DETAILED ACTION

This non-final office action is in response to claims 1-20 filed November 26, 2019 for examination. Claims 1-20 are being examined and are pending. 
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Information Disclosure Statement

No information disclosure statement was filed. 
Drawings

The drawings filed on November 26, 2019 have been accepted.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.

4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claims 1, 4, 6-8, 10-11, 13-16, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 8,141,156 B1 to Mao et al. (“Mao”) in view of US 8,014,399 B2 to He et al. (“He”).
Regarding claim 1, Mao taught one or more non-transitory computer-readable media storing computer-executable instructions that upon execution cause one or more processors to perform acts (See abstract and summary. A method comprise routing protocol traffic is received from a remote router destined for a local router, identify and correct misconfigured routing updates, detecting and correcting violations in routing policies, detecting and correcting routing anomalies, or mitigating routing instability.) comprising: 
receiving an Autonomous System (AS) route update from a remote AS at an isolated border gateway (BGW) router of an AS, the AS including the isolated BGW router and one or more operational BGW routers; (Col. 3, lines 37-39. The RouteNormalizer 204 receives BGP traffic from the remote router 202. Col. 12, lines 27-30. At step 402, routing protocol traffic is received from a remote router) 
analyzing a data traffic routing path in the AS route update received by the isolated BGW router to determine whether the AS route update is a problematic update (Col. 4, lines 45-47. Analyzing the BGP update. Col. 5, lines 33-34. The RouteNormalizer 300 performs checks for detecting violations of BGP semantics in the routing updates. Col. 6, lines 45-47. The RouteNormalizer 300 identifies the class of updates that violate BGP routing policies, especially those associated with the local AS.), the data traffic routing path for routing data traffic through a plurality of ASs that include the AS (Col. 3, lines 13-20. The network 100 illustratively includes autonomous systems 102A, 102B, and 102C (collectively autonomous systems 102). The AS 102A includes routers 104A and one or more RouteNormalizers 106A. The AS 102B includes routers 104B and one or more RouteNormalizers 106B. The AS 102C includes routers 104C and one or more RouteNormalizers 106C. Col. 6, lines 45-47. The RouteNormalizer 300 identifies the class of updates that violate BGP routing policies, especially those associated with the local AS.); and 
in response to determining that the AS route update is a problematic update, designating the AS route update from the remote AS as unsuitable for implementing into the one or more operational BGW routers of the AS (Col. 5, lines 19-27, 33-38. The RouteNormalizer 300 detect routing anomaly and intrusion, violation of BGP routing semantics, ambiguous routing update….it could suggest the local router to prefer an alternate route. Routers would drop these updates upon receiving them and optionally send back a notification message to indicate error).
Mao did not but the analogous art He from the same field of endeavor in autonomous network taught in response to determining that the AS route update is a non-problematic update, Col. 3, lines 23-26. receiving routing information at one of said routers, determining if the information is such that, if it were correct, it would cause the router to update its routing table in respect of one or more entries. Col. 2, lines 15-34: Internetwork of AS’s and Border Gateway routers connect different AS’s together. Col. 8, lines 46-55).
Therefore, it would have been obvious to one having ordinary skill in the art before the applicant(s) invention was filed to modify the invention of Mao by including the idea of in response to determining that the AS route update is a non-problematic update, implementing the AS route update into the one or more operational BGW routers of the AS to route the data traffic between the plurality of AS as taught by He so using the verification, bogus routing information from mis-configured or malicious routers can be filtered and terminated by its honest neighbors (He, Col. 9, lines 2-6).
Claims 11 and 16 recite similar limitations to claim 1, mutatis mutandis, the subject matter of claims 11 and 16, which is therefore, also considered to be taught by Mao-He combination as above.
Regarding claim 4, Mao-He combination further taught the one or more non-transitory computer-readable media of claim 1, wherein the analyzing includes determining that the data traffic routing path in the AS route update is the problematic data traffic routing path when: the data traffic routing path matches a routing pattern of a historical problematic data traffic routing path stored in a database of problematic data traffic routing paths; the data traffic routing path is determined via a network topology analysis to contain a malicious routing configuration that is configured to enable a malicious AS to at least one of blackhole, intercept, or duplicate the data Col. 8, lines 20-26. The RouteNormalizer 300 correlates the suspected hijacked address blocks with other data sources, such as a Spam Archive and blacklisted addresses from predefined sites. The correlation is performed by checking if there are common address blocks in the blacklists or SMTP servers with the suspected addresses.); or the data traffic routing path causes a routing of the data traffic for a customer entity to fail to meet one or more network performance metrics guaranteed by the AS to the customer entity (Col. 7, lines 35-42.The RouteNormalizer 300 establishes a routing profile consisting of characteristics such as the distribution of routes in terms of AS_PATHs, ASes, and number of routes from each neighbor. This profile is tracked over time and across data from each vantage point. For example, one check is to count the number of prefixes advertised by one's neighbor. If there is a sudden surge or decline in the number, it is flagged as a routing anomaly.).
Claim 13 recites similar limitations to claim 4, mutatis mutandis, the subject matter of claim 13, which is therefore, also considered to be taught by Mao-He combination as above.
Regarding claim 6, Mao-He combination further taught the one or more non-transitory computer-readable media of claim 1, wherein the problematic update includes a malicious data traffic routing path or an accidental data traffic routing path misconfiguration (Mao, col. 3, lines 25-26. Identify anomalous routing updates due to misconfiguration. Col. 5, lines 20-25. Ambiguous routing updates containing unexpected routing information).
Claim 14 recites similar limitations to claim 6, mutatis mutandis, the subject matter of claim 14, which is therefore, also considered to be taught by Mao-He combination as above.
Regarding claim 7, Mao-He combination further taught the one or more non-transitory computer-readable media of claim 1, wherein the data traffic routing path in the AS route update modifies an existing data traffic routing path by at least one of removing one or more ASs used in Mao, col. 7, lines 34-52. If we find a prefix's origin AS frequently changes, resulting in Multiple Origin AS anomalies, such anomalies should be flagged and their associated routes should not be used (i.e. removing AS) to forward traffic if alternate routes exist.).
Claim 15 recites similar limitations to claim 7, mutatis mutandis, the subject matter of claim 15, which is therefore, also considered to be taught by Mao-He combination as above.
Regarding claim 8, Mao-He combination further taught the one or more non-transitory computer-readable media of claim 1, wherein the analyzing includes determining that the AS route update is a non-problematic update when at least one routing path segment of an existing data traffic routing path updated by the AS route update is out of service (Mao, col. 7, lines 1-20: Nexthop violations section (detail)).
Claim 19 recites similar limitations to claim 8, mutatis mutandis, the subject matter of claim 19, which is therefore, also considered to be taught by Mao-He combination as above.
Regarding claim 10, Mao-He combination further taught the one or more non-transitory computer-readable media of claim 1, wherein the isolated BGW router includes one or more vulnerabilities that attract one or more AS route updates from a malicious AS (Mao, col. 8, lines 1-20, Address Space Hijacking section).
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Mao as applied to claim 4 above, and further in view of B. Al-Musawi, P. Branch and G. Armitage, "BGP Anomaly Detection Techniques: A Survey," in IEEE Communications Surveys & Tutorials, vol. 19, no. 1, pp. 377-396, Firstquarter 2017, doi: 10.1109/COMST.2016.2622240 (hereinafter “AL-Musawi”).
Regarding claim 5, Mao-He combination taught the one or more non-transitory computer-readable media of claim 4, the combination did not but the analogous art AL-Musawi taught wherein the acts further comprise storing the data traffic routing path as a problematic data traffic routing path in the database of problematic data traffic routing paths (Page 392, right column. iSPY, a tool for detecting prefix hijack in real-time based on the observation that connectivity to victim hosts is lost during hijacking attempts. It uses the BGP data plane where a combination of iTraceroute, ping, and TCP ping, a ping over TCP port such as that available are used to check the reachability to a certain prefix. Deploying iSPY on a network requires collecting in advance a set of live IPs using active probing, an IP-to-AS mapping, and a continuous update to its database (i.e. storing problematic data traffic)).
Therefore, it would have been obvious to one having ordinary skill in the art before the applicant(s) invention was filed to modify the combined invention of Mao and He by including the idea of storing the data traffic routing path as a problematic data traffic routing path in the database of problematic data traffic routing paths as taught by AL-Musawi  in order to detect prefix hijacking (AL-Musawi, page 392, right column).
Allowable Subject Matter
Claims 2-3, 9, 12, 17-18, and 20 would be allowable if rewritten to include all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: None of the prior arts on the record taken alone or in combination teaches the following claim limitations when incorporated into independent claims as a whole.
Claim 2. The one or more non-transitory computer-readable media of claim 1, wherein the acts further comprise, in response to determining that the AS route update is a problematic update, 
Claims 12 and 18 recite similar limitations
Claim 3. The one or more non-transitory computer-readable media of claim 1, wherein the acts further comprising, in response to determining that an amount of problematic AS route updates sent by the remote AS to the AS exceeds a threshold, performing at least one of: pruning the remote AS from one or more existing data traffic routing paths used by the AS by routing data traffic through an alternative AS; excluding the remote AS from one or more AS route updates generated by the AS for implementation by one or more peer ASs of the AS; or reporting the remote AS as a problematic AS to the one or more peer ASs of the AS or a government entity.
Claim 17 recites similar limitation.
Claim 9. The one or more non-transitory computer-readable media of claim 1, wherein the analyzing includes determining that the AS route update is a non-problematic update when the AS route update correlates to an outage along an existing data traffic routing path, despite the data traffic routing path causing data traffic routing for a customer entity to fail to meet one or more network performance metrics guaranteed by the AS to the customer entity.
Claim 20 recites similar limitations.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 7,823,202 B1 (Nucci et al.) taught a method for generating a prefix hijacking alert in a network, wherein a plurality of network traffic flows are routed based at least on a plurality of prefix announcements from one or more Border Gateway Protocol (BGP) router, the method comprises identifying an anomalous prefix from the plurality of prefix announcements, identifying a network traffic anomaly from the plurality of network traffic flows, and correlating the anomalous prefix and the network traffic anomaly to generate the prefix hijacking alert.
S. Rai, B. Mukherjee and O. Deshpande, "IP resilience within an autonomous system: current approaches, challenges, and future directions," in IEEE Communications Magazine, vol. 43, no. 10, pp. 142-149, Oct. 2005, doi: 10.1109/MCOM.2005.1522138.
Abstract: Network survivability is gaining increasing attention from the Internet research community. The ubiquity of IP services has fueled increasing interest in ensuring their dependability, by making IP networks more disruption-tolerant. After providing a brief overview of how routing is accomplished in the Internet, this article reviews how the protocols react to failures or changes in network state within an autonomous system. The problems associated with current restoration schemes, with respect to newer and more stringent requirements posed by emerging services such as voice over IP, are identified. We present an overview of the schemes proposed to ameliorate fault recovery and critique their contributions. We also outline future research directions for improving IP resilience.
CN 102045237 A (Dong et al.)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAWNCHOY RAHMAN whose telephone number is (571)270-7471. The examiner can normally be reached Monday - Friday 8:30A-5P ET.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 5712723787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Shawnchoy Rahman/Primary Examiner, Art Unit 2438