DETAILED ACTION
Response to Amendment
This action is in response to amendment filed March 01, 2022 for the application # 16/809,584 filed on March 05, 2020. Claims 1-4, 6-9, and 12 are pending and are directed toward a METHOD AND A DEVICE FOR SECURITY MONITORING OF A WIFI NETWORK.
Any claim objection/rejection not repeated below is withdrawn due to Applicant's amendment.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Response to Arguments
Applicant’s arguments with regards to claims 1-4, 6-9, and 12 have been fully considered, but they are not persuasive.
“patentable over Jain and Chiu” argument – As to claims 1 and 23, Applicant argues that as amended claim 1 clarifies that the network security state information is determined based on not only the first network security monitoring information but also second network security monitoring information from one or more other UEs. In addition, one of the two approaches is used to determine the network security state information of the target WiFi network as recited in Response – As preliminary subject matter new limitations are deficient under 35 USC 112(a) and 112(b). In regards to cited prior art Examiner points Applicant attention to Jain [0109], [0162], [163], [0186], and [0208] as used below in claim rejections.Conclusion -Therefore, in view of the above reasons, Examiner maintains rejections.
Priority
Acknowledgment is made of applicant's claim for foreign priority based on an application filed in PEOPLE'S REPUBLIC OF CHINA on 09/07/2017. It is noted, however, that applicant has not filed a certified copy of the CN201710802886.5 application as required by 37 CFR 1.55.
Claim Objections
Claim 7 is objected objected to because of the following informalities: limitation “When a number of pieces of network security metrics information” should not start from a capital letter.  Appropriate correction is required.
Claim Rejections - 35 USC § 112
Claims 1 and 12 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had 
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1 and 12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. It is not clear how “candidate network” of currently amended claims clarifies that the network security state information is determined based on not 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


 Claims 1, 2, 6-9 and 12 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Jain et al. (US 2016/0373944, Pub. Date: Dec. 22, 2016), hereinafter referred to as Jain.
As per claim 1, Jain teaches a method for security monitoring of a WiFi network at a network device, the method comprising:
acquiring first network security monitoring information corresponding to a target WiFi network that is transmitted by a user equipment, wherein the first network security monitoring information is acquired when the user equipment is connected to the target WiFi network (ensure the security audit for accessing to web server, communication between Server and Client. Jain, [0073], and FIG. 24 illustrates one embodiment of a WiFi end-to-end testing system; . Jain, [0055]);
determining network security state information of the target WiFi network based on the first network security monitoring information (WiFi metrics to be taken in tests include WiFi information (signal strength, location SSID, security), WiFi performance (time to connect, authenticate on WiFi network, battery impacts), throughput (downlink, uplink throughput using FTP, HTTP, iPERF, UDP, using short files, long files, with and without handovers ), web browsing (DNS lookup, first byte download, first page download across any number of popular sites, success rate), and email (E2E delay, success rate, accuracy). WiFi metrics further include video ( delay for stream URL, buffering start delay, time delay for playback start, time to buffering or playback completion for video from YouTube or similar services, voice over WiFi (multiple KPis-retain ability, availability, mobility, MOS/PESQ/POQA), data error rate (packet loss for different sized packets using advanced PING capabilities to multiple URLs), latency (using different PING packets to multiple URLs), data session establishment (authentication, tunnel set up and teardown times for GPRS, 3G, LTE, WiFi), WiFi offload ( device data usage metrics per minute, per hour, per day under GPRS, 3G, LTE, WiFi access and different locations and RF conditions), and load and stress testing (E2E delay, success rate, accuracy reported at access point level in aggregated manner). Jain, [0186]) in connection with second network security monitoring information on the target WiFi network acquired by one or more other user equipments (Referring now to FIG. 10A, there is illustrated a flowchart of a customer service video test method 1000. At step 1002, two devices connect to a first network, such as T-Mobile's LTE network. At step 1004, two other devices connect to a second network, such as AT&T's LTE network. At step 1006, all the devices play the same YouTube video per every 10 minutes for an entire day. At step 1008, all the devices report test results to the server 104. This allows the customer experience on both the first and second networks to be compared. Jain, [0163]), wherein determining the network security state information comprises either one of the following: combining the first network security monitoring information and the second network security monitoring information into a set and determining the network security state information based on the set against a security standard (Jain, [0109], [0162]); or determining security Jain, [0186]), and determining the network security state information based on a proportion of security information or risk information in the security information of the first candidate network and the security information of the one or more second candidate networks (Jain, [0208]);  and
providing the network security state information (Referring now to FIG. l0A, there is illustrated a flowchart of a customer service video test method 1000. At step 1002, two devices connect to a first network, such as T-Mobile's LTE network. At step 1004, two other devices connect to a second network, such as AT & T's LTE network. At step 1006, all the devices play the same YouTube video per every 10 minutes for an entire day. At step 1008, all the devices report test results to the server 104. This allows the customer experience on both the first and second networks to be compared. Jain, [0163]) to an administrative user of the target WiFi network (In one embodiment, the IA is a background application with little to no user interface except for popup messages from the human user perspective. However, a user interface is available for administrative users. One example is a UI that shows the stored values in UE DB/Log to access the configuration information and changes that may impact the UE functions for RF measurements. UI is able to show that collection timestamp changes based on server commands, may also be able to show RF Measurements. Jain, [0093]).
As per claim 2, Jain teaches the method according to claim 1, wherein the first network security monitoring information comprises one or more pieces of network security metrics information (For instance, the platform can perform actions on mobile devices or network elements in any cellular or WiFi network to enhance customer experience by measuring, analyzing and reporting metrics related to service, network equipment, devices, and applications. Jain, [0145]).
As per claim 6, Jain teaches the method according to claim 1, wherein a time interval between a first time interval when the first network security monitoring information is acquired and a second time interval when the second network security monitoring information is acquired is less than a preset time threshold (Referring now to FIG. 10B, there is illustrated a sample “average time to playback Comparison” report 1010. The report 1010 shows the average time in milliseconds that it took for the devices to begin playback, separated out for each network. This is depicted as a dotted line graph, with a line for each network and dot for each hour of the day for the test. The sample report 1010 indicates that the T-Mobile network performed much slower than the AT&T network, as its average time to playback was much higher. Jain, [0164]).
As per claim 7, Jain teaches the method according to claim 1, wherein the step of determining the network security state information of the target WiFi network based on the first network security monitoring information comprising: when a number of pieces of network security metrics information, which is lower than a corresponding security standard, of the first network security monitoring information reaches a preset threshold, determining the network security state information of the target WiFi network based on the first network security monitoring information in connection with the second network security monitoring information on the target WiFi network acquired by one or more other user equipments (Referring now to FIG. 21, there is illustrated an automated IRAT handover system 2100. The system 2100 includes an attenuator 2102 controlled by server 104. For instance, the server 104 may control the attenuator 2102 using a SetAttenuation command so that a first device 2104 and a second device 2106 have a strong WiFi signal. The server 104 sets up a long call between the first device 2104 and the second device 2106 using a MakeVoiceCall command. The call is then accomplished over the network 2108, in this case a WiFi network. However, the server 104 may change the attenuator so that another signal is stronger than the WiFi signal. For example, if the server 104 changes the attenuator to make the LTE signal stronger, it will cause the first device 2104 and the second device 2106 to handover to the LTE network. This can be repeated for any combination to cause different IRAT scenarios. Jain, [0189]).
As per claim 8, Jain teaches the method according to claim 1, wherein the method further comprising: acquiring wireless router information corresponding to the target WiFi network and/or access information of the target WiFi network submitted by a sharing user (For purposes of example, hotspot 1920 has within it a home subscriber 1930, that is, a subscriber of home service provider network 1902, connected to the edge router 1924 with a device. Hotspot 1922 has within it both a home subscriber 1932 and a visited subscriber 1934 connected to the edge router 1926. Using the IA client on the home subscribers or visited subscribers devices, the data performance on the various networks may be tested and compared, whether the network is a WiFi hotspot, a core service provider network, or cellular network. Additionally, the network performance of the home subscriber 1932 can be compared to the performance of the visited subscriber 1934 on hotspot 1922. Jain, [0184]);
determining the sharing user as the administrative user of the target WiFi network (Reporting and Applications Servers which provide powerful reporting on data tables and geographic information system (GIS). The servers integrate multiple services and OSS/BSS to application server while providing access to its functionality through a web-based US to users and administrators. Jain, [0062]);
Referring now to FIG. 4, there is illustrated a network level correlation and troubleshooting system 400. The system 400 includes a network node(s) 402, a consumer device(s) 404, and a network probes/OSS/NMS system(s) 406 connected to a data collection engine 408 over a network 410. The network node(s) 402 may be cellular or WiFi such as AP, eNodeB, S/P-GW, MME, etc. The consumer device(s) 404 may be smartphones, tablets, phablets, PCs, MAC, etc. The data collection engine 408 is part of the server 104. The data collection engine 408 includes a business intelligence engine 412, a reporting engine 414, a correlation and analytics engine 416, and a business rules engine 418. The system 400 can automate tests and KPI capture from layer 3 of the devices. The business rules engine 418 compares KPis with threshold values to determine pass/fail results. An admin GUI can be used to change thresholds, create additional tests, etc. Jain, [0142]).
As per claim 9, Jain teaches the method according to claim 1, wherein the method further comprising: based on the network security state information, providing network security prompt information to devices using the target WiFi network (The IA system 2416 may, in addition to the server 104, include an IA analytics module 2426, the database 112, and an admin GUI 2428. The admin GUI 2428 may provide a user interface to an operations, administration, and management (OAM) module 2430. The OAM module 2430 may allow for various monitoring and testing of the system 2400 to be executed, including ping reports ( carrier performance, carrier network type matrix, ping latency trend, ping latency distribution), data connection reports ( carrier performance, carrier network type matrix, data set up time trend), downloading reports ( carrier performance, carrier network type matrix, download speed trend, download speed distribution), uploading reports ( carrier performance, carrier network type matrix, upload speed trend, upload speed distribution) SMS reports ( carrier performance, inter-carrier matrix, carrier city matrix, destination performance, distribution, trends), and voice call reports ( carrier performance, inter carrier matrix, carrier city matrix, destination performance, distribution, trends). Jain, [0206]).
As per claim 12, Jain teaches a device for security monitoring of a WiFi network, comprising: one or more processors; a memory; and one or more programs stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions to:
acquire first network security monitoring information corresponding to a target WiFi network that is transmitted by a user equipment, wherein the first network security monitoring information is acquired when the user equipment is connected to the target WiFi network (Using the IA client on the home subscribers or visited subscribers devices, the data performance on the various networks may be tested and compared, whether the network is a WiFi hotspot, a core service provider network, or cellular network. Jain, [0184]);
determine network security state information of the target WiFi network based on the first network security monitoring information (WiFi metrics to be taken in tests include WiFi information (signal strength, location SSID, security), WiFi performance (time to connect, authenticate on WiFi network, battery impacts), throughput (downlink, uplink throughput using FTP, HTTP, iPERF, UDP, using short files, long files, with and without handovers ), web browsing (DNS lookup, first byte download, first page download across any number of popular sites, success rate), and email (E2E delay, success rate, accuracy). WiFi metrics further include video ( delay for stream URL, buffering start delay, time delay for playback start, time to buffering or playback completion for video from YouTube or similar services, voice over WiFi (multiple KPis-retain ability, availability, mobility, MOS/PESQ/POQA), data error rate (packet loss for different sized packets using advanced PING capabilities to multiple URLs), latency (using different PING packets to multiple URLs), data session establishment (authentication, tunnel set up and teardown times for GPRS, 3G, LTE, WiFi), WiFi offload ( device data usage metrics per minute, per hour, per day under GPRS, 3G, LTE, WiFi access and different locations and RF conditions), and load and stress testing (E2E delay, success rate, accuracy reported at access point level in aggregated manner). Jain, [0186]) in connection with second network security monitoring information on the target WiFi network acquired by one or more other user equipments (Referring now to FIG. 10A, there is illustrated a flowchart of a customer service video test method 1000. At step 1002, two devices connect to a first network, such as T-Mobile's LTE network. At step 1004, two other devices connect to a second network, such as AT&T's LTE network. At step 1006, all the devices play the same YouTube video per every 10 minutes for an entire day. At step 1008, all the devices report test results to the server 104. This allows the customer experience on both the first and second networks to be compared. Jain, [0163]), in connection with second network security monitoring information on the target WiFi network acquired by one or more other user equipments (Referring now to FIG. 10A, there is illustrated a flowchart of a customer service video test method 1000. At step 1002, two devices connect to a first network, such as T-Mobile's LTE network. At step 1004, two other devices connect to a second network, such as AT&T's LTE network. At step 1006, all the devices play the same YouTube video per every 10 minutes for an entire day. At step 1008, all the devices report test results to the server 104. This allows the customer experience on both the first and second networks to be compared. Jain, [0163]), wherein determining the network security state Jain, [0109], [0162]); or determining security information of a first candidate network of the target WiFi network based on the first network security monitoring information and determining security information of one or more second candidate networks of the target WiFi network based on the second network security monitoring information (Jain, [0186]), and determining the network security state information based on a proportion of security information or risk information in the security information of the first candidate network and the security information of the one or more second candidate networks (Jain, [0208]);  and
provide the network security state information (Referring now to FIG. l0A, there is illustrated a flowchart of a customer service video test method 1000. At step 1002, two devices connect to a first network, such as T-Mobile's LTE network. At step 1004, two other devices connect to a second network, such as AT & T's LTE network. At step 1006, all the devices play the same YouTube video per every 10 minutes for an entire day. At step 1008, all the devices report test results to the server 104. This allows the customer experience on both the first and second networks to be compared. Jain, [0163]) to an administrative user of the target WiFi network (In one embodiment, the IA is a background application with little to no user interface except for popup messages from the human user perspective. However, a user interface is available for administrative users. One example is a UI that shows the stored values in UE DB/Log to access the configuration information and changes that may impact the UE functions for RF measurements. UI is able to show that collection timestamp changes based on server commands, may also be able to show RF Measurements. Jain, [0093]).
 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Jain et al. (US 2016/0373944, Pub. Date: Dec. 22, 2016), in view of Chiu et al. (US 2016/0359895, Pub. Date: Dec. 8, 2016), hereinafter referred to as Jain and Chiu.
As per claim 3, Jain teaches the method according to claim 2, but does not teach risk, Chiu however teaches wherein the network security state information comprises risk information, and the risk information is determined by at least one network security metrics information, which is lower than a corresponding security standard, of the one or more pieces of network security metrics information (the cybersecurity analysis module 202 can utilize the cybersecurity risk module 208 to facilitate generating, based on the first metric and the second metric, a third metric indicating an overall level of cybersecurity risk associated with the particular network component. The third metric can, for instance, represent a measure of cyber threat severity, for the particular network component, that takes into consideration the likelihood that the particular network component has one or more cyber vulnerabilities, Chiu, [0054]).
Jain in view Chiu are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Jain in view Chiu. This would have been desirable because the customer data can be associated with at least one of a customer count, an issue resolution time, a reliability index, and/or a customer criticality metric, etc. In this 

As per claim 4, Jain in view Chiu teaches the method according to claim 3, wherein the step of providing the network security state information to the administrative user of the target WiFi network comprising: if the network security state information comprises risk information, providing the network security state information and a security management policy of a matching wireless router to the administrative user of the target WiFi network (The cybersecurity analysis module 102 can process the acquired data and provide a detailed analysis of various cybersecurity issues for the operational technologies and the information technologies. In some embodiments, the cybersecurity analysis module 102 can provide or be utilized with a control panel or dashboard that presents cybersecurity information (e.g., the detailed analysis) to an entity, such as a cybersecurity analyst or manager ( or administrator) who is responsible for determining how to proceed when a multitude of cybersecurity risks are detected within the energy delivery network. The cybersecurity information or analysis can, for example, specify where the cybersecurity risks are located (e.g., where they are currently located, where they may be located in the future, etc.), who the affected customers are, where the affected customers are, and/or a list of specific items to be examined in attempt to mitigate the cybersecurity risks, etc. Chiu, [0048], and The computer-implemented method of claim 1, wherein the plurality of network components includes at least one of a router, Chiu, Claim 14).
Jain in view Chiu are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art .

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938.  The examiner can normally be reached on 5:00 AM- 4:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/OLEG KORSAK/Primary Examiner, Art Unit 2492