DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This Office Action is in response to Applicant’s amendment filed on July 01, 2021 in which claims 1-20 are presented for examination; of which, claims 1, 8 and 15 were amended.
Allowable Subject Matter
Claims 1-20 are allowable over the prior art of record.
The following is an examiner’s statement of reasons for allowance: The present invention relates generally to the field of computer security. In general, to a method of identifying an infected network node based on an anomalous behavior model. The closest prior art of record, Reves US Publication No. 2007/0064617, disclose similar methodology. However, the closest prior art of record, Reves US Publication No. 2007/0064617, failed to show “identifying infected nodes within a network, comprising: identifying a first exe network node of a plurality of network nodes as infected; collecting a first set of network data from the first network node including one or more anomalous activities performed by the first network node; generating an anomalous behavior model using the first set of network data, wherein the anomalous behavior model comprises a number of characteristics representing the one or more anomalous activities performed by the first network node; collecting a second set of network data from a second e#e network node of the plurality of network nodes including one or more anomalous activities performed by the second network node; comparing characteristics of the one or more anomalous activities from the second set of network data to the generated anomalous behavior model; determining, from the comparison, that a similarity between a first characteristic associated with the one or more anomalous activities performed by the first network node and a second characteristic associated with the one or more anomalous activities performed by the second network node exceeds a predefined threshold; and ascertaining, based on the determination, the second network node as an infected network node”. These claimed featured being present in the independent claims 1, 8, 15 and in conjunction with all the other claimed limitations render claims 1, 8 and 15 allowable over the prior art of record.

As per claims 2-7, 9-14, and 16-20, these claims are at least allowable over the prior art of record for their dependencies, directly or indirectly, on the allowable claims 1, 8 and 15. Therefore, they are allowable for the same reason set forth in paragraph above.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FRANTZ COBY whose telephone number is (571)272-4017.  The examiner can normally be reached on Monday-Thursday 7AM-5:30PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on 571 270-3037.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/FRANTZ COBY/Primary Examiner, Art Unit 2454                                                                                                                                                                                                        
September 7, 2021