Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Applicant’s priority claim is hereby acknowledged of KR 10-2018-0113508 filed on 09/21/2018, which papers submitted under 35 U.S.C. § 119(a)-(d) have been placed of record in the file. 
Information Disclosure Statement PTO-1449
The Information Disclosure Statement(s) submitted by applicant on 9/23/2019, 3/13/2020, and 7/23/2020 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto. 
Claim Interpretations - 35 USC § 112(f)
The following is a quotation of 35 U.S.C. 112 (f): 
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the 
	As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
	Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
	Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  
Such claim limitation(s) is/are: “an attack graph generation unit configured to …” in claims 10, and 14-16; “an attack graph ontology construction unit configured to…” in claim 10; “an attack graph semantic instance generation unit generates…” in claims 10, and 13.

	Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover 
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112 (b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim(s) 10-19  are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Regarding claim(s) 10 and 13-16, the claim limitations identified above, respectively invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, 
Dependent claim(s) 11-12, and 17-19 is/are rejected for the reasons presented above with respect to rejected claim(s) 10 in view of their dependence thereon. 
	Applicant may:
	(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
	(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
	(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
	If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 

	(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.

The following is a quotation of 35 U.S.C. 112 (a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

	Claim(s) 10-19 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.

 	Examiner recommends adding a processor coupled to a memory which execute the described units.	

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claim(s) 1-19 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without adding significantly more.  The analysis is as follows: Step 1: Claims 1-9 and 10-19 are directed to a method and an apparatus.Step 2A Prong 1: Claims 1 and 10 recite both a mental process.  The three limitations of generating as well as search a graph are mental processes.  Similarly, claims 2-8, and 11-19 recite additional mental processes. Step 2A Prong 2: The judicial exception is not integrated into a practical application.  Claims 1-9 recite no implementation whatsoever.  Claims 10-19 recite various units which have no structural support in the specification.  However, even if the claims were 
	Step 2B: The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception.  As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor and a memory or a desktop computer to perform the recited steps is no more than merely to apply an exception using a generic computer component.  Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept.  The claims are not patent eligible.  
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151 , or in an application for patent published or deemed published under section 122(b) , in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-8, and 10-18 is/are rejected under AIA  35 U.S.C. 102(a)(1) and 35 USC 102(a)(2) as being anticipated by Cohen et al. (US 2005/0193430 A1).  
Regarding claims 1 and 10, Cohen teaches:
“A method of searching for an attack path (Cohen, Fig. 2, ¶ 57-66 teach a computer implement system to search for attack paths), the method comprising: 	generating an attack graph by using information (Cohen, ¶ 27-32, and 46, attack graph is generated based on the states of various computing entities); 	generating an attack graph ontology for the attack graph (Cohen, ¶ 33, edges connect nodes of the graph representing vulnerability actions); 	generating a semantic attack graph by imparting semantics to the attack graph on the basis of the attack graph and the attack graph ontology (Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed. Cohen Fig. 5 depicts an example of this); and 	searching for an attack path from the semantic attack graph (Cohen, ¶ 34-36, and 48-52 the graph is traversed from various start points to various endpoints to determine possible attack paths)”.

Regarding claims 2, 11, and 12, Cohen teaches:
“The method according to claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the searching for the attack path comprises: 	generating an instance of the semantic attack graph (Cohen, ¶ 34 user enters the ); and 	generating an attack path for the instance of the semantic attack graph (Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed.  Cohen Fig. 5 depicts an example of this)”.

Regarding claims 3 and 13, Cohen teaches:
“The method according to claim 2 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the searching for the attack path is performed on the basis of the generated attack path (Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed)”.

Regarding claims 4 and 14, Cohen teaches:
“The method according to claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the generating of the attack graph comprises configuring a state node in the attack graph, in which the state node includes status information and vulnerability information of a host (Cohen, ¶ 29-32 graph nodes contain a state of a given service or device including their vulnerability information which sets logical constraints on the actions that it can use to reach additional nodes)”.

Regarding claims 5 and 15, Cohen teaches:
The method according to claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the generating of the attack graph comprises generating a network path between two hosts in the attack graph (Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed)”.

Regarding claims 6 and 16, Cohen teaches:
“The method according to claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the generating of the attack graph comprises: 	receiving, as an input, a network reachability between two hosts (Cohen, ¶ 34 user enters the start and end points for analysis of attack paths), 	determining whether an attack is to occur on the basis of a vulnerability (Cohen, ¶ 53-56, the likelihood that an attack will occur is determined based on aspects of the vulnerability), and 	generating the attack path (Cohen, ¶ 37, and 47-48 the graph traversal of the nodes connection nodes with edges representing actions that when complete creates a semantic attack graph of for a group of connected assets being analyzed)”.

Regarding claims 7 and 17, Cohen teaches:
“The method according to claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the information includes at least one of information selected from among host information, network topology information, (Cohen, ¶ 28-32 the information includes network topology information and information about the states of the host machines)”.

Regarding claims 8 and 18, Cohen teaches:
“The method according to claim 1 (Cohen teaches the limitations of the respective parent claims as discussed above), wherein the generating the attack graph ontology comprises: 	specifying a relationship between two nodes in the attack graph to a property, and imparting the property to an edge connected between the two nodes (Cohen, ¶ 33, edges connect nodes of the graph representing vulnerability actions.  Cohen Fig. 5 depicts an example of this)”.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 9 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cohen, in view of Olsen et al. (US 2015/044734 A1). 
Regarding claims 9 and 19, Cohen teaches:
“The method according to claim 8 (Cohen teaches the limitations of the respective parent claims as discussed above)”.
wherein the property includes at least one of a subject, a predicate, and an object (Olsen Figs. 1A and 1B depicts a semantic attack graph with subjects, predicates and objects imparted on the edges)”.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Cohen and Olsen, to modify the semantic attack graph methodology of Cohen to include the particular ontology on edges as taught by Olsen.  The motivation to do so constitutes applying a known technique (i.e., semantic attack graph methodology) to known devices and/or methods (i.e., the particular ontology on edges in attack graphs) ready for improvement to yield predictable results. 
Conclusion
	In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure: See PTO-892.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to STEPHEN GUNDRY whose telephone number is (571)270-0507 and can normally be reached on Monday - Friday 8:30 AM - 5PM EST.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.

/STEPHEN T GUNDRY/Examiner, Art Unit 2435