlapping group of feature vectors to generate a first entry in the first feature map, and computing another dot product between features included in the first kernel and features included in a second overlapping group of feature vectors to generate a second entry in the first feature map.

Patented claim 9 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

9. The method of claim 6, wherein applying the at least one kernel includes computing a dot product between features included in each kernel and features included in a first overlapping group of feature vectors to generate a first entry in the corresponding feature map, and computing another dot product between features included in each kernel and features included in a second overlapping group of feature vectors to generate a second entry in such corresponding feature map.



Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

14. The method of claim 13, wherein the at least one file rendering the container file malicious comprises a malicious file.

Patented claim 7 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

16. The method of claim 13, wherein the at least one file rendering the container file malicious comprises a benign file rendering the container file malicious when combined with another benign file from the container file.

Patented claim 8 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

17. The method of claim 13, wherein the trained machine learning model comprises a trained neural network.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

18. The method of claim 17, wherein the trained neural network comprises a trained convolutional neural network.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

19. The method of claim 13, further comprising: applying, by the trained machine learning model, a maximum pooling function to the container file, wherein applying the maximum pooling function identifies a maximum feature from a plurality of files included in the container file.

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

20. The method of claim 19, further comprising: receiving the container file by at least receiving a plurality of feature vectors, and wherein each of 

Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.



Patented claim 6 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

22. The method of claim 21, wherein the applying the first kernel includes computing a dot product between features included in the first kernel and features included in a first overlapping group of feature vectors to generate a first entry in the first feature map, and computing another dot product between features included in the first kernel and features included in a second overlapping group of feature vectors to generate a second entry in the first feature map.

Patented claim 9 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a APPARATUS.


24. A non-transitory computer-readable storage medium including program code which when executed by at least one processor causes operations comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is configured to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious, wherein the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order; and providing, as an output, an indication of whether the container file includes the at least one file rendering the container file malicious.

Patented claim 11 (reproduced herein for convenience) discloses all of the limitations of the instant claim.




Claim(s) 1-24 is/are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over the claim(s) of co-pending application 16663252.  This is a provisional obviousness-type double patenting rejection because the conflicting claims have not in fact been patented.  The table below sets forth exemplary claim(s).


16861026 (Instant Application)
Co-pending App. 16663252
 (U.S. Publication 20200057853)
1. A system, comprising: at least one processor; and at least one memory including program code which when executed by the at least one processor provides operations comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is trained to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious, wherein the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order; and providing, as an output by the trained machine learning model, an indication of whether the container file includes the at least one file rendering the container file malicious.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

1. A computer-implemented method comprising: training, based at least on training data, a machine learning model to enable the machine learning model to determine whether at least one container file includes at least one file rendering the at least one container file malicious, each container file encapsulating a plurality of files; and providing the trained machine learning model to enable a determination of whether at least one subsequently received container file includes at least one file rendering the at least one subsequently received container file malicious, the determination comprising a classification of the at least one subsequently received container file which is used to determine whether to access the plurality of files contained within the at least one subsequently received container file; wherein: the training data comprises a plurality of historical container files at least a portion of which are known to include the at least one file rendering the historical container file malicious; the trained machine learning model prevents misclassification by the trained machine learning model for different container files storing identical or similar sets of files in a different orders the trained machine learning model is a convolutional network 



Co-pending claim 3 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

3. The method of claim 1, wherein the at least one file rendering the historical container file malicious comprises a malicious file.

3. The system of claim 2, wherein the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code.

Co-pending claim 4 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

4. The method of claim 3, wherein the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code.

4. The system of claim 1, wherein the at least one file rendering the container file malicious comprises a benign file rendering the container file malicious when combined with another benign file from the container file.

Co-pending claim 5 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

5. The method of claim 1, wherein the at least one file rendering the historical container file malicious comprises a benign file rendering the historical container file malicious when combined with another benign file from the historical container file.

5. The system of claim 1, wherein the trained machine learning model comprises a trained neural network.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.




Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.


7. The system of claim 1, wherein the container file comprises a file that includes a plurality of files.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.


none
8. The system of claim 7, wherein the trained machine learning model comprises a pooling layer configured to apply a maximum pooling function to the container file, and wherein applying the maximum pooling function identifies a maximum feature from a plurality of files included in the container file.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.


9. The system of claim 8, further comprising: receiving the container file by at least receiving a plurality of feature vectors, and wherein each of the plurality of feature vectors includes one or more features of a corresponding one of the plurality of files.

Co-pending claim 10 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

9. The method of claim 1, wherein the plurality of files includes a first file, a second file, and a third file.

10. The method of claim 9 further comprising: receiving the training data by at least receiving a first feature vector, a second feature vector, and a third feature vector that include one or more features of the respective first file, the second file, and the third file.

10. The system of claim 9, wherein the trained machine learning model 

Co-pending claim 11 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

11. The method of claim 10, wherein the at least one convolution layer is configured to generate a first feature map by at least applying a first kernel to a plurality of overlapping groups of feature vectors.



Co-pending claim 13 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

12. The method of claim 11, wherein a first overlapping group of feature vectors includes the first feature vector and the second feature vector, and wherein a second overlapping group of feature vectors includes the second feature vector and the third feature vector.

13. The method of claim 12, wherein applying the first kernel includes computing a dot product between features included in the first kernel and features included in the first overlapping group of feature vectors to generate a first entry in the first feature map, and computing another dot product between features included in the first kernel and features included in the second overlapping group of feature vectors to generate a second entry in the first feature map.

12. The system of claim 11, wherein the computing of the dot product and the other dot product detects a presence of the features included in the first kernel in the first and second overlapping group of feature vectors.

Co-pending claim 14 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the co-pending claim is directed to a METHOD, it nonetheless discloses a APPARATUS.

14. The method of claim 13, wherein the computing of the dot product and the other dot product detects a presence of the features included in the first kernel in the first and second overlapping group of feature vectors.



Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

14. The method of claim 13, wherein the at least one file rendering the container file malicious comprises a malicious file.

Co-pending claim 3 (reproduced herein for convenience) discloses all of the limitations of the instant claim.


15. The method of claim 14, wherein the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code.

Co-pending claim 4 (reproduced herein for convenience) discloses all of the limitations of the instant claim.


16. The method of claim 13, wherein the at least one file rendering the container file malicious comprises a benign file rendering the container file malicious when combined with another benign file from the container file.

Co-pending claim 5 (reproduced herein for convenience) discloses all of the limitations of the instant claim.


17. The method of claim 13, wherein the trained machine learning model comprises a trained neural network.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.



Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

19. The method of claim 13, further comprising: applying, by the trained machine learning model, a maximum pooling function to the container file, wherein applying the maximum pooling function identifies a maximum feature from a plurality of files included in the container file.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

20. The method of claim 19, further comprising: receiving the container file by at least receiving a plurality of feature vectors, and wherein each of the plurality of feature vectors includes one or more features of a corresponding one of the plurality of files.

Co-pending claim 10 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

21. The method of claim 20, further comprising: generating, by the trained machine learning model, a first feature map by at least applying a first kernel to a plurality of overlapping groups of feature vectors.

Co-pending claim 11 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

22. The method of claim 21, wherein the applying the first kernel includes computing a dot product between features included in the first kernel and features included in a first overlapping group of feature vectors to generate a first entry in the first feature map, and computing another dot product between features included in the first kernel and features included in a second overlapping group of feature vectors 

Co-pending claim 13 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

23. The method of claim 22, wherein the computing of the dot product and the other dot product detects a presence of the features included in the first kernel in the first and second overlapping group of feature vectors.

Co-pending claim 14 (reproduced herein for convenience) discloses all of the limitations of the instant claim.

24. A non-transitory computer-readable storage medium including program code which when executed by at least one processor causes operations comprising: processing a container file with a trained machine learning model, wherein the trained machine learning model is configured to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious, wherein the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order; and providing, as an output, an indication of whether the container file includes the at least one file rendering the container file malicious.

Co-pending claim 1 (reproduced herein for convenience) discloses all of the limitations of the instant claim.  While the patented claim is directed to a METHOD, it nonetheless discloses a COMPUTER-READABLE STORAGE MEDIUM.




Summary of Claim Rejections under 35 U.S.C. § 102
The following table summarizes the rejections set forth in detail below of the claims over the prior art.

Claim No.
Stokes '829
1
[Wingdings font/0xFC]
2
[Wingdings font/0xFC]
3
[Wingdings font/0xFC]
4
[Wingdings font/0xFC]
5

6

7
[Wingdings font/0xFC]
8

9

10

11

12

13
[Wingdings font/0xFC]
14
[Wingdings font/0xFC]
15
[Wingdings font/0xFC]
16
[Wingdings font/0xFC]
17

18

19

20

21

22

23

24
[Wingdings font/0xFC]


Claim Rejections - 35 U.S.C. § 102
The following is a quotation of the appropriate paragraphs of AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claim(s) 1-4, 7, 13-16, 24 is/are rejected under 35 U.S.C. § 102   as being anticipated by U.S. Publication 20120323829 to Stokes et al. (hereinafter "Stokes '829").  Stokes '829 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2).
Per claim 1 (independent):
Stokes '829 discloses a system comprising at least one processor and at least one memory including program code which when executed by the at least one processor provides operations (processor(s), memory, computer readable media, storage, executable instructions [Stokes '829 ¶ 0020-0021, 0081])
Stokes '829 discloses processing a container file with a trained machine learning model (classifies container files as malicious or benign based on files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044]; classifier trained with machine learning algorithm [Stokes '829 ¶ 0027, 0030)
Stokes '829 discloses the trained machine learning model is trained to determine a classification for the container file indicative of whether the container file includes at least one file rendering the container file malicious (classifies container files as malicious or benign based on files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044])
Stokes '829 discloses the trained machine learning model is trained and configured to prevent misclassification for different container files storing identical or similar sets of files in a different order (classifies new container files as malicious or benign based on knowledge gained about files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044]; reduces false positives and false negatives [Stokes '829 ¶ 0057])
Stokes '829 discloses providing, as an output by the trained machine learning model, an indication of whether the container file includes the at least one file rendering the container file malicious (classifies container files as malicious or benign [Stokes '829 ¶ 0040]; classifies container files as malicious or benign based on files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044])
Per claim 2 (dependent on claim 1):
Stokes '829 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Stokes '829 discloses the at least one file rendering the container file malicious comprises a malicious file (classifies container files as malicious or benign based on files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044])
Per claim 3 (dependent on claim 2):
Stokes '829 discloses the elements detailed in the rejection of claim 2 above, incorporated herein by reference
Stokes '829 discloses the malicious file comprises unwanted data, an unwanted portion of a script, and/or an unwanted portion of program code (classifies executable files, scripts [Stokes '829 ¶ 0017, 0044]; classifies container files as malicious or benign based on files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044])
Per claim 4 (dependent on claim 1):
Stokes '829 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Stokes '829 discloses the at least one file rendering the container file malicious comprises a benign file rendering the container file malicious when combined with another benign file from the container file (probability that container is malicious may be higher than probability that any particular files are malicious [Stokes '829 ¶ 0035, 0039])
Per claim 7 (dependent on claim 1):
Stokes '829 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Stokes '829 discloses the container file comprises a file that includes a plurality of files (classifies container files as malicious or benign based on files therein and on relationships [Stokes '829 ¶ 0034-0036, 0043-0044])
Per claim 13 (independent):
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 14 (dependent on claim 13):
Stokes '829 discloses the elements detailed in the rejection of claim 13 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 2 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 15 (dependent on claim 14):
Stokes '829 discloses the elements detailed in the rejection of claim 14 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 3 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 16 (dependent on claim 13):
Stokes '829 discloses the elements detailed in the rejection of claim 13 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 4 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 24 (independent):
Stokes '829 discloses a non-transitory computer-readable storage medium including program code which when executed by at least one processor causes operations (processor(s), memory, computer readable media, storage, executable instructions [Stokes '829 ¶ 0020-0021, 0081])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
U.S. Publication 20120323829 to Stokes et al. (hereinafter "Stokes '829") does not disclose classification using a neural network and replacing the graph-based classifier [Stokes '829 ¶ 0034-0036, 0043-0044] of Stokes '829 with a neural network would remove the principle of operation that enables Stokes '829 to deal with container files efficiently
U.S. Publication 20070028304 to Brennan (hereinafter "Brennan '304")discloses detecting malware in archive files and their constituent files and maintaining the container information for improved detection of malware in new archives [Brennan '304 ¶ 0020, 0221-024, 0232-0233, 0011] but uses conventional detection means
U.S. Publication 20170270653 to Garnavi et al. (hereinafter "Garnavi  '653") discloses using convolutional neural networks [Garnavi  '653 ¶ 0050] to classify images, but is silent as to classifying malware
U.S. Publication 20170206434 to Nariyambut Murali et al. (hereinafter "Nariyambut Murali '434") is similar to Garnavi  '653
Tobiyama, Y. Yamaguchi, H. Shimada, T. Ikuse and T. Yagi, "Malware Detection with Deep Neural Network Using Process Behavior," 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC), 2016, pp. 577-582 (hereinafter 
U.S. Publication 20180041536 to Berlin (hereinafter "Berlin '536") discloses a deep neural network classifying malware, but does not address the claimed complications surrounding container files
U.S. Patent 9781144 to Otvagin et al. (hereinafter "Otvagin '144") discloses classifying malware where two related files are individually benign, but one activates transforms code in the other into malicious code
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THEODORE C PARSONS whose telephone number is (571)270-1475.  The examiner can normally be reached on MTWRF 7:30-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on (571) 272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 

/THEODORE C PARSONS/Primary Examiner, Art Unit 2494