Notice of Pre-AIA  or AIA  Status
Claims 1-31 remain for examination.  The amendment filed 12/30/21 amended claims 1, 3-7, 15, 16, 18-22, 30, & 31.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant's arguments filed 12/30/21 have been fully considered but they are not persuasive. Regarding the independent claims, Applicant argues:
Yoshigoe, whether considered alone or in combination with the remaining citations, fails to disclose or suggest at least the foregoing recitations of amended claim 1. Yoshigoe, is cited as disclosing a software solution which automates the process of “synthetic” packet generation for imitating behavior of real IOT device applications (e.g., synthetic packets imitating open/close door events or motion detection). With respect to the elements of claim 4-6 that are now recited in amended claim 1, Yoshigoe is cited as “hiding” the source and destination address of the original traffic by using a VPN and/or encrypting and encapsulating traffic. See Action at p. 9. However, encrypting and encapsulating traffic serves to obscure a source or destination address, which are predefined and remain unchanged albeit cryptographically obscured. Similarly, directing traffic to a VPN serves to route the traffic through a pre-defined VPN address prior to the VPN further routing the traffic according to the predefined destination address specified by the data payload.

Apthorpe is similarly cited as disclosing that use of a VPN for protecting IoT traffic “specifically alters the source address of the new packet to that of the home gateway router and the destination address to that of the VPN exit point instead of the IoT server (Apthorpe, page 4, "C. Tunneling traffic", particularly the second paragraph).” Action at. p. 9. However, like Yoshigoe, Apthorpe utilizes a pre-defined source address (i.e., the Gateway address) and pre-defined destination address (i.e., the VPN address) for each transmission.

In view of the foregoing, Yoshigoe and Apthorpe do not define a source or destination address for the data traffic and thus fail to disclose or suggest “generating a fabricated source address or a fabricated destination address,” in accordance with the recitations of amended claim 1. Moreover, because Yoshigoe and Apthorpe simply hide a predefined source or destination address using encryption, or utilize a predefined VPN address, Yoshigoe and Apthorpe also fail to disclose or suggest “randomizing the forged data traffic ... by generating a fabricated source address or a fabricated destination address,’ or that “the forged data traffic including the fabricated source address or the fabricated destination address adds an entropy factor to the data traffic from said communication device connected to the network,” as recited in amended claim 1.



A VPN wraps all traffic from an endpoint (like a home gateway router) in an additional transport layer, aggregating it into a single stream. This stream has the source IP address of the home gateway router and the destination IP address of the server implementing the VPN exit point. In effect, a adversary would see all traffic as originating and terminating from a single pair of endpoints, rather than from individual smart home devices and their cloud servers.

	Thus, the fact that the actual source and destination address remains inside the fake packet, albeit in encrypted form, it does not teach away from the fact that the actual source and destination addresses used by the routers (and observable by any eavesdroppers) to route the packet are the fabricated source and destination addresses corresponding to the VPN end points.  Additionally, Examiner notes that the independent claims do not place any limits on what it means for an address to be forged, other than presumably that they are not the original addresses.  The Examiner also notes that the claim limitation “wherein the forged data traffic…adds an entropy factor to the data traffic…” does not appear to be a functional limitation, as there is no disclosure in the instant specification as to what specifically that would entail; rather, the specification makes it clear in context that the mere fact that one can create fake traffic 
Applicant’s remaining arguments against the specific dependent claims (see page 13 of the amendment filed 12/30/21) have been considered but are moot in view of the new rejection of those claims.

Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-5, 7-10, 13, 14, 16-20, 22-25, 28, 29, & 31 are rejected under 35 U.S.C. 103 as being unpatentable over “Overcoming Invasion of Privacy in Smart Home Environment with Synthetic Packet Injection” (from the IDS of 2/25/21; hereinafter, “Yoshigoe”) in view of “Closing the Blinds: Four Strategies for Protecting Smart Home Privacy from Network Observers” (from the IDS of 1/9/20; hereinafter, “Apthorpe”).

Regarding claims 1, 16, and 31:
Yoshigoe discloses a method, system, and non-transitory computer readable storage medium for protecting data traffic from a communication device against fingerprinting or privacy leakage, comprising: receiving data traffic from a communication device connected to a network (pages 2-3, “B. Capturing Network Traffic of Smart Things”); analyzing the received data traffic to determine network nd column, particularly Table 1 wherein operational characteristics of the devices such as the length and frequency of the packets generated are observed and recorded); generating forged data traffic for the network based on the determined network activity or operational characteristic of the communication device (page 5, “B. Synthetic Packet Injection Framework”); and transmitting the forged data traffic to an external communication device that is located outside the network, wherein the forged data traffic adds an entropy factor to the data traffic from said communication device connected to the network (Ibid; see also page 5, “C. Synthetic Packets Engine and VPN”, which confirms that fake packets can be sent to an external cloud server). 
Yoshigoe further discloses using a VPN to encrypt and encapsulate traffic to protect one’s privacy (page 5, “IV. Smart Home Privacy, A. Previously Implemented Solutions”, first paragraph), which inter alia hides the source and destination addresses of the original traffic (Ibid: “This removes the ability for a hacker to monitor the source and destination addresses of packets coming from your network and specifically from your hub”). A person of ordinary skill in the cryptographic arts would recognize Yoshigoe’s recitation of employing a VPN to hide one’s traffic would inherently entail that the envelope packet containing the encrypted packet would have fabricated source and destination addresses instead of the actual addresses of the original packet.  Nevertheless, assuming arguendo that this were not inherently the case, Apthorpe confirms in a related disclosure pertaining to known methods to protect IoT traffic that not only is a VPN recommended for this purpose, but that doing so specifically alters the source address of the new packet to that of the home gateway router and the destination 

Regarding claims 2 and 17:	The combination further discloses wherein the external communication device comprises an Internet Service Provider server (Yoshigoe: e.g. Figures 1, 2, and 12). 

Regarding claims 3 and 18:	The combination further discloses wherein generating the forged data traffic comprises at least one of: normalizing data traffic based on the network activity or operational characteristics of the communication device, and synthesizing data traffic based on the network activity or operational characteristics of the communication device (normalizing traffic at Apthorpe, page 5, first column: “A device and its cloud service could also inject traffic to maintain a constant traffic rate…”). 

Regarding claims 4, 5, 7, 19, 20 and 22:

 
Regarding claims 8 and 23:	The combination further discloses encrypting the forged data traffic before transmitting the forged data traffic to the external communication device (Yoshigoe: page 5, “C. Synthetic Packets Engine and VPN”, particularly the first sentence thereof). 

Regarding claims 9 and 24:	The combination further discloses wherein the forged data traffic comprises encrypted data (Yoshigoe: Ibid). 

Regarding claims 10 and 25:	The combination further discloses wherein the fabricated destination address comprises a website on the Internet (Yoshigoe: e.g. Amazon, as per page 3, 1st column, 1st paragraph). 



Regarding claims 14 and 29:	The combination further discloses wherein transmitting the forged data traffic to the external communication device comprises sending the forged data traffic through a virtual private network (VPN) tunnel (Yoshigoe: page 5, “C. Synthetic Packets Engine and VPN”). 

Claims 6 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Yoshigoe in view of Apthorpe as applied to claims 1 & 16 above, and further in view of Park (U.S. Patent Publications 2020/0153861).

Regarding claims 6 and 21:
	Although the combination further discloses wherein the randomized data traffic comprises the fabricated source address or the fabricated destination address (see the rejections of claims 4, 5, 7, 19, 20, & 22 supra), they are silent regarding wherein the fabricated source address identifies a nonexistent communication device and wherein the fabricated destination address is a destination address that matches data traffic from a type of communication device that is different from a type of the communication device.  However, Park discloses a related invention comprising these limitations (see .

Claims 11, 12, 26, and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Yoshigoe in view of Apthorpe as applied to claims 3 & 15 above, and further in view of “ProfilloT: A Machine Learning Approach for IoT Device Identification Based on Network Traffic Analysis” (from the IDS of 1/9/20; hereinafter, “Meidan”).

Regarding claims 11 and 26:	Yoshigoe and Apthorpe are silent regarding training a machine learning model based on the analysis of the received data traffic. However, Meidan discloses a related invention for analyzing IoT traffic comprising the use of a machine learning model (e.g. page 507, “3.2 Model Training”).  It would have been obvious prior to the effective filing date of the instant application to train a machine learning model as disclosed by Meidan, to help identify the particular traffic that needs to be analyzed by the Yoshigoe & Apthorpe disclosures, as doing so also provides the additional advantage of being 

Regarding claims 12 and 27:	Yoshigoe further discloses an activity monitor arranged to analyze the received data traffic to determine network activity or operational characteristics of the communication device (page 4, 2nd column, particularly Table 1 wherein operational characteristics of the devices such as the length and frequency of the packets generated are observed and recorded), but both Yoshigoe and Apthorpe are silent regarding updating a machine learning model based on the analysis of the received data traffic or the determined network activity or operational characteristics of said communication device.  However, Meidan discloses a related invention for analyzing IoT traffic comprising the use of a machine learning model (e.g. page 507, “3.2 Model Training”).  It would have been obvious prior to the effective filing date of the instant application to train a machine learning model as disclosed by Meidan, to help identify the particular traffic that needs to be analyzed by the Yoshigoe and Apthorpe disclosures, as doing so also provides the additional advantage of being able to detect unknown and unwanted IoT devices on one’s network and subsequently mitigate violations of operational policies (Meidan, page 509, “6. Conclusion”).

Claims 15 & 30 are rejected under 35 U.S.C. 103 as being unpatentable over Yoshigoe in view of Apthorpe as applied to claims 1 & 16 above, and further in view of Genty (U.S. Patent 6,738,910).

Regarding claims 15 and 30:	Although Yoshigoe discloses sending at least one forged data traffic stream through a VPN tunnel (page 5, “C. Synthetic Packets Engine and VPN”), it is unclear if this could be extended to embodiments comprising two or more separate VPN tunnels.  However, Apthorpe teaches in a related disclosure pertaining to known methods to protect IoT traffic that one could not only use VPNs to protect one’s smart home traffic, but that one could establish a single VPN creating multiple tunnels to service multiple smart homes (Apthorpe, page 4, “C. Tunneling traffic”, particularly the penultimate paragraph: “This problem could be addressed by having the VPN provider act as an endpoint for traffic from multiple smart homes”).  It would have been obvious prior to the effective filing date of the instant application to divide the forged data traffic into two or more forged data traffic streams; and send the forged data traffic streams through two or more virtual private network (VPN) tunnels, wherein the two or more forged data traffic streams include the received data from said communication device, as suggested by Apthorpe, as doing so would help protect the anonymity of the owners of said smart home devices (Apthorpe, Ibid). 
	It is noted that even under the construction above, Yoshigoe in view of Apthorpe only appear to support two tunnels on the same VPN, and are silent regarding using two or more VPNs.  However, Genty discloses a related invention for using VPN connections to send fake data, including at least one embodiment employing at least two VPNs with multiple tunnels each (Figure 7, and col. 6, lines 30-65).  It would have been obvious prior to the filing date of the instant application to employ multiple VPNs .
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
U.S. Patent Publication 2019/0159035 (Town) and 
U.S. Patent Publication 2016/0080415 (Wu)
“How VPN Works?” (Zico Deng)
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THOMAS A GYORFI whose telephone number is (571)272-3849. The examiner can normally be reached 10:00am - 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

THOMAS A. GYORFI
Examiner
Art Unit 2435



/THOMAS A GYORFI/Examiner, Art Unit 2435                                                                                                                                                                                                        3/24/22
/FATOUMATA TRAORE/Primary Examiner, Art Unit 2436