Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to an amendment filed 3/15/22.
Claims 1-2, 4-20

Response to Arguments
Claim Objections
The applicant’s amendments are sufficient to overcome the previous objections which are consequently withdrawn.

Rejections under 35 U.S.C. §103
Applicant's arguments filed 3/15/22 have been fully considered but they are not persuasive.

First, none of the cited references, alone or in combination, teach or suggest "executing a backward type propagation of the control flow graph and accessing a type signature database to determine a first type of the basic function." Kim does not perform backward propagation. Rather, Kim "infer[s] the type of the variable based on at least one of an instruction using the variable as an operand and a standard library function using the variable as a parameter;" (see, e.g., FIG. 2, paragraphs [0043] and [0044], and claim 4), where "inferring the type of the variable comprises: determining a plurality of variable type candidates based on a plurality of instructions associated with the variable; and determining the type of the variable based on the plurality of variable type candidates" (see, e.g., FIG. 2, paragraphs [0043] and [0044], and claim 5).(par. bridging pp. 7-8)

The examiner respectfully disagrees. For example, Kim discloses “… read[ing] the assembly code for each user function … and determines a correspondence to … an instruction pattern that calls a variable type inferable standard library function” (par. [0083]). Here it should be seen that a variable type is inferred based on the type known to be used to call the “standard library function”. Although not explicitly referred to as “backward propagation”, this appears to correspond to applicant’s description of “backward propagation” (see e.g. par. [0033] “the type of the first variable may be inferred form the type that the library function requires”). Accordingly, contrary to the applicant’s assertion, Kim discloses backward propagation as described in the specification. 

Second, none of the cited references, alone or in combination, teach or suggest "backward propagating the first type, to determine a first portion of the signature of the first function." The Examiner agrees that Kim does not "determine a first portion of the signature." Additionally, as explained above, Kim does not perform any backward propagation. Likewise, Adams infers signatures from their use, with no mention of backward propagation. (Cited paragraph [0026]). There is no teaching or suggestion in Adams about backward propagating the first type, to determine a first portion of the signature of the first function. Moreover, Applicant fails to see any suggestion in Adams for determining "a first portion of the signature of the first function." Rather, Adams infers the (entire) functions from their use (Id.). (2nd full par. on pg. 8)

The examiner disagrees. First, as discussed above, Kim discloses performing backward propagation. Further, Kim discloses propagating types to “each variable type … for each user function”. While it could be argued that those of ordinary skill in the art would have understood “each variable type” to include variable types of the parameters of that function this is at least not explicitly disclosed in Kim. Accordingly, the action refers to Adams which explicitly teaches inferring “signatures”. Accordingly, at least in combination, Kim and Adams teach inferring a “signature” as claimed. 

Rejections Under 35 U.S.C. §101
The applicant’s amendments are sufficient to overcome the previous rejections which are consequently withdrawn.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 2021/0132924 to Kim et al. (Kim) in view of US 2009/00341291j to Adams (Adams).

Claims 1 and 18: Kim discloses a method, performed by one or more processors, for function summarization in an object code to determine malicious portions or vulnerabilities in the object code (par. [0038] “to remove vulnerabilities”), the method comprising: 
disassembling the object code by a disassembler software tool (par. [0041] “assembly code … calculated by disassembling the target binary 10”);
identifying, from the object code, a basic function having a known signature called by a first function from the object code, the first function to be summarized having a signature (par. [0082] “for each user function … that calls a variable type inferable standard library function”, note that all functions have a signature); 
executing a backward type propagation of disassembled code and accessing a type signature database to determine a first type of the basic function, the first type being a type of an argument of the basic function or a type of a return value of the basic function (par. [0083] “a variable type known to have the parameter of the standard library function may be inferred as a type of a variable corresponding to the variable estimation pattern”, par. [0098] “a type of a return value of a function, the number and type of parameters”); 
backward propagating the first type, to determine a first portion of the first function (par. [0105] “determines each variable type … for each user function”);
determining a summary of the first function, based on the portion of the signature of the first function (par. [0105] “determines each variable type … for each user function”); and
executing a static analysis on the summary of the first function to determine malicious portions or vulnerabilities in the object code (par. [0038] “to remove vulnerabilities … information on the types and sizes of the variables may be used in … generating various types of patch code”).

Kim does not explicitly teach:
disassembling the object code to generate a control flow graph including one or more basic blocks connected by edges.

li teaches dissembling object code to generate a control flow graph including one or more basic block connected by edges (par. [0043] “A control flow graph may be produced using a disassembler”).

It would have been obvious at the time of filing to disassemble the object code to generate a control flow graph (Li par. [0043] “A control flow graph may be produced using a disassembler”, Kim par. [0041] “disassembling the target binary 10”). Those of ordinary skill in the art would have been motivated to do so as a known means of representing object code for analysis which would have produced only the expected results. 

Kim and Li do not explicitly teach determining a first portion of the signature of the first function.

Adams teaches determining a first portion of a signature of a function (par. [0026] “performing type inference … signatures inferred from their use”).

It would have been obvious at the time of filing to determine a first portion of the signature of the first function (Adams par. [0026] “performing type inference … signatures inferred from their use”, Kim par. [0082] “for each user function”). Those of ordinary skill in the art would have been motivated to do so as a known means of type inference which would have produced only the expected results. 

Claims 2 and 19: Kim and Adams teach claims 1 and 18, wherein the propagating of the first type comprises propagating the first type based on object code (Kim par. [0010] “identifying a type of a variable within a binary”).

Claim 4: Kim and Adams teach claim 1, comprising determining the entire signature of the first function, the determining of the entire signature of the first function comprising the propagating of the first type, to determine the first portion of the signature of the first function (Adams par. [0026] “performing type inference … signatures inferred from their use”).

Claims 5 and 20: Kim and Adams teach the method of claims 4 and 19, further comprising determining, based on the entire signature of the first function, a summary of the first function (Adams par. [0026] “determining from the characteristics of the use of undeclared names, what kind of names they are (method, class, interface, property, etc.)”), 
wherein the determining of the summary comprises looking up the entire signature in a summarization database (e.g. Kim par. [0097] “the standard library function pattern DB 226”).

Claim 6: Kim and Adams teach the method of claim 1, wherein the basic function is a library function (Kim par. [0083] “standard library function”).

Claim 7: Kim and Adams teach the method of claim 1, wherein the first type is a type of an argument of the basic function (Kim par. [0083] “the parameter of the standard library function”).

Claim 8: Kim and Adams teach the method of claim 7, further comprising: 
determining a second type, the second type being a type of a return variable of the basic function (Kim par. [0098] “a type of a return value of a function”); and 
propagating the second type, to determine a second portion of the signature of the first function (Kim par. [0105] “determines each variable type … for each user function”).

Claim 9: Kim and Adams teach the method of claim 8, wherein: 
the propagating of the first type comprises propagating the first type backward (Kim par. [0098] “The type of data used as the … parameter … may be inferred”), and 
the first portion of the signature comprises a type of an argument of the first function (Kim par. [0098] “The type of data used as the return value … may be inferred”).

Claim 10: Kim and Adams teach the method of claim 8, wherein: 
the propagating of the second type comprises propagating the second type forward (Kim par. [0098] “The type of data used as the return value … may be inferred”), and
the second portion of the signature comprises a type of a return value of the first function (Kim par. [0105] “determines each variable type … for each user function”, Adams par. [0026] “signatures inferred from their use”).

Claim 11: Kim and Adams teach the method of claim 10, wherein: 
the propagating of the first type further comprises propagating the first type forward (Kim par. [0098] “The type of data used as the return value … may be inferred”), and 
the first portion of the signature further comprises a type of a return value of the first function (Kim par. [0105] “determines each variable type … for each user function”, Adams par. [0026] “signatures inferred from their use”).

Claim 12: Kim and Adams teach the method of claim 11, wherein: 
the propagating of the second type further comprises propagating the first type backward (Kim par. [0098] “The type of data used as the … parameter … may be inferred”), and 
the second portion of the signature further comprises a type of an argument of the first function (Kim par. [0105] “determines each variable type … for each user function”, Adams par. [0026] “signatures inferred from their use”).

Claim 13: Kim and Adams teach the method of claim 11, wherein the combination of the first portion of the signature and the second portion of the signature is the entire signature (Kim par. [0105] “determines each variable type … for each user function”, note that what constitutes the signature would depend on the structure of the code, and it would have been obvious to those of ordinary skill in the art that at least in some cases the signature would be formed from the first and second portions).

Claim 14: Kim and Adams teach the method of claim 1, wherein the first portion of the signature is the entire signature (Kim par. [0105] “determines each variable type … for each user function”, note that what constitutes the signature would depend on the structure of the code, and it would have been obvious to those of ordinary skill in the art that at least in some cases the signature would be formed from the first portion).

Claim 15: Kim and Adams teach the method of claim 1, further comprising: 
identifying the first function as a function called by a second function (Kim par. [0107] “determines whether each instruction corresponds to a variable type inferable instruction or function, and generates the variable type inference information 16 therefrom”; par. [0103] “Each information inferred may be stored as the variable type inference information 16”, this describes types inferred for the first function used to infer further types, at least obviously, including calls in a second function); 
determining a second type, the second type being a type of an argument of the first function or a type of a return value of the first function (Kim par. [0083] “a variable type known to have the parameter of the standard library function may be inferred as a type of a variable corresponding to the variable estimation pattern”, par. [0098] “a type of a return value of a function, the number and type of parameters”); and 
propagating the second type, to determine a first portion of the signature of the second function (Kim par. [0105] “determines each variable type … for each user function”).

Claim 16: Kim and Adams teach the method of claim 15, further comprising determining, based on the portion of the signature of the second function, a summary of the second function (Adams par. [0026] “performing type inference … signatures inferred from their use”).

Claim 17: Kim and Adams teach the method of claim 15, comprising determining the entire signature of the second function, the determining of the entire signature of the second function comprising the propagating of the second type, to determine the first portion of the signature of the second function (Kim par. [0105] “determines each variable type … for each user function”, Adams par. [0026] “performing type inference … signatures inferred from their use”).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 2017/0004303 to Yan discloses additional methods of disassembling object code to generate a control flow graph (see e.g. par. [0044])

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON D MITCHELL whose telephone number is (571)272-3728. The examiner can normally be reached Monday through Thursday 7:00am - 4:30pm and alternate Fridays 7:00am 3:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on (571)272-3759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JASON D MITCHELL/Primary Examiner, Art Unit 2199