DETAILED ACTION
This is a non-final office action in response to applicant’s communication filed on 1/9/2020.
Claims 1-20 are pending and being considered.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claims 1, 4, 8-20 are objected to because of the following informalities:  
Claim 1 line 2, “a plurality of software defined data centers (SDDC)” may read “a plurality of software defined data centers (SDDCs)”.
Similarly, claim 9 line 1, “An SDDC in a plurality of software defined data centers (SDDC)” may read “An SDDC in a plurality of software defined data centers (SDDCs)”; claim 16 line 4, “a plurality of software defined data centers (SDDC)” may read “a plurality of software defined data centers (SDDCs)”.
Claim 4 line 2, “… is a logarithm of a checksum” may read “… is a logarithm of the checksum”. It is not clear “a checksum” is another checksum or is the “checksum” recited in claim 3.
Similarly, claim 12; claim 19.
Claim 8 line 1, “optimizing parameters of the GANN …” may read “the optimizing parameters of the GANN …”.
Claim 7 line 3, “wherein transferring knowledge …” may read “wherein the transferring knowledge …”. 
Similarly, claim 20 line 3, “wherein transferring knowledge …” may read “wherein the transferring knowledge …”.
Claim dependency error: applicant is advised to fix the claim dependency error as shown below. For the purpose of examination, the claim dependency of below claims is assumed as indicated as “interpreted as claim …” (in Claim Rejections). Correction is required.
Claims 10, 11, 15 each recites “The SDDC of claim 8” where claim 8 is the method claim. It appears applicant is intended to recite “The SDDC of claim 9” instead. 
Claims 12-14 each recites “The SDDC of claim 10”. It appears these claims may depend on claim 11 instead. 
Claims 17, 18, 20 each recites “The non-transitory computer-readable medium of claim 15” where claim 15 is the SDDC claim. It appears applicant is intended to recite “The non-transitory computer-readable medium of claim 16” instead. 
Claim 19 recites “The non-transitory computer-readable medium of claim 17”. It appears the claim may depend on claim 18 instead. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2-3, 10-11, 17-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 2 line 2 recites the limitation "the signature". There is insufficient antecedent basis for this limitation in the claim.
Similarly, claim 10 line 2; claim 17 line 2.
Claim 3 line 5 recites “the intrusion signature distributions”. There is insufficient antecedent basis for this limitation in the claim.
Similarly, claim 11 line 5; claim 18 line 5.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 9-15 are rejected under 35 USC § 101 because the claimed invention is directed to non-statutory subject matter. The claims are not statutory as they are drawn as a whole to a software per se. The claims do not fall within at least one of the four categories of patent eligible subject matter because the claim is directed to a "An SDDC in a plurality of software defined data centers (SDDC), each including an intrusion detection system (IDS) containing a convolutional neural network (CNN)". An SDDC or a plurality of SDDCs, under the broadest reasonable interpretation in light of applicant’s specification can be software, per se, since both IDS and CNN can be software. Applicant is suggested to recite SDDC comprising at least one hardware component such as hardware processor, memory in the claim to overcome the rejection.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 9, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al (US20190042878A1, hereinafter, “Sheller”), in view of Li et al (CN108123931A, hereinafter, “Li”), further in view of Iashyn et al (US2020025252296A1, hereinafter, “Iashyn”).
Regarding claim 1, Sheller teaches:
A method for distributing knowledge of intrusion attacks derived from a plurality of (Sheller, discloses method for distributed use of a machine learning model by aggregating training results of multiple edge devices to updated centralized model and re-distribute to the edge devices for subsequent training, see [Abstract], [0013]) [software defined data centers (SDDC), each of the SDDCs having a convolutional neural network (CNN)] (see the teachings of Li below for limitation(s) in bracket), the method comprising: 
transferring knowledge derived from training of each of the [CNNs] to a centralized [generative adversarial neural network (GANN) that includes a discriminator and a generator], wherein each [CNN is trained with intrusion signatures available to the CNN], [and wherein the discriminator of the GANN receives the knowledge of each of the CNNs and trains the generator of the GANN] (Sheller, See Fig. 4, Train classification layers using local data 420, 421 to provide model update to Aggregator device. And [0063] Each edge 130, 137 transmits its model update to the aggregator device 110 for aggregation. Examiner notes Sheller’s edge deice is CNN in view of Li’s teaching of CNNs of limitations in bracket, and Aggregator device is GANN in view of Iashyn’s teachings of GAN of limitations in bracket above. See Li’s and Isahyn’s teachings below); and 
receiving and transferring knowledge (Shaller, Fig. 4, step 410 where Aggregator device transmits updated model to Edge devices) [in the generator of the centralized GANN to the CNNs in each of the SDDCs], wherein each [CNN] can use either knowledge derived from its training or the received knowledge from the generator to perform intrusion detection and prevention of incoming data packets (Shaller, [0023] Using the aggregated model updates, the example aggregator device 110 updates a centrally stored model. The updated model then serves as a new model for the next training iteration, and is provided to the edge devices (shown as the model 115 in the illustrated example of FIG. 1). By allowing multiple training iterations to be performed, the example system enables models to be adjusted over time to adapt to changing input data. And [0064] Using the aggregated model updates, the example aggregator device 110 updates a centrally stored model. (Block 450). The updated model then serves as a new model for the next training iteration, and control proceeds to block 410 where the process of FIG. 4 is repeated). Examiner further notes that it is obvious to one ordinary skilled in the art that once the intrusion is detected, incoming data packets are to be prevented.  
	While Shaller discloses the main concept of the invention for distributed use of knowledge from training of machine learning model but does not explicitly teaches training CNNs in network of SDDCs, Li in the same field of endeavor teaches:
software defined data centers (SDDC), each of the SDDCs having a convolutional neural network (CNN), CNN is trained with intrusion signatures available to the CNN (LI, discloses method of DDoS attack defense in software defined network, [Abstract]. And [0031], or [0074]: a convolutional neural network model detection module: learning and classifying the input characteristic (i.e. intrusion signatures); judging whether it is the attack type characteristic; if so, marking the characteristic of the type as the attack type; if the input characteristic is judged to be normal type characteristic; due to the limitation of the capability of the convolutional neural network model detecting module, the normal characteristics may be mixed with the attack characteristic; sending the characteristic information into the stack self-coding model detection module for further analysis). Examiner notes, Li teaches DDoS CNN detection model in a software defined network (SDN) which can be interpreted as CNN for intrusion detection in SDDC and it is obvious to one ordinary skilled to understand the teachings of a CNN in one SDN can be applied to a plurality of CNNs in a plurality of SDNs;
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Li in the distributed use of machine learning model of Shaller by training CNN model detection module in SDN and building model using attack characteristic information. This would have been obvious because the person having ordinary skill in the art would have been motivated to train the CNN model with attack characteristic for improved detection precision (Li, [Abstract]). 
The combination of Shaller-Li does not explicitly teach the following limitation(s) but in the same field of endeavor Iashyn teaches:
generative adversarial neural network (GANN) that includes a discriminator and a generator, wherein the discriminator of the GANN receives the knowledge of each of the CNNs and trains the generator of the GANN, [receiving and transferring knowledge] (see Shaller above for the limitation in bracket) in the generator of the centralized GANN to the CNNs in each of the SDDCs (Iashyn, discloses knowledge aggregation for GAN-based anomaly detection with distributing GAN model training, see [Abstract], [Title]. And [0076] The loop of the discriminator 406 providing feedback to the generator 404 and the generator 404 further refining the fake samples 408/modeling the actual behavior of the modeled device can continue until equilibrium is reached. Specifically, equilibrium can be reached when the discriminator 406 can no longer determine which of the fake samples 408/a threshold number of the fake samples 408 provided by the generator 404 are actually fake samples when compared to the real telemetry data 410. And [0077] The overall loop of the generator 404 providing the fake samples 408 to the discriminator 406 and the discriminator 406 comparing the fake samples 408 to the real telemetry data 410 can continue during operation of the device, even when equilibrium is reached, and [0078] the first network edge device 302 can provide a generator of the first GAN model 308 back to the unified GAN training system 306. Similarly, the second network edge device 304 can provide a generator of the second GAN model 310 to the unified GAN training system 306);
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Iashyn in the distributed use of machine learning model of Shaller-Li by training discriminator and generator of GAN in SDN to generate unified GAN model. This would have been obvious because the person having ordinary skill in the art would have been motivated to combine Li’s teachings of CNN in SDN as distributed edge devices of Shaller with Iashyn’s teachings of GAN models in SDN for knowledge aggregation (Iashyn, [Abstract]) as model aggregator device of Shaller allowing multiple training iterations to be performed to enable models to be adjusted over time to adapt to changing input data (Shaller, [0023]). 

Regarding claim 9, Sheller-Li-Iashyn combination teaches:
An SDDC in a plurality of software defined data centers (SDDC), each including an intrusion detection system (IDS) containing a convolutional neural network (CNN) (Shaller, discloses method for distributed use of a machine learning model by aggregating training results of multiple edge devices to an updated centralized model and re-distribute to the edge devices for subsequent training, see [Abstract], [0013]. Also, Sheller’s teachings apply to convolutional neural network, e.g. [0045]. And Li and Iashyn teach SDN which can be interpreted as SDDC), each IDS being configured to: perform steps substantially similar to the method steps of claim 1, therefore is rejected with same rational set forth as rejection of claim 1 above.

Regarding claim 16, Sheller-Li-Iashyn combination teaches:
A non-transitory computer-readable medium comprising instructions executable in a computer system, wherein the instructions when executed in the computer system cause the computer system to carry out a method for distributing knowledge of intrusion attacks derived from a plurality of software defined data centers (SDDC), each of the SDDCs having a convolutional neural network (CNN) (Sheller, discloses method for distributed use of a machine learning model by aggregating training results of multiple edge devices to a updated centralized model and re-distribute to the edge devices for subsequent training, see [Abstract]. And [0058] The program may be embodied in software stored on a non-transitory computer readable storage medium. Further Sheller in view of Li and Iashyn teaches CNN, SDDC and GANN below), the method comprising: performing steps substantially similar to the method steps of claim 1, therefore is rejected with same rational set forth as rejection of claim 1 above.

Claims 2, 10, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn as applied above, further in view of Zhao et al (CN109002715A, hereinafter, “Zhao”).
Regarding claim 2, similarly claim 10, claim 17, Sheller-Li-Iashyn combination teaches:
The method of claim 1, the SDDC of claim 8 (interpreted as claim 9), the non-transitory computer-readable medium of claim 15 (interpreted as claim 16), 
The combination of Sheller-Li-Iashyn does not explicitly teach but Zhao in the same field of endeavor teaches:
wherein the CNN at each of the SDDCs has an output stage that ascribes to the signature a probability that the signature is an attack (Zhao, discloses method of CNN-based malicious software identification, [Abstract] and [Title]. And [0065] step 105: mixing the data feature matrix as input convolutional neural network, the convolutional neural network training is performed, the output of the convolutional neural network is malicious probability of the sample software and non-malicious probability).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Zhao in the distributed use of machine learning model of Shaller-Li-Iashyn by judging the convolutional neural network output of malicious probability or non-malicious probability. This would have been obvious because the person having ordinary skill in the art would have been motivated to train the convolutional neural network for malicious software identification with high and simple precision (Zhao, [Abstract]). 

Claims 3, 11, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn as applied above, further in view of Jakobsson et al (US20140047544A1, hereinafter, “Jakobsson”) and Zhang et al (CN1770700A, hereinafter, “Zhang”).
Regarding claim 3, similarly claim 11, claim 18, Sheller-Li-Iashyn combination teaches:
The method of claim 1, the SDDC of claim 8 (interpreted as claim 9), the non-transitory computer-readable medium of claim 15 (interpreted as claim 16),
The combination of Sheller-Li-Iashyn does not explicitly teach but Jakobsson in the same field of endeavor teaches:
wherein an intrusion signature is a string that is converted to a tuple that is a mathematical representation of (a) a checksum of the string (Jakobsson, discloses method for detecting and classification of malware through analysis of information collected from network devices, [Abstract]. And [0082] Based on the classification of the networked unit, given the tuple (completion, timing success, value success, checksum, time, success), and based on patterns observed in terms of environmental data; and based on such information associated with other networked units; the detection and classification unit will be able to further narrow down what the malware does), 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Jakobsson in the distributed use of machine learning model of Shaller-Li-Iashyn by detecting and classifying malware by using a tuple including checksum. This would have been obvious because the person having ordinary skill in the art would have been motivated to use tuple as malware characteristics to further narrow down what malware does (Jakobsson, [Abstract], [0082]). 
The combination of Sheller-Li-Iashyn-Jakobsson does not explicitly teach but Zhang in the same field of endeavor teaches:
 (b) a regular expression that selects the string, and (c) a class type of the string (Zhang, discloses method for computer attack threat evaluation, [Abstract]. And [Page 8, last paragraph] intrusion event, represented by the following five-tuple: E = {D, S, R, C, T}. each of the intrusion event has five attributes. wherein, D is the target address set, S is the source address set (i.e. regular expression), R is the requested service type set, C is an attack type set (i.e. class type) (herein defined by Snort attack type for example), T is the time mark set, intrusion event set is a set of intrusion events. each item in the set is an intrusion event); 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Zhang in the distributed use of machine learning model of Shaller-Li-Iashyn-Jakobsson by detecting and classifying malware by using a tuple including expression and class type. This would have been obvious because the person having ordinary skill in the art would have been motivated to use tuple as computer attack threat characteristics to make the threat value of intrusion event into one index that can be quantized (Zhang, [Abstract]).
Li further teaches: and wherein the intrusion signature distributions of each CNN are derived from the mathematical representation of the instruction signatures derived from the incoming data packets (Li, [0033] Further, the convolutional neural network model detecting module, the trained convolutional neural network model comprises three convolution layer Convolution Layer and two pool layer Max Pooling Layer and two full-connection layer FullyConnected Layer; inputting the flow table feature vector, after the first layer convolution layer Convolution, extracting the more abstract high dimension characteristic; then performing batch standardization treatment to these features, making the model learn the distribution characteristic of the data).  

Claims 4-5, 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn-Jakobsson-Zhang, further in view of Palisse et al (US20200342104A1, hereinafter, “Palisse”).
Regarding claim 4, similarly claim 12, Sheller-Li-Iashyn-Jakobsson-Zhang combination teaches:
The method of claim 3, The SDDC of claim 10 (interpreted as claim 11),
The combination of Sheller-Li-Iashyn-Jakobsson-Zhang does not explicitly teach but Palisse in the similar field of endeavor teaches:
wherein the mathematical representation of the checksum is a logarithm of a checksum (Palisse, [0151] A log likelihood test of the n-tuple of events (x.sub.1, . . . , x.sub.n) according to the probability law Q compared to the probability law P then comprises the calculation of the logarithm of the result of the likelihood test of n-tuple of events (x.sub.1, . . . , x.sub.n) according to the probability law Q compared to the probability law P).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Palisse in the distributed use of machine learning model of Shaller-Li-Iashyn-Jakobsson-Zhang by calculation of logarithm of n-tuple events for comparison of probability. This would have been obvious because the person having ordinary skill in the art would have been motivated to perform the same calculation as suggested by Palisse (Palisse, [Abstract], [0147]) on checksum for a log likelihood test.

Regarding claim 5, similarly claim 13, Sheller-Li-Iashyn-Jakobsson-Zhang combination teaches:
The method of claim 3, the SDDC of claim 10 (interpreted as claim 11),
The combination of Sheller-Li-Iashyn-Jakobsson-Zhang does not explicitly teach but Palisse in the similar field of endeavor teaches:
wherein the mathematical representation of the regular expression is a logarithm of a hash of the regular expression (Palisse, [0151] A log likelihood test of the n-tuple of events (x.sub.1, . . . , x.sub.n) according to the probability law Q compared to the probability law P then comprises the calculation of the logarithm of the result of the likelihood test of n-tuple of events (x.sub.1, . . . , x.sub.n) according to the probability law Q compared to the probability law P).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Palisse in the distributed use of machine learning model of Shaller-Li-Iashyn-Jakobsson-Zhang by calculation of logarithm of n-tuple events for comparison of probability. This would have been obvious because the person having ordinary skill in the art would have been motivated to perform the same calculation as suggested by Palisse (Palisse, [Abstract], [0147]) on a hash for a log likelihood test. 

Claims 6, 14 are rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn-Jakobsson-Zhang, further in view of Ghanea-Hercock (US20040255157A1, hereinafter, “GH”).
Regarding claim 6, similarly claim 14, Sheller-Li-Iashyn-Jakobsson-Zhang combination teaches:
The method of claim 3, the SDDC of claim 10 (interpreted as claim 11),
The combination of Sheller-Li-Iashyn-Jakobsson-Zhang does not explicitly teach but GH in the same field of endeavor teaches:
wherein the mathematical representation of the regular expression is a mapping of the class type to an integer (GH, [Abstract] A computer security system uses a plurality of co-operating software agents (14) to protect a network against attack. Individual agents (14) at each node (10) of the network co-operatively act to detect attacks and to share attack signatures. And [0077] An integer representation was selected as this maps into the large number of agent classes being operated on).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of GH in the distributed use of machine learning model of Shaller-Li-Iashyn-Jakobsson-Zhang by using integer to represent and map to agent classes. This would have been obvious because the person having ordinary skill in the art would have been motivated to use integer to map to software agent classes and allows a plurality of co-operating software agents to protect a network against attack with Individual agents at each node of the network co-operatively act to detect attacks and to share attack signatures and solutions via a message exchange (GH, [Abstract], [0001]). 

Claims 7, 15, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn, further in view of Zhang et al (US20210216857A1, hereinafter, “Zhang2”).
Regarding claim 7, similarly claim 15, claim 20, Sheller-Li-Iashyn combination teaches:
The method of claim 1, the SDDC of claim 8 (interpreted as claim 9), the non-transitory computer-readable medium of claim 15 (interpreted as claim 16),
wherein each CNN is characterized by a gradient descent function (Sheller, [0021] The example aggregator device 110 accesses the results provided by the edge devices 130, 137. In some examples, the model updates are aggregated as they arrive at the aggregator device 110 (e.g., in a streaming average). In some examples, Byzantine Gradient Descent is used to exclude extreme model update results. And [0063] the model updates are aggregated as they arrive at the aggregator device 110 (e.g., in a streaming average). In some examples, Byzantine Gradient Descent is used to exclude extreme model update results); 
The combination of Sheller-Li-Iashyn does not explicitly teach but Zhang2 in the same field of endeavor teaches:
and wherein transferring knowledge derived from training of each of the CNNs to the GANN includes optimizing parameters of the GANN using the gradient descent function of each CNN (Zhang2, discloses training an augmented discriminator and a generator of adversarial network, [Abstract]. And [0084] For example, it may be envisioned that assessment unit 180 determines the value of a loss function 
    PNG
    media_image1.png
    38
    29
    media_image1.png
    Greyscale
 depending on output signals y and desired output signals ys. Modification unit 160 may then compute updated parameters θ′ using, e.g., stochastic gradient descent to optimize the loss function 
    PNG
    media_image1.png
    38
    29
    media_image1.png
    Greyscale
 ). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Zhang2 in the distributed use of machine learning model of Shaller-Li-Iashyn by optimizing loss function using stochastic gradient descent to update parameters. This would have been obvious because the person having ordinary skill in the art would have been motivated to use gradient descent function to optimize parameters for improved training of discriminator (Zhang2, [Abstract], [0084]). 

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn-Zhang2, further in view of Lu et al (CN110889509A, hereinafter, “Lu”).
Regarding claim 8, Sheller-Li-Iashyn-Zhang2 combination teaches:
The method of claim 7, 
The combination of Sheller-Li-Iashyn-Zhang2 does not explicitly teach but Lu in the same field of endeavor teaches:
optimizing parameters of the GANN using the gradient descent function of each CNN includes aggregating the gradient descent functions from the CNNs (Lu, [Abstract] embedding the same machine learning model on each edge node. and executing momentum gradient descent algorithm to obtain model parameter and parameter of each time the current aggregation interval in the current aggregated interval; polymerizing these model parameters to obtain the global model parameters by the central server, the central server polymerizing these parameter to obtain the global parameter, the loss function value of the global model parameters in the current aggregated section into the loss function formula to obtain the loss function value with a polymerization zone to obtain a comparison of obtaining the global model parameter optimization,…).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Lu in the distributed use of machine learning model of Shaller-Li-Iashyn-Zhang2 by combining learning method based on gradient descent algorithm. This would have been obvious because the person having ordinary skill in the art would have been motivated to obtain global model parameters optimized with faster convergence (Lu, [Abstract]).

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Sheller-Li-Iashyn-Jakobsson-Zhang, further in view of Palisse et al (US20200342104A1, hereinafter, “Palisse”) and Ghanea-Hercock (US20040255157A1, hereinafter, “GH”).
Regarding claim 19, Sheller-Li-Iashyn-Jakobsson-Zhang combination teaches:
The non-transitory computer-readable medium of claim 17 (interpreted as claim 18), 
The combination of Sheller-Li-Iashyn-Jakobsson-Zhang does not explicitly teach but Palisse in the similar field of endeavor teaches:
wherein the mathematical representation of the checksum is a logarithm of a checksum (Palisse, [0151] A log likelihood test of the n-tuple of events (x.sub.1, . . . , x.sub.n) according to the probability law Q compared to the probability law P then comprises the calculation of the logarithm of the result of the likelihood test of n-tuple of events (x.sub.1, . . . , x.sub.n) according to the probability law Q compared to the probability law P); wherein the mathematical representation of the regular expression is a logarithm of a hash of the regular expression (Palisse, it is obvious to one ordinary skilled that natural log applied to checksum can also apply to a hash of the regular expression); 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Palisse in the distributed use of machine learning model of Shaller-Li-Iashyn-Jakobsson-Zhang by calculation of logarithm of n-tuple events for comparison of probability. This would have been obvious because the person having ordinary skill in the art would have been motivated to perform the same calculation as suggested by Palisse (Palisse, [Abstract], [0147]) on checksum or hash for a log likelihood test.
The combination of Sheller-Li-Iashyn-Jakobsson-Zhang-Palisse does not explicitly teach but GH in the same field of endeavor teaches:
and wherein the mathematical representation of the regular expression is a mapping of the class type to an integer (GH, [Abstract] A computer security system uses a plurality of co-operating software agents (14) to protect a network against attack. Individual agents (14) at each node (10) of the network co-operatively act to detect attacks and to share attack signatures. And [0077] An integer representation was selected as this maps into the large number of agent classes being operated on).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of GH in the distributed use of machine learning model of Shaller-Li-Iashyn-Jakobsson-Zhang-Palisse by using integer to represent and map to agent classes. This would have been obvious because the person having ordinary skill in the art would have been motivated to use integer to map to software agent classes and allows a plurality of co-operating software agents to protect a network against attack with Individual agents at each node of the network co-operatively act to detect attacks and to share attack signatures and solutions via a message exchange (GH, [Abstract], [0001]). 

Citation of References
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Lev et al (US20190147343A1) discloses system and method for unsupervised anomaly detection using generative adversarial networks.
Vasudevan et al (US20210204152A1) disclosures system and method for traffic flow classification using machine learning.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975.  The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL M LEE/Examiner, Art Unit 2436