Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communications received 6/15/2020. Claims 1-10 are pending.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 6/15/2020 and 10/4/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 4, 6 and 9 are rejected under 35 USC 103 as being unpatentable over 
Regarding claim 1, Dong discloses “Detecting and Locating Man-in-the-Middle Attacks in Fixed Wireless Networks”, by Dong et al., Journal of Computing and Information Technology - CIT 23, 2015, p.283-293, hereinafter Dong, in view of US 20060197702 to Jones, hereinafter Jones.
Regarding claim 1, Dong discloses 
A computing system for detecting Man-in-the-Middle (MITM) intrusions on a local area network (LAN), comprising at least one processor and at least one memory storage communicatively coupled to the at least one processor on which is stored computer-readable instructions that when executed by the at least one processor cause the computing system to perform steps including: emitting a plurality of first echo requests onto the LAN and determining first network features from responses to the first echo requests, wherein the first network features include round trip time (RTT), impulse energy response, and jitter (p.283 left column; the first network features are the features corresponding to the baseline of RTTs and received signal strength, the RTTs including jitter (delay between transmitted and received packets)); p.287, right column to p. 288: use Ping for statistical measurements of RTTs, where the pings are impulse signals and impulse response) ; emitting one or more second echo requests onto the LAN; measuring second network features from responses to the second echo requests; determining that the second network features are anomalous with respect to the first network features (p. 284, left column: MITM attacks introduce delay in RTT and different signal strength, compared to the baseline; p.288, under 4.1: compare measurements of RTT and signal strength between baseline and connection under attack, detect MITM) .  
Dong does not explicitly teach issuing an MITM alert. However, responsively issuing an MITM alert
 It would have been obvious to a skilled artisan before the application was filed to raise an alert after detecting the attack because it would allow to take remedial actions.
Regarding claim 4, Dong in view of Jones discloses the system of claim 1, wherein determining the first and the second network features includes determining mean values of the network features (Dong, p.284, on left: mean and standard variations of RTTs and RSSIs).  
Regarding claim 6, the claim recites substantially the same content as claim 1 and is rejected by the rationales for rejecting claim 1.
Regarding claim 9, the claim recites substantially the same content as claim 4 and is rejected by the rationales for rejecting claim 4.

Claim 2 and 7 are rejected under 35 USC 103 as being unpatentable over Dong and Jones, and in view of “Investigations on Passive Channel Impulse Response of Ultra Wide Band Signals For Monitoring and Safety Applications”, by Moschevikin et al., 2016, IEEE, p.97-104, hereinafter Moschevikin.
Regarding claim 2, Dong in view of Jones discloses the system of claim 1, wherein each of the first echo requests includes packetized data (Dong, p.287:  on left under 3.4.  data packets transmitted between nodes) but does not teach wherein the packetized data include randomly selected elements. In an analogous art, Moschevikin discloses detecting attacks by comprising channel impulse response (CIR) compared to a profile (p.99, on left), and selecting random CIRs from the datasets (p.102, 2nd
It would have been obvious to a skilled artisan before the application was filed to randomly select elements because it would optimize sampling and smooth out the phase difference between signals and improve the comparison with the profile (Moschevikin p.98 last para on right). 
Regarding claim 7, the claim recites substantially the same content as claim 2 and is rejected by the rationales for rejecting claim 2.

Claim 3 and 8 are rejected under 35 USC 103 as being unpatentable over Dong, Jones and Moschevikin, and in view of “A fully-integrated 77-GHz pseudo-random noise coded Doppler radar sensor with programmable sequence generators in SiGe technology”, by Ng et al., 2014, IEEE, 4 pages, hereinafter Ng.
Regarding claim 3, Dong in view of Jones and Moschevikin discloses the system of claim 2, but does not teach wherein the randomly selected elements are selected by a pseudorandom binary sequence generator incorporating maximal linear feedback shift registers to provide a maximal length sequence signal.  
In an analogous art, Ng discloses generating a modulated signal at a transmitting node and receiving the signal reflected by the receiver with a calculated round trip time (p.2, on right, under C) to p.3 on left). Ng discloses generating the signal using pseudo-random binary sequence (PRBS) generators, implemented using linear feedback shift registers which can generate maximum-length sequences (p.1 on left). It would have been obvious to a skilled artisan before the application was filed to use PRBS as taught by Ng because it would increase the dynamic range of the signal and enable a fine range resolution (Ng p.1, on right).
Regarding claim 8, the claim recites substantially the same content as claim 3 and is rejected by the rationales for rejecting claim 3.

 Claims 5 and 10 are rejected under 35 USC 103 as being unpatentable over Dong and Jones, in view of “Root mean square error (RMSE) or mean absolute error (MAE)?”, by Chai et al., 2014, 1525–1534, hereinafter Chai.
Regarding claim 5, Dong in view of Jones discloses the system of claim 1; Dong discloses determining the difference in measured RTT and RSSI values with the mean and standard deviations of the RTTs and RSSIs (Dong p.284, on left) but Dong in view of Jones does not explicitly teach:  wherein determining that the second network features are anomalous includes determining a root mean square error (RMSE) score for a difference between the first and second network features. In an analogous art, Chai discloses the RMSE is a well-know metrics for calculating error, in evaluating models. (p.1526, Abstract), therefore Chai teaches the limitation. It would have been obvious to a skilled artisan before the application was filed to determine the differences using RMSE as taught by Chai because “RMSE errors are unbiased and follow a normal distribution and using RMSE or the standard error helps provide a complete picture of the error distribution” (Chai, p.1528, under 2).
Regarding claim 10, the claim recites substantially the same content as claim 5 and is rejected by the rationales for rejecting claim 5.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Bowen 10171495 discloses comparing connection parameters for a request against a set of predetermined signals analyzed using a trained model to determine a probability that a connection is improper, compare the probability against a threshold to det if the connection is suspicious.
Gunnam 20130111204 discloses detecting a mman-in-the-middle attack on a communication channel.
Khandani 20190104121 discloses RTT measurements between nodes A and B, where packets are simultaneous sent from nodes A and node B and their time of arrival noted in nodes A and A respectively; average the  delays to get statistical average ...


Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        3/18/2022