Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

DETAILED ACTION
Claims 1-14 are presented for examination.


Information Disclosure Statement
No information disclosure statement (IDS) is submitted.


Drawings
The drawings filed on 08/27/2019 are accepted by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:



	The examiner considers claim 1 invoking 112(f) having “a main feature processing subsystem” and “a multi-layer cyclic verification subsystem” performing functional limitations (i.e. extracting features and verification). However the claim is rejected under 112 (b) as being indefinite because the specification fails to clearly link the corresponding structure to the claimed function where the identification of the corresponding structure is required (37 CFR 1.105).
Dependent claims 2-7 inherit the deficiencies of the above independent claim 1, and therefore are rejected under 35 U.S.C. 112(b) by virtue of their dependency.


The examiner considers claim 2 invoking 112(f) having “a feature processing extraction module” performing functional limitation (i.e. extracting features). However the claim is rejected under 112 (b) as being indefinite because the specification fails to clearly link the corresponding structure to the claimed function where the identification of the corresponding structure is required (37 CFR 1.105).
Dependent claims 3-6 inherit the deficiencies of the above claim 2, and therefore are rejected under 35 U.S.C. 112(b) by virtue of their dependency.

The examiner considers claim 3 invoking 112(f) having “  PATENT APPLICATION27 Customer No. 68368Docket No. WIN-0006-P a main feature relative comparison module”, “an operation sequence based comparison modeling module”, “a function sequence based comparison modeling 
Dependent claims 4-6 inherit the deficiencies of the above claim 3, and therefore are rejected under 35 U.S.C. 112(b) by virtue of their dependency.

The examiner considers claim 7 invoking 112(f) having “a machine learning model verification unit” performing functional limitation. However the claim is rejected under 112 (b) as being indefinite because the specification fails to clearly link the corresponding structure to the claimed function where the identification of the corresponding structure is required (37 CFR 1.105).


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

 (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.



1.	Claims 1, 7-8 and 14 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Johns et al. (US Publication No. 2019/0132334, hereinafter “Johns”).

Regarding claim 1, Johns does disclose an apparatus for verifying a malicious code machine learning classification model, the apparatus comprising: a main feature processing subsystem performing feature extracting (Johns, (para. [0051]), one or more features extracted from the received input 120; (para. [0016]), where the input is an executable file) and processing functions in an input file (Johns, (claim 26, para. [0028]), process the first representation of the at least one section of the binary code by at least applying a plurality of weighting operations executing a programmatic function on the first representation to produce the second output); and a multi-layer cyclic verification subsystem performing multi-layer verification in order to determine whether the file is normal or malicious based on the extracted and processed features (Johns, (claim 33), the intelligence-driven analysis subsystem identifying the features in the executable file that identify whether the executable file is suspicious or malicious; (para. [0032] and figure 1), where communicatively coupled to the CNN, a classifier is configured to receive the output from the CNN and determine a classification assigned to (and stored in memory in association with) the executable file, based, at least in part, on a threat score generated based on the received output from the CNN. The threat score is generated by threat assessment logic, which may perform a sigmoid function or other function to normalize a scalar value. The normalized scalar value represents the threat score within a prescribed range, and the executable file is considered to be malicious when the scalar value exceeds a threshold value within the prescribed range).  
  
Regarding claim 7, Johns further disclose apparatus of claim 1, further comprising: a machine learning model verification unit verifying the reliability of the machine learning modeling module by comparing a result of predicting whether the file is normal or malicious, which is predicted through the machine learning modeling module with a result of determining whether the file is normal or malicious, which is output from the multi-layer cyclic verification subsystem  (Johns, (claim 33), the intelligence-driven analysis subsystem identifying the features in the executable file that identify whether the executable file is suspicious or malicious; (para. [0032] and figure 1), where communicatively coupled to the CNN, a classifier is configured to receive the output from the CNN and determine a classification assigned to (and stored in memory in association with) the executable file, based, at least in part, on a threat score generated based on the received output from the CNN. The threat score is generated by threat assessment logic, which may perform a sigmoid function or other function to normalize a scalar value. The normalized scalar value represents the threat score within a prescribed range, and the executable file is considered to be malicious when the scalar value exceeds a threshold value within the prescribed range).  


Regarding claim 8, the substance of the claimed invention is similar to that of claim 1. Accordingly, this claim is rejected under the same rationale.

Regarding claim 14, the substance of the claimed invention is similar to that of claim 7. Accordingly, this claim is rejected under the same rationale.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was 

2.	Claims 2 and 9 rejected under 35 U.S.C. 103 as being unpatentable over Johns et al. (US Publication No. 2019/0132334, hereinafter “Johns”) in view of Schmidtler et al. (US Pub No. 10,972,482, hereinafter “Schmidtler”).

Regarding claim 2, Johns does disclose, the apparatus of claim 1, wherein the main feature processing subsystem includes: a feature extraction module extracting (Johns, (para. [0051]), one or more features extracted from the received input 120; (para. [0016]), where the input is an executable file); features related to dynamic analysis information which may be obtained through execution of the file, and a main feature processing module selecting and categorizing main features which may be used at the time of performing a malicious action among the extracted features related to the static analysis information [and features related to the dynamic analysis information] (Johns, (claim 33), the intelligence-driven analysis subsystem identifying the features in the executable file that identify whether the executable file is suspicious or malicious; (para. [0032] and figure 1), where communicatively coupled to the CNN, a classifier is configured to receive the output from the CNN and determine a classification assigned to (and stored in memory in association with) the executable file, based, at least in part, on a threat score generated based on the received output from the CNN. The threat score is generated by threat assessment logic, which may perform a sigmoid function or other function to normalize a scalar value. The normalized scalar value represents the threat score within a prescribed range, and the executable file is considered to be malicious when the scalar value exceeds a threshold value within the prescribed range).
Johns does not explicitly disclose but the analogous art Schmidtler discloses, features related to static analysis information which may be obtained without execution of the file (Schmidtler, (col. 5 lines 20-24), feature vector engine 204 may use extracted static data points from a file to construct one or more feature vectors. The feature vector may comprise static data from multiple categories (e.g., numerical values, nominal values, string values, Boolean values, etc.)) and [a main feature processing module selecting and categorizing main features which may be used at the time of performing a malicious action among] the extracted features related to the static analysis information and features related to the dynamic analysis information (Schmidtler, (col. 4 lines 64 – col. 5 lines 6), Inline parser 202 may also identify and/or extract static data from the file. For example, during (or as a result of) the parsing operations, static data associated with a one or more files may be identified using pattern matching techniques, rule-based techniques, one or more schemas, etc. Inline parser 202 may copy the static data to a storage location (e.g., memory, a file, a data structure, a table, etc.). In an example, the static data may be loaded into a buffer of input processing unit 200 and analyzed in real-time).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Johns by including features related to static analysis taught by Schmidtler for the advantage of increasing accuracy of content classification models and reducing network traffic (Schmidtler, (col. 3 lines 20-30)).

Regarding claim 9, the substance of the claimed invention is similar to that of claim 2. Accordingly, this claim is rejected under the same rationale.


Allowable Subject Matter
Claims 3-6 and 10-13 are objected to as being dependent upon a rejected base claims, but would be allowable if rewritten or amended in independent form including all of the limitations of the base claim and any intervening claims and to overcome the rejection(s) under 35 U.S.C. 112(b), set forth in this Office action.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MORSHED MEHEDI	whose telephone number is (571) 270-7640. The examiner can normally be reached on M - F, 8:00 am to 4:00 pm EST.    If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jeffrey L. Nickerson can be reach on (469) 295-9235. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300.


/MORSHED MEHEDI/Primary Examiner, Art Unit 2432