DETAILED ACTION
This communication is responsive to the application # 16/498,009 filed on September 26, 2019. By preliminary amendment Claims 1-8 are pending and are directed toward INITIALIZATION VECTOR IDENTIFICATION FOR ENCRYPTED MALWARE TRAFFIC DETECTION.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-8 are rejected under 35 U.S.C. 112(a) or pre-AIA  35 U.S.C. 112, first paragraph, as based on a disclosure which is not enabling.  The disclosure does not enable one of ordinary skill in the art to practice the invention without limitation “connection setup portion”, which is/are critical or essential to the practice of the invention but not included in the claim(s). See In re Mayhew, 527 F.2d 1229, 188 USPQ 356 (CCPA 1976). See Specification page 67, lines 9-13, and FIGURE 18.
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential elements, such omission amounting to a gap between the elements.  See MPEP § 2172.01.  The omitted elements are: connection setup portion. If currently claimed “a predefined offset in a network communication” is located beyond a connection setup portion of network traffic then the claimed method fails.

Allowable Subject Matter
Claims 1-8 are indicated as allowable over prior art.
The following is a statement of reasons for the indication of allowable subject matter:  
US Patent Publication 2006/0117386 by Gupta et al. teaches a method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer.
US Patent Publication 2011/0302656 by El-Moussa teaches a malicious behaviour detector for detecting malicious behaviour on a network.
US Patent Publication 2015/0058992 by El-Moussa teaches detecting and identifying malicious code injected into other legitimate web pages.


US Patent Publication 2015/0128263 by Raugas et al. teaches that machine learning models may be applied to the feature vectors producing a score. The score may indicate the presence of malware or the presence of a particular type of malware.
NPL " Application Identification from Encrypted Traffic based on Characteristic Changes by Encryption, IEEE 2011, 6 pages", by Okada et al. discloses to identify traffic using statistical information regarding the traffic. The traffic features are determined by collecting traffic statistics derived from analyzing monitored packets. The use of machine learning (ML) with this approach initially resulted in high identification accuracy for major applications.
NPL " A Survey on Encrypted Traffic Classification, ATIS 2014, CCIS 490, pp. 73–81, 2014", by Cao et al. discloses the basic information of encrypted traffic classification, emphasizing the influences of encryption on current classification methodology. Then, summarize the challenges and recent advances in encrypted traffic classification research.
None of the cited references teaches limitation “a set of hidden units smaller in number than the set of input units and each interconnecting all input units and all output units with weighted interconnections, such that the autoencoder is trainable to provide an approximated reconstruction of values of the input units at the output units” as currently claimed in combination with other limitations.
As allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).
 
Conclusion
`Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938.  The examiner can normally be reached on 5:00 AM- 4:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/OLEG KORSAK/
Primary Examiner, Art Unit 2492