DETAILED ACTION

1.	Claims 1-13, and 15-20 are presented for consideration.

Response to Arguments

Applicant's arguments filed 11/29/2021 have been fully considered but they are not persuasive.

2.	As per remark, Applicants’ argued that (1) Duerk makes no mention of denying access to either his first or second portions of “received traffic”, instead, Duerk’s first and second portions of “received traffic” are each transmitted in whole, or at least in part to the uplink transmitter, as such, Duerk cannot suggest or teach the denying limitation.
	As to point (1), Examiner respectfully disagrees since Duerk teaches the message buffer 314 for perform filtering and local triggering operations on the IoT data [ col 9, lines 1-5 ], and a particular message of the IoT data is identified by the message buffer 315 as requiring an automated local response, the identified automated response message is returned to the virtualized network splitter of the NFVI 310 for delivery to a local endpoint device via the based station [ i.e. broadly interpreted as denying access to the web server when the request message is received through IoT output channel as claimed ] [ Figure 3B; col 5, lines 40-54; and col 9, lines 22-32 ].  As such, the claims remain rejected over the cited prior art. 


Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


3.	Claims 1, 2, 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Kolhi et al. [ US Patent Application No 2016/0380900 ], in view of Duerk [ US Patent No 10,091,100 ].

4.	As per claim 1, Kolhi discloses the invention as claimed including an internet traffic filtering system, the system classifying electronic devices, the classifying for segregating Internet of Things ("IoT") devices from non-IoT devices for a prevention of distributed denial of services ("DDoS") attacks, the system comprising: 
	a private network comprising an IoT output channel and a non-IoT output channel  [ i.e. the received traffic flows are either routes over a separate and dedicated link to an IoT server or routed via the standard paths to the internet ] [ Figure 3; and paragraphs 0062, and 0064 ], the private network configured to: 

	identify the type of the electronic device  [ i.e. map the determined operating system to a client device category ] [ 130, Figure 1; and paragraph 0056 ]; 
	wherein, when the electronic device is identified as a non-IoT type device, transmit the request message through the non-IoT output channel, and when the electronic device is identified as an IoT type device, transmit the request message through the IoT output channel  [ i.e. selecting a different bandwidth of communication links in the forwarding route of the traffic flow, low bandwidth links may be selected for traffic such as sensor data, and high bandwidth links may be selected for high volume traffic such as video conferencing; and IoT traffic is kind of traffic flow which may be separated out to be forwarded over a VPN ] [ Figure 2; and paragraphs 0060-0062, and 0064 ].
	Kolhi does not specifically disclose
	an IP address filter gateway configured to filter incoming traffic to a web server, the filtering comprising: granting device access to the web server when the request message is received through the non-IoT output channel; and 
	denying access to the web server when the request message is received through the IoT output channel.
	Duerk discloses
	an IP address filter gateway configured to filter incoming traffic to a web server, the filtering comprising: granting device access to the web server when the request message is received through the non-IoT output channel [ i.e. non-IoT data traffic provided to the uplink 
	denying access to the web server when the request message is received through the IoT output channel [ i.e. message buffer provides a local repository for the IoT data traffic arriving from the base station ] [ 314, Figure 3A; and col 8, lines 4-15, and lines 39-42 ].
	It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Kolhi and Duerk because the teaching of Duerk would enable to provide network functions virtualization infrastructure configured to implement a virtual switch for efficient processing of data from IoT devices [ Duerk, col 1, lines 43-46 ].
 
5.	As per claim 2, Duerk discloses wherein an ISP is configured receive the request message from the private network and the ISP is configured to: when the request message is received from the non-IoT output channel, assign a non-IoT external IP address; and when the request message is received from the IoT output channel, assign an IoT external IP address [ i.e. register IP address for IoT and non-IoT devices ]. 

6.	As per claim 8, Kolhi discloses the invention as claimed including a private network architecture comprising: 
	one or more internet of things ("IoT") devices and one or more non-IoT devices [ i.e. IoT and non-IoT categories devices ] [ 6, 8, Figure 3; and paragraph 0056 ], each of the IoT devices and non-IoT devices supporting internet communication capabilities [ paragraph 0064 ]; and 

	the network router device filter configured to receive a plurality of request messages from a plurality of electronic device [ i.e. proxy server receives all traffic flows from the various client devices ] [ 6, 8, Figure 3; and paragraphs 0004, and 0064 ]; and 
	identify, for each of the plurality of electronic devices, a type of electronic device transmitting the request message [ i.e. map the determined operating system to a client device category ] [ 130, Figure 1; and paragraph 0056 ];
	prior to transmitting each request message to the web server, filter the request message, the filtering comprising for each request message [ i.e. classify the client device according to a wide range of factors ] [ 120, 130, Figure 1; and paragraphs 0056, and 0057 ]:
 	when the electronic device is identified as a non-IoT type device, transmit the request message through the non-IoT output channel; and when the electronic device is identified as an IoT type device, the network router is configured to transmit the request message through the IoT output channel [ i.e. selecting a different bandwidth of communication links in the forwarding route of the traffic flow, low bandwidth links may be selected for traffic such as sensor data, and high bandwidth links may be selected for high volume traffic such as video conferencing; and IoT traffic is kind of traffic flow which may be separated out to be forwarded over a VPN ] [ Figure 2; and paragraphs 0060-0062, and 0064 ].
	Kolhi does not specifically disclose
	receives, simultaneously, a plurality of request messages;

	granting device access to the web server when the request message is received through the non-IoT output channel; and
	denying device access to the web server when the request message is received through the IoT output channel. 
	Duerk discloses
	receives, simultaneously, a plurality of request messages [ i.e. messages from IoT devices ] [ col 5, lines 55-67; and col 9, lines 18-32 ];
	an IP address filter gateway configured to, for each request message, filter incoming traffic to a web server, the filtering comprising:
	granting device access to the web server when the request message is received through the non-IoT output channel [ i.e. non-IoT data traffic provided to the uplink transmitter for delivery to the cloud infrastructure ] [ 316, Figure 3A; col 1, lines 65-col 2, lines 2; and col 8, lines 23-34, and lines 43-49 ]; and
	denying device access to the web server when the request message is received through the IoT output channel [ i.e. message buffer provides a local repository for the IoT data traffic arriving from the base station ] [ 314, Figure 3A; and col 8, lines 4-15, and lines 39-42 ].
	It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Kolhi and Duerk because the teaching of Duerk would enable to provide network functions virtualization infrastructure configured to implement a virtual switch for efficient processing of data from IoT devices [ Duerk, col 1, lines 43-46 ].

7.	As per claim 15, it is rejected for similar reasons as stated above in claim 1.
 
 
8.	Claims 3-7, and 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kolhi et al. [ US Patent Application No 2016/0380900 ], in view of Duerk [ US Patent No 10,091,100 ], and further in view of Mirsky et al. [ US Patent Application No 2019/0166144 ].

9.	As per claim 3, Kolhi in view of Duerk does not specifically disclose wherein the identifying the type of electronic device comprises: determining a media access control ("MAC") address associated with the device;  and classifying the type of device based on the MAC address.  Mirsky discloses wherein the identifying the type of electronic device comprises: determining a media access control ("MAC") address associated with the device; and classifying the type of device based on the MAC address [ i.e. class/category of devices ] [ paragraphs 0070, 0078 and 0088 ].  It would have been obvious to a person skill in the art before the effective filing date of the claimed invention to combine the teaching of Kolhi, Duerk and Mirsky because the teaching of Mirsky would enable to monitor network traffic in a communication network with a sentinel module to detect malicious activity [ Mirsky, paragraph 0008 ].

10.	As per claim 4, Mirsky discloses wherein a portion of the MAC address is indicative of 
a manufacturer of the electronic device [ i.e. OUI ] [ paragraph 0070 ]. 


 
12.	As per claim 6, Mirsky discloses wherein a combination of the MAC address and the UID are stored as machine learning data [ i.e. learning models ] [ paragraph 0088 ]. 
 
13.	As per claim 7, Mirsky discloses wherein the machine learning data is stored in the private network and when the system receives one or more subsequent requests from one or more other electronic devices, each MAC address and the associated pre-defined identifier are added as machine learning data and the system further comprises: repetitively using the machine learning data to improve accuracy of the classification of the type of device [ i.e. update the machine learning models ] [ paragraphs 0072, 0088, and 0105 ]. 

14.	As per claims 16-20, they are rejected for similar reasons as stated above in claims 3-7.


15.	Claims 9-13 are rejected under 35 U.S.C. 103 as being unpatentable over Kolhi et al. [ US Patent Application No 2016/0380900 ], in view of Duerk [ US Patent No 10,091,100 ], and further in view of Mirsky et al. [ US Patent Application No 2019/0166144 ].



17.	As per claim 10, Mirsky discloses wherein a portion of the MAC address is indicative of 
a manufacturer of the electronic device [ i.e. OUI ] [ paragraph 0070 ]. 

18.	As per claim 11, Kolhi discloses wherein the identifying the type of electronic device is further based on one or more unique identifiers ("UID"), the one or more UID's comprising at least one of an operating system, screen size, internal ports and external ports associated with the electronic device [ i.e. the node’s OS may be identified, or “fingerprinted” ] [ paragraphs 0054, and 0057 ]. 
 
19.	As per claim 12, Mirsky discloses wherein a combination of the MAC address and the UID are stored as machine learning data [ i.e. learning models ] [ paragraph 0088 ]. 

20.	As per claim 13, Mirsky discloses wherein the machine learning data is stored in the private network and when the system receives one or more subsequent requests from one or more other electronic devices, each MAC address and the associated pre-defined identifier are added as machine learning data and the system further comprises: repetitively using the machine learning data to improve accuracy of the classification of the type of device [ i.e. update the machine learning models ] [ paragraphs 0072, 0088, and 0105 ]. 

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian Gillis can be reached on 571-2727952.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DUSTIN NGUYEN/Primary Examiner, Art Unit 2446