Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Allowable Subject Matter
Claims 1-20 are allowed.
The following is a statement of reasons for the indication of allowable subject matter: 
 An updated search has been performed and no prior art has been found that reads on the claims as amended. Therefore, none of the cited prior art whether taken alone or in any reasonable combination, reads on the newly claims as presented by the Applicant.
Consideration with respect to 35 U.S. C 101, claim 8 is not rejected under 35 U.S. C 101 because “a computer-readable storage medium” does not include waves, signals, and/or other transitory and/or intangible communication media, per se, as evidence by para.0061.

The prior art of record fails to teach “utilizing a traffic probe packet to determine a packet delay value associated with the data traffic exchanged between the source node and the destination node over the source-destination link via the network; … determining that the packet delay value is greater than a normal packet delay value; in response to determining that the packet delay value is greater than the normal packet delay value, determining that a man-in-the-middle attacker has compromised the source-destination link; commanding the virtual machine to be decommissioned; instructing a virtualization orchestrator to create a new source node, a new virtual machine, and a new man-in-the-middle protection module, wherein the data traffic is rerouted to be exchanged between the new source node and the destination node over a new source-destination link via the network; creating fake data traffic comprising replica data packets of data packets contained in the data traffic; and sending the fake data traffic towards the man-in-the-middle attacker over the source-destination link via the network”, as substantially described in independent claim(s) 1, 8 and 15.  These limitations, in combination with the remaining limitations of claim(s) 1, 8 and 15 are not taught nor suggested by the prior art of record.
Mead (US 2017/0318008) teaches, see at least claim 2, a man-in-the-middle third party actively intercepts the transmission and attempts to modify the transmission by performing an attack by recalculating a product of the transmission, then, due to the complexity of the time-consuming calculations, a latency time caused by the complexity of the time-consuming calculations by the man-in-the-middle third party that are added to the latency time created by the client device or the server, plus the latency time of the transmission, causes a total latency time delay to be outside of the allowed latency threshold to indicate that a man-in-the-middle third party is present; encrypting data, using a processor associated with the client device and collected client device or user information; transmitting the encrypted data from the client device to the server via a network link therebetween; decrypting the data, at the server, using a server-side copy of two or more of: a username, a password, a challenge question, and the collected information.
Kraus et al (US 2017/0353490) teaches, see fig.6-7, see para.0036, n response to the attack, an isolated network slice is created in Step 605 in accordance with one or more embodiments of the invention. Creating the isolated network slice may include the security application issuing instructions to the orchestrator to create the network slice, see para.0039, to determine the baseline utilization levels, the sentries may analyze usage patterns for each network resource. If the traffic is abnormal (e.g., that amount of traffic is a threshold more than the baseline utilization level), the sentry may detect an anomaly. The sentry may analyze other aspects of the traffic, such as the source IP address, destination IP address, source port, and protocol to determine that an anomaly exists see para.0042.In other words, valid traffic from client source nodes remain being routed to the valid network resource while malicious traffic is rerouted to the deceptive network resource. Thus, to an attack source node, the traffic may appear to be routed to a valid network resource and, thus, may be incentivized to continue the attack while the network is identifying the attacker and gathering information about the attack. Because the deceptive network resource is only created and the network is only modified when an attack is occurring, hardware and software resources for the network slice are not unnecessarily allocated when an attack does not exist.
Conclusion
Applicant is encouraged to submit a written authorization for Internet communications (PTO/SB/439, http://www.uspto.gov/sites/default/files/documents/sb0439.pdf) in the instant patent application to authorize the examiner to communicate with the applicant via email. The authorization will allow the examiner to better practice compact prosecution. The written authorization can be submitted via one of the following methods only: (1) Central Fax which can be found in the Conclusion section of this Office action; (2) regular postal mail; (3) EFS WEB; or (4) the service window on the Alexandria campus. EFS web is the recommended way to submit the form since this allows the form to be entered into the file wrapper within the same day (system dependent). Written authorization submitted via other methods, such as direct fax to the examiner or email, will not be accepted. See MPEP § 502.03.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VINNCELAS LOUIS whose telephone number is (571)270-5138. The examiner can normally be reached 8:30-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael Thier can be reached on 571-272-2832. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/VINNCELAS LOUIS/Primary Examiner, Art Unit 2474