DETAILED ACTION
This action is in response to new application filed 6/30/2020 titled “Deep Learning-Based Analysis of Signals for the Treat Detection”. Claims 1-20 were received for examination.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Acknowledgment is made of applicant's claim for foreign priority under 35 U.S.C. 119(a)-(d).  The certified copy has been received.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 2/2/2021 and 11/30/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 5-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Hassan et al “Tactical Provenance Analysis for Endpoint Detection and Response Systems” May 18 2020 (listed on IDS filed 11/30/2021) in view of Griffin et al (US 2020/0167464).
With respect claim 1 Hassan teaches a computer-implemented method comprising: 
receiving process data from a client computer system based on activity and behaviors of the client (section II.A, IV.A logs generated by system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48], which comprise low-level system events including process launches and file operations and capture causal relationships between different system entities); 
generating a process tree based on parent and child relationships associated with the process data (fig. 4a, 12a; section IV.A, parent-child process relationships are identified); 
associating signals with processes of the process data in the generated process tree based on the signals produced by each process (fig. 4a, 12a; section IV. C, provenance graph; section IV. D, a process that generated an alert event; the system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48] employed identify events with the processes which produced said event, e.g. ETW, DeviceProcessEvents table, InitiatingProcessId int Process ID (PID) of the process that initiated the event); 
generating a vector of a sequence of events based on a chronological execution of the process data associated with each signal (fig. 4b, 12b; section Iv.C, the edges describe the timestamp of event occurrence; section III.C temporal orderings between the different alerts present in the IIP graph yields the TPG); 
generating a score that indicates whether the sequence represented by the vector is malicious (see section V a threat score is calculated for the attack describer by the TPG). 
Hassan does not teach generating the score based on inputting the vector into a trained model and causing a security risk mitigation action based on the score satisfying an alert threshold.
Griffin teaches generating the score based on inputting the vector into a trained model (see Griffin paragraph 0015-0016 i.e. An artificial neural network 110 receives the vectorized process trees from process tree vectorization tool 108 as training input for a training of the artificial neural network 110. After the training of the artificial neural network 110 is completed, malicious activity detection system 104 receives process trees 112 that specify other computer processes that are currently executing on another computer (not shown) and process tree vectorization tool 108 vectorizes process trees 112 to generate additional vectorized process trees. Process tree vectorization tool 108 sends the additional vectorized process trees as input vectors to artificial neural network 110, which subsequently generates an output indicating that one or more of the additional vectorized process trees indicates a malicious activity 114 and generates remediation recommendation(s) 116 (i.e., recommendation(s) to correct or prevent computer system damage, disruption, or misappropriation based on malicious activity 114)) and, 
causing a security risk mitigation action based on the score satisfying an alert threshold (see Griffin figure 2 step 214 and paragraph 0027 i.e. In one embodiment, performing the remedial action in step 214 includes malicious activity detection system 104 (see FIG. 1) proactively preventing subsequent malicious activity in the computer system by preventing a completion of a subsequent computer process that performs the subsequent malicious activity).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hassan in view of Griffin to have performed remedial action if a malicious activity is detection by preventing the completion of a subsequent computer process that performs the subsequent malicious activity to protect to computer from the malicious activity (see Griffin paragraph 0009 and 0027). Therefore one would have been motivated to have causing a security risk mitigation action based on the score satisfying an alert threshold.
	
With respect claim 2 Hassan teaches the method of claim 1, wherein the signal data is further comprised of at least one of raw signals or signals generated by human-generated logic based on analyzing activity performed by the client (section II.A, IV.A logs generated by system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48], which comprise low-level system events including process launches and file operations and capture causal relationships between different system entities).

With respect claim 3 Hassan teaches the method of claim 1, wherein the signal data is received from a signal repository comprised of filtered signals based on activity associated with the signals (Hassan section Iv.C, For our graph reduction algorithm, we assume the properties of the provenance graph and backward tracing graph described in Section IV-C. We also assume all the alert events in the provenance graph are incident to at least one process vertex. Based on these properties, we propose the following two rules to prune the provenance graph at any point in time while preserving TPG-based alert correlation).

With respect claim 4 Hassan teaches the method of claim 1, wherein the process data is comprised of events that occur within a period of time from the client computer system (Hassan fig. 4b, 12b; section Iv.C, the edges describe the timestamp of event occurrence; section III.C temporal orderings between the different alerts present in the IIP graph yields the TPG).

With respect claim 6 Hassan teaches the method of claim 5, wherein the embedding layer compresses the sequence of events into low-dimensional vectors that are further processed by the trained model (Hassan section I Introduction To better utilize the limited space available on hosts for long-term log storage, we present a novel log reduction technique that, instead of storing all the system events present in the logs, maintains a minimally-sufficient skeleton graph. This skeleton graph retains just enough context (system events) to not only identify causal links between the existing alerts but also any alerts that may be triggered in the future. Even though skeleton graphs reduce the fidelity of system logs, they still preserve all the information necessary to generate TPGs for threat score assignment, risk assessment, and high-level attack visualization).

With respect claim 7 Hassan teaches the method of claim 1, wherein the score indicates a probability of the sequence of events being malicious (Hassan section V A key goal of RapSheet is to group alerts and assign them a threat score that can be used to triage those contextualized alerts. Because some alerts are more suspicious than others, we pursued a scoring mechanism that incorporated a risk score of the individual alerts).

With respect claim 8 Hassan teaches the method of claim 1, wherein the alert threshold is determined based on an indication of a degree of malicious activity or threat to detect on the client computer system (Hassan section V a threat score is calculated for the attack describer by the TPG)).

With respect claim 9 Hassan teaches the method of claim 1, wherein predicting whether the sequence of events is malicious is based on using the trained model in combination with a plurality of other models (Hassan figure 4 and section IV ).

With respect claim 10 Hassan teaches a behavior scoring computer system comprising: one or more hardware processors; and one or more computer-readable media having executable instructions embodied thereon, which, when executed by the one or more processors, cause the one or more hardware processors to execute: a signal scoring model configured to: 
receive process data from a client computer system based on activity and behaviors of the client (Hassan section II.A, IV.A logs generated by system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48], which comprise low-level system events including process launches and file operations and capture causal relationships between different system entities); 
generating a process tree based on parent and child relationships associated with the process data (Hassan fig. 4a, 12a; section IV.A, parent-child process relationships are identified); 
associate signals with processes of the process data in the generated process tree based on the signals produced by each process (Hassan fig. 4a, 12a; section IV. C, provenance graph; section IV. D, a process that generated an alert event; the system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48] employed identify events with the processes which produced said event, e.g. ETW, DeviceProcessEvents table, InitiatingProcessId int Process ID (PID) of the process that initiated the event); 
generating a vector of a sequence of events based on a chronological execution of the process data associated with each signal (Hassan fig. 4b, 12b; section Iv.C, the edges describe the timestamp of event occurrence; section III.C temporal orderings between the different alerts present in the IIP graph yields the TPG); 
generating a score that indicates whether the sequence represented by the vector is malicious (Hassan see section V a threat score is calculated for the attack describer by the TPG). 
Hassan does not teach generating the score based on inputting the vector into a trained model and causing a security risk mitigation action based on the score satisfying an alert threshold.
Griffin teaches generating the score based on inputting the vector into a trained model (see Griffin paragraph 0015-0016 i.e. An artificial neural network 110 receives the vectorized process trees from process tree vectorization tool 108 as training input for a training of the artificial neural network 110. After the training of the artificial neural network 110 is completed, malicious activity detection system 104 receives process trees 112 that specify other computer processes that are currently executing on another computer (not shown) and process tree vectorization tool 108 vectorizes process trees 112 to generate additional vectorized process trees. Process tree vectorization tool 108 sends the additional vectorized process trees as input vectors to artificial neural network 110, which subsequently generates an output indicating that one or more of the additional vectorized process trees indicates a malicious activity 114 and generates remediation recommendation(s) 116 (i.e., recommendation(s) to correct or prevent computer system damage, disruption, or misappropriation based on malicious activity 114)) and, 
causing a security risk mitigation action based on the score satisfying an alert threshold (see Griffin figure 2 step 214 and paragraph 0027 i.e. In one embodiment, performing the remedial action in step 214 includes malicious activity detection system 104 (see FIG. 1) proactively preventing subsequent malicious activity in the computer system by preventing a completion of a subsequent computer process that performs the subsequent malicious activity).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hassan in view of Griffin to have performed remedial action if a malicious activity is detection by preventing the completion of a subsequent computer process that performs the subsequent malicious activity to protect to computer from the malicious activity (see Griffin paragraph 0009 and 0027). Therefore one would have been motivated to have causing a security risk mitigation action based on the score satisfying an alert threshold.

With respect claim 11 Hassan teaches the system of claim 10, wherein the signal data is further comprised of at least one of raw signals or signals generated by human-generated logic based on analyzing activity performed by the client computer (Hassan section II.A, IV.A logs generated by system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48], which comprise low-level system events including process launches and file operations and capture causal relationships between different system entities).

With respect claim 12 Hassan teaches the system of claim 10, wherein the signal data is received from a signal repository comprised of filtered signals based on activity associated with the signals (Hassan section Iv.C, For our graph reduction algorithm, we assume the properties of the provenance graph and backward tracing graph described in Section IV-C. We also assume all the alert events in the provenance graph are incident to at least one process vertex. Based on these properties, we propose the following two rules to prune the provenance graph at any point in time while preserving TPG-based alert correlation).

With respect claim 13 Hassan teaches the system of claim 10, wherein the process data is comprised of events that occur within a period of time from the client (Hassan fig. 4b, 12b; section Iv.C, the edges describe the timestamp of event occurrence; section III.C temporal orderings between the different alerts present in the IIP graph yields the TPG).

With respect claim 14 Hassan teaches the system of claim 10 further comprising, wherein predicting whether the sequence of events is malicious is based on using the trained model in combination with a plurality of other models (Hassan figure 4 and section IV ).

With respect claim 15 Hassan teaches one or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: receiving process data from a client computer system based on activity and behaviors of the client (Hassan section II.A, IV.A logs generated by system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48], which comprise low-level system events including process launches and file operations and capture causal relationships between different system entities); 
generating a process tree based on parent and child relationships associated with the process data (Hassan fig. 4a, 12a; section IV.A, parent-child process relationships are identified); 
associating signals with processes of the process data in the generated process tree based on the signals produced by each process (fig. 4a, 12a; section IV. C, provenance graph; section IV. D, a process that generated an alert event; the system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48] employed identify events with the processes which produced said event, e.g. ETW, DeviceProcessEvents table, InitiatingProcessId int Process ID (PID) of the process that initiated the event); 
generating a vector of a sequence of events based on a chronological execution of the process data associated with each signal (Hassan fig. 4b, 12b; section Iv.C, the edges describe the timestamp of event occurrence; section III.C temporal orderings between the different alerts present in the IIP graph yields the TPG); 
generating a score that indicates whether the sequence represented by the vector is malicious (Hassan section V a threat score is calculated for the attack describer by the TPG). 
Hassan does not teach generating the score based on inputting the vector into a trained model and causing a security risk mitigation action based on the score satisfying an alert threshold.
Griffin teaches generating the score based on inputting the vector into a trained model (see Griffin paragraph 0015-0016 i.e. An artificial neural network 110 receives the vectorized process trees from process tree vectorization tool 108 as training input for a training of the artificial neural network 110. After the training of the artificial neural network 110 is completed, malicious activity detection system 104 receives process trees 112 that specify other computer processes that are currently executing on another computer (not shown) and process tree vectorization tool 108 vectorizes process trees 112 to generate additional vectorized process trees. Process tree vectorization tool 108 sends the additional vectorized process trees as input vectors to artificial neural network 110, which subsequently generates an output indicating that one or more of the additional vectorized process trees indicates a malicious activity 114 and generates remediation recommendation(s) 116 (i.e., recommendation(s) to correct or prevent computer system damage, disruption, or misappropriation based on malicious activity 114)) and, 
causing a security risk mitigation action based on the score satisfying an alert threshold (see Griffin figure 2 step 214 and paragraph 0027 i.e. In one embodiment, performing the remedial action in step 214 includes malicious activity detection system 104 (see FIG. 1) proactively preventing subsequent malicious activity in the computer system by preventing a completion of a subsequent computer process that performs the subsequent malicious activity).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hassan in view of Griffin to have performed remedial action if a malicious activity is detection by preventing the completion of a subsequent computer process that performs the subsequent malicious activity to protect to computer from the malicious activity (see Griffin paragraph 0009 and 0027). Therefore one would have been motivated to have causing a security risk mitigation action based on the score satisfying an alert threshold.

With respect claim 16 Hassan teaches the media of claim 15, wherein the signal data is further comprised of at least one of raw signals or signals generated by human-generated logic based on analyzing activity performed by the client computer (Hassan section II.A, IV.A logs generated by system-level auditing frameworks, such as Windows ETW [47] and Linux Audit [48], which comprise low-level system events including process launches and file operations and capture causal relationships between different system entities).

With respect claim 17 Hassan teaches the media of claim 15, wherein the signal data is received from a signal repository comprised of filtered signals based on activity associated with the signals (Hassan section Iv.C, For our graph reduction algorithm, we assume the properties of the provenance graph and backward tracing graph described in Section IV-C. We also assume all the alert events in the provenance graph are incident to at least one process vertex. Based on these properties, we propose the following two rules to prune the provenance graph at any point in time while preserving TPG-based alert correlation).

With respect claim 18 Hassan teaches the media of claim 15, wherein the process data is comprised of events that occur within a period of time from the client computer (Hassan fig. 4b, 12b; section Iv.C, the edges describe the timestamp of event occurrence; section III.C temporal orderings between the different alerts present in the IIP graph yields the TPG).

With respect claim 20 Hassan teaches the media of claim 15, wherein predicting whether the sequence of events is malicious is based on using the trained model in combination with a plurality of other models (Hassan figure 4 and section IV).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Hassan et al “Tactical Provenance Analysis for Endpoint Detection and Response Systems” May 18 2020 (listed on IDS filed 11/30/2021) in view of Griffin et al (US 2020/0167464) in view of Nguyen et al (US 2020/0314117).
With respect to claim 5 Hassan teaches the method of claim 1, but does not disclose wherein the trained model is comprised of: an embedding layer; two convolutional neural networks; and a bidirectional long short-term memory recurrent neural network.
	Nguyen teaches wherein the trained model is comprised of: an embedding layer; two convolutional neural networks; and a bidirectional long short-term memory recurrent neural network (see Nguyen paragraph 0044 i.e. In various examples, e.g., of CM(s) 114 for classifying events or other use cases noted herein, the CM(s) 114 may include, but are not limited to, multilayer perceptrons (MLPs), neural networks (NNs), gradient-boosted NNs, convolutional NNs (CNNs), deep neural networks (DNNs) (i.e., neural networks having at least one hidden layer between an input layer and an output layer), autoencoders (e.g., DNNs in which the dimensionality of the hidden-layer outputs is smaller than that of the input layer or the output layer), recurrent neural networks (RNNs) such as long short-term memory (LSTM) networks or Gated Recurrent Unit (GRU) networks, transformer neural networks (arXiv:1706.03762 [cs.CL]), decision trees such as Classification and Regression Trees (CART), boosted trees or tree ensembles such as those used by the “xgboost” library, decision forests, autoencoders (e.g., denoising autoencoders such as stacked denoising autoencoders), Bayesian networks, support vector machines (SVMs), or hidden Markov models (HIVIMs). In some examples of DNNs, the hidden layer has fewer neurons than the input layer does, and the hidden layer has fewer neurons than the output layer does. In these examples, the hidden layer is an example of a chokepoint layer. In some examples, the DNN includes more than one hidden layer. The CMs 114 can additionally or alternatively include regression models, e.g., linear or nonlinear regression using mean squared deviation (MSD) or median absolute deviation (MAD) to determine fitting error during the regression; linear least squares or ordinary least squares (OLS); fitting using generalized linear models (GLM); hierarchical regression; Bayesian regression; or nonparametric regression).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hassan in view of Nguyen to use many different neural network in the training model since each type of neural network for strengths and weaknesses as a design choose. Therefore one would have been motivated to have use many different neural network in the training model.

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Hassan et al “Tactical Provenance Analysis for Endpoint Detection and Response Systems” May 18 2020 (listed on IDS filed 11/30/2021) in view of Griffin et al (US 2020/0167464) in view of Mesdaq et al (US 9,292,501).
With respect to claim 19 Hassan teaches the media of claim 15, but does not disclose wherein the score is a number between 0 and 1 indicating the probability of the sequence of events being malicious (see Mesdaq column 13 lines 6-24 i.e. As noted above, the method 300 may conduct a separate analysis following operation 305 to generate a preliminary malware score, which describes the probability that the suspect object is malware. For example, the preliminary malware score may fall between 0.0 and 1.0).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Hassan in view of Mesdaq to use Mesdaq to have used a score value between 0 and 1 indicating the probability of the sequence of events being malicious as a design choose (see Mesdaq column 13 lines 6-24. Therefore one would have been motivated to have used a malware score value between 0 and 1 indicating the probability of the sequence of events being malicious.

Prior Art
	SAHA et al (US 2021/0303986) titled “VALIDATION OF DEEP NEURAL NETWORK (DNN) PREDICTION BASED ON PRE-TRAINED CLASSIFIER”
	Chen et al (US 10,915,631) titled “Deep Learning On Execution Trace Data For Exploit Detection”
	Park et al (US 10,778,705) titled “Deep-learning-based Intrusion Detection Method, System And Computer Program For Web Applications”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEVIN E ALMEIDA whose telephone number is (571)270-1018.  The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 5:00 P.M.  The examiner can also be reached on alternate Fridays from 7:30 A.M. to 4:00 P.M. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Saleh Najjar, can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/DEVIN E ALMEIDA/Examiner, Art Unit 2492                                                                                                                                                                                                        

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492