DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/30/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1 & 8 are rejected under 35 U.S.C 103 as being unpatentable over Neil et al. (US 2015/0020199), hereon referred to as Neil, in view of Michael Roy Stute (US 2013/0117852), hereon referred to as Stute, in view of Gilbert et al. (US 2007/0226796), and hereon referred to as Gilbert.

	In regards to claims 1 & 8, Neil discloses monitor and store a network's traffic data (This approach was designed to monitor a computer network in real time; Paragraphs 0044; 0075); and serve traffic data to other modules (Graph having time-series data on each edge; Collecting data, by a computing system, from a plurality of host agents pertaining to network communications sent and received by respective hosts in a network;  This inferred traffic can then be used for network reconnaissance; The operational data may be collected as a single data set, or may be distributed over different locations including over different storage devices; Paragraphs 0009; 0013; 0031; 0042); identify a connection attempt from a user device to an intended destination with unknown risk potential (The method begins with periodically polling a plurality of host agents for data at 610. The data is collected from the plurality of host agents pertaining to network communications sent and received by respective hosts in a network at 620. In some embodiments, the collected data may be sent as one-way communications from the host agents via UDP. The data collected for each host may include process stop and start information; Paragraphs 0130-0135; Fig.2-6);  transmit a plurality of probe packets to the intended destination of the connection attempt; receive a plurality of response packets from the intended destination of the connection attempt (During data collection packets are transmitted and received from intended destination(s); Paragraphs 0106-0110; Figs.1-6); analyze the received plurality of response packets (The collected data is analyzed to detect anomalous behavior during a predetermined time period; Paragraphs 0130-0135; Fig.2-6). 
However, Neil does not disclose receive traffic data from the multi-dimensional time series data server; determine a required verification score for granting access to a network resource based at least in part on the analysis of the received response packets and the plurality of probe packets that were transmitted; and wherein a plurality of verification methods is used to build up a user's verification score to the required verification score in order for the user to gain access to the intended address. In an analogous art Stute discloses disclose receive traffic data from the multi-dimensional time series data server (A network data set is temporal, with a clearly researchable sequence (time-stamped packets and alerts; Paragraph 0056); determine a required verification score for granting access to a network resource based at least in part on the analysis of the received response packets and the plurality of probe packets that were transmitted; and wherein a plurality of verification methods is used to build up a user's verification score to the required verification score in order for the user to gain access to the intended address (Calculating a score that indicates an aggregate discrepancy between an amount of data in each of the subset of the component data types and the counts for each corresponding one of the historical data types in the given time period; Providing score that indicates an aggregate discrepancy, a weighted score as a baseline; Paragraphs 0007; 0055-0065; and 0150-0155).
 At the time before the effective filing date of the invention, it would have been obvious to an ordinary skill in the art to combine the teachings disclosed by Neil, with the teachings disclosed by Stute regarding disclose receive traffic data from the multi-dimensional time series data server; determine a required verification score for granting access to a network resource based at least in part on the analysis of the received response packets and the plurality of probe packets that were transmitted; and wherein a plurality of verification methods is used to build up a user's verification score to the required verification score in order for the user to gain access to the intended address.  The suggestion/motivation of the combination would have been to provide relevant alerts that are actually released to a security analyst's console (Stute; Paragraph 0006). 
However, the combination of Neil and Stute does not a directed computational graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof… . In an analogous art Gilbert discloses a directed computational graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof…(The graph analysis tool provides a three-order magnitude graph search performance increase and is able to process graphs that are three-orders of magnitude larger than conventionally processed in substantially little time; Paragraph 0091). 
At the time before the effective filing date of the invention, it would have been obvious to an ordinary skill in the art to combine the teachings disclosed by the combination of Neil and Stute, with the teachings disclosed by Gilbert a directed computational graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof… .The suggestion/motivation of the combination would have been to provide strategic attack interactively across huge data sets (Gilbert; Paragraph 0091).


Claims 2-7 & 9-14 are rejected under 35 U.S.C 103 as being unpatentable over , the combination of Neil, Stute and Gilbert, in view of Zhu et al. (US 2013/0111592), hereon referred to as Zhu. 
	In regards to claims 2 & 9, the combination of Neil, Stute and Gilbert does not disclose wherein the verification score is based at least in part on stored knowledge of the user. However, in an analogous art Zhu discloses wherein the verification score is based at least in part on stored knowledge of the user (User ID field may store information associated with a user (e.g., a username, password, personal identification number (PIN), etc.) of the user. The information associated with the user may also,  include information that uniquely identifies user device (e.g., a mobile directory number (MDN), a landline directory number (LDN), a device identifier, etc.), a network address associated with user device (e.g., an IP address, a media access control (MAC) address, etc.), etc.; Application manager may generate a user score (e.g., USS) based on the assigned user security score, user position level score, and/or user privilege score ; user ID etc.; Paragraphs 0037; 0068). 
	At the time before the effective filing date of the invention, it would have been obvious to an ordinary skill in the art to combine the teachings disclosed by the combination of Neil, Stute and Gilbert, with the teachings disclosed by Zhu regarding wherein the verification score is based at least in part on stored knowledge of the user. However, in an analogous art Zhu discloses wherein the verification score is based at least in part by a security-level associated with resources being accessed by the user.  The suggestion/motivation of the combination would have been to manage resources to protect the network from damage or disruption caused by the unauthorized resource access (Zhu; Paragraph 0015). 
	In regards to claims 3 & 10, Zhu discloses wherein the stored knowledge of the user comprises at least knowledge of user access privileges to resources on the local network (User ID field may store information associated with a user (e.g., a username, password, personal identification number (PIN), etc.) of the user. The information associated with the user may also,  include information that uniquely identifies user device (e.g., a mobile directory number (MDN), a landline directory number (LDN), a device identifier, etc.), a network address associated with user device (e.g., an IP address, a media access control (MAC) address, etc.), etc.; Application manager may generate a user score (e.g., USS) based on the assigned user security score, user position level score, and/or user privilege score ; user ID etc.; Paragraphs 0037; 0068). 
In regards to claims 4 & 11, Zhu discloses wherein at least a portion of the verification methods verifies visual media pertaining to the user (User ID field may store information associated with a user (e.g., a username, password, personal identification number (PIN), etc.) of the user. The information associated with the user may also,  include information that uniquely identifies user device (e.g., a mobile directory number (MDN), a landline directory number (LDN), a device identifier, etc.), a network address associated with user device (e.g., an IP address, a media access control (MAC) address, etc.), etc.; Application manager may generate a user score (e.g., USS) based on the assigned user security score, user position level score, and/or user privilege score ; user ID etc.; Paragraphs 0037; 0068). 
In regards to claims 5 & 12, Zhu discloses wherein at least a portion of the verification methods checks and verifies biometric features of the user (User ID field may store information associated with a user (e.g., a username, password, personal identification number (PIN), etc.) of the user. The information associated with the user may also,  include information that uniquely identifies user device (e.g., a mobile directory number (MDN), a landline directory number (LDN), a device identifier, etc.), a network address associated with user device (e.g., an IP address, a media access control (MAC) address, etc.), etc.; Application manager may generate a user score (e.g., USS) based on the assigned user security score, user position level score, and/or user privilege score ; user ID etc.; Paragraphs 0037; 0068). 
In regards to claims 6 & 13, Zhu discloses wherein at least a portion of the verification methods used are based on information obtained from untrusted parties (User ID field may store information associated with a user (e.g., a username, password, personal identification number (PIN), etc.) of the user. The information associated with the user may also,  include information that uniquely identifies user device (e.g., a mobile directory number (MDN), a landline directory number (LDN), a device identifier, etc.), a network address associated with user device (e.g., an IP address, a media access control (MAC) address, etc.), etc.; Application manager may generate a user score (e.g., USS) based on the assigned user security score, user position level score, and/or user privilege score ; user ID etc.; Paragraphs 0037; 0068). 
In regards to claims 7 & 14, Zhu discloses wherein at least a portion of the verification methods used are based on information pertaining to the user's device (User ID field may store information associated with a user (e.g., a username, password, personal identification number (PIN), etc.) of the user. The information associated with the user may also,  include information that uniquely identifies user device (e.g., a mobile directory number (MDN), a landline directory number (LDN), a device identifier, etc.), a network address associated with user device (e.g., an IP address, a media access control (MAC) address, etc.), etc.; Application manager may generate a user score (e.g., USS) based on the assigned user security score, user position level score, and/or user privilege score ; user ID etc.; Paragraphs 0037; 0068). 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARIF E ULLAH whose telephone number is (571)272-5453. The examiner can normally be reached Mon-Fri 7:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHARIF E ULLAH/Primary Examiner, Art Unit 2495