DETAILED ACTION

Response to Arguments
Applicant's arguments (“REMARKS”) filed on July 10, 2022 have been fully considered but they are not persuasive.
Claims 1-20 are currently pending. Claim 20 was amended.

Re: Double Patenting Rejection
Applicant argues on pg. 8 that the claims 1-20 of the current invention is distinct from the claims of the conflicting patent. However, the Examiner respectfully disagrees. Applicant fails to provide further supporting arguments as to why there is a distinction between the claims. Therefore, the double patenting rejection is maintained.

Re: 35 U.S.C. §101 Rejection
Applicant argues on pg. 9 that “a person of skill will have no reason to interpret the term ‘server’ as software only.” However, the Examiner respectfully disagrees. The generally accepted definition of a “server” in the art is software or a hardware device. See the currently cited non-patent document U (Wikipedia): “In computing, a server is a computer program or a device that provides functionality for other programs or devices…” Servers are software programs executing as a process on any computing device. The claimed “server” refers to the software processes themselves, and not the directly to a computing device executing the software. Therefore, the claims can be interpreted as being directed to the underlying server software programs of a system. For example, a virtual machine is capable of running software to act as a web server (e.g. see ¶0003 of US 2011/0023031 – a physical server can be transformed into multiple virtual servers). Software per se is not patentable eligible subject matter.
Furthermore, Applicant argues that the “advertising server that employs RTB” is a term that is well-known and refers to a physical computing device. However, the Examiner respectfully disagrees. Applicant fails to provide any evidence to support this as a well-known term. As stated earlier by the Examiner, servers can be interpreted as software if none of the physical structure is described. In order for the current claim to be patent eligible under 101, the hardware composition of the server needs to be explicitly recited, or the term “server” needs to be defined as hardware only in the specifications.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-17 of US Patent No. 10,678,923. Although the claims at issue are not identical, they are not patentably distinct from each other because claims 1-17 of the conflicting patent contains every element of claims 1-20 of the instant application and thus anticipates the claims of the instant application. Therefore, claims 1-20 of the instant application are not patentably distinct from the earlier patent claims and is unpatentable over obvious-type double patenting. “A later patent claim is not patentably distinct from an earlier claim if the later claim is anticipated by the earlier claim. In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus)." ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).
For example, see the following comparison table between two non-distinct method claims:
Instant application (16/895,393)
Conflicting patent (10,678,923)
1. A method comprising, at an advertising server that employs RTB (Real-Time Bidding): 
1. A method comprising: at an advertising server that employs RTB (Real-Time Bidding): 
(from dependent claim 2): prior to (i): at the advertising server: adding the tracking code to advertisements served by the advertising server, wherein the tracking code is configured to cause web browsers displaying the served advertisements to transmit contents of the advertisements to a security server; and at the security server: receiving the contents of the advertisements from web browsers that displayed the served advertisements, scanning the contents of the advertisements to detect presence of malicious code, and storing results of the scanning in the database, wherein the database is maintained at the advertising server, at the security server, or at a different server.
adding tracking code to advertisements served by the advertising server, wherein the tracking code is configured to cause web browsers displaying the served advertisements to transmit contents of the advertisements to a security server; at the security server: receiving the contents of the advertisements from web browsers that displayed the served advertisements, scanning the contents of the advertisements to detect presence of malicious code, and storing results of the scanning in a database maintained at the advertising server, at the security server, or at a different server; at the advertising server:
(i) prior to serving a new advertisement that has won an RTB process, querying a database for scanning results associated with the new advertisement, to determine if the new advertisement: (a) has been scanned in the past, and includes malicious code, (b) has been scanned in the past, and is devoid of malicious code, or (c) has not been scanned in the past;
prior to serving a new advertisement that has won an RTB process, querying the database for scanning results associated with the new advertisement, to determine if the new advertisement: (a) has been scanned in the past, and includes malicious code, (b) has been scanned in the past, and is devoid of malicious code, or (c) has not been scanned in the past,
(ii) when the new advertisement has been determined to include malicious code, preventing a serving of the new advertisement;
when the new advertisement has been determined to include malicious code, preventing a serving of the new advertisement,
(iii) when the new advertisement has been determined to be devoid of malicious code, allowing a serving the new advertisement;
when the new advertisement has been determined to be devoid of malicious code, allowing a serving the new advertisement,
and (iv) when the new advertisement has been determined to not having been scanned in the past, adding tracking code to the new advertisement and serving the new advertisement with the added tracking code, such that contents of the new advertisement are scanned.
when the new advertisement has been determined to not having been scanned in the past, adding the tracking code to the new advertisement and serving the new advertisement with the added tracking code, such that contents of the new advertisement are scanned by the security server.


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 10-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claims do not fall within at least one of the four categories of patent eligible subject matter because independent claim 10 is directed to a “system” that only comprises an “advertising server”. A server can be virtualized or implemented as a program under broadest reasonable interpretation. Therefore, the claim can be interpreted as software per se. Software is not a category of patent eligible subject matter.
Dependent claims 11-18 are similarly rejected as claim 10. For example, claim 11 further recites a “security server” to the “system”. The same reasoning above for claim 10 is also applicable to the “security server”.

Allowable Subject Matter
Claims 1-20 would be allowable if rewritten or amended to overcome the rejections under 35 U.S.C. 101 and the double patenting rejection set forth in this Office action.

The following is a statement of reasons for the indication of allowable subject matter:

Overview
The claimed invention is directed to protecting a user’s computer from malicious online advertisements (“ads”) served by online advertising networks or online advertising exchanges in real-time bidding. Real-time bidding (“RTB”) digital advertising is an emerging market that enables the highest bidders to place their ads on publishers’ websites. RTB automates the process for advertisers to find the right audiences for their products through a per impression methodology in contrast to static bidding, which uses a set number of impressions. See Y. Yuan et al. “A Survey on Real Time Bidding Advertising” (2014) for a general background of RTB.
In the claimed invention, a tracking code is added to an ad by an advertising server before serving the ad to the user’s web browser. However, prior to serving the ad, the contents of the ad are scanned for malicious code. If no malicious code is present, the ad is served; if malicious code is present, the ad is not served; and if the ad has not been scanned in the past and is an unknown, a tracking code is added to the ad. The tracking code is executed when the ad is displayed on the user’s web browser, which enables scanning of the ad’s content by a security server. Thereby, this configuration enables a computationally-efficient system of detecting malicious ads in an online advertising system using RTB.

Prior Art
Methods and systems for detecting malicious online advertisements are common and well-established throughout the field. The following are some of the relevant prior arts to the claimed invention:
U.S. 2011/0219448: Discloses detecting malicious online ads using a gateway that included various filters, such as URL filters, anti-malware filters, etc.
U.S. 2016/0063572: Discloses a real-time bidding system that filters ads via a whitelist and a blacklist. However, the lists are based on advertisement insertion and placement rules more so than malicious content within ads themselves. 
U.S. 2014/0067538: Discloses a real-time bidding system for serving ads based on conflicts databases. For example, a conflict may be determined through a whitelist or a blacklist.
U.S. 2015/0371040: Discloses injecting an interception program via an advanced privilege of a mobile terminal system. The injected program monitors and intercepts notification bar messages that contain malicious ad content. In essence, the interception program is an ad-blocker.
U.S. 2016/0261623: Discloses techniques for detecting malware in content items. Content items include ads from a third-party provider displayed on a network page. The content items are analyzed in a virtual machine running a browser application.
U.S. 9,027,140: Discloses application malware filtering for advertising networks. A cloud service for an inline application malware filter is provided to scan content received from ad networks. The filtering includes comparing to apps in ads to previously analyzed apps, and if the app is not matched, there is an indicator that the app could be malware.
U.S. 2012/0296713: Discloses a validation method that intercepts outgoing calls placed by ad code and redirects the call to a server having certified third-party ads from a certified ad network. Potentially malicious ads are replaced by legitimate ads from the certified ad network.
U.S. 2011/0191853: Discloses managing malicious ads. When an ad poses no security threat in a non-active stage, the ad is introduced with security coding. If the ad does poses malicious characteristics, the threatening characteristics are removed and the security code is added. When the ad goes live (or active), the ad may be analyzed to check if the security code has been breached or modified, thereby increasing a security risk of the ad being malicious.
U.S. 8,516,590: Discloses crawling a page to detect malicious elements. The detection may be static or dynamic analysis, or a combination of both. One type of element includes advertisements.
U.S. 10,320,816: Discloses associating a browser ad with a unique identifier by a browser ad platform. When the browser ad is displayed on a user’s computer, the unique identifier is obtained and sent to a browser ad platform with a message. The message indicates that the user’s computer has determined the browser ad has been associated with malicious activity. The browser ad platform takes necessary security actions on the ad corresponding to the unique identifier.
Dwyer C, Kanguri A. Malvertising - A Rising Threat To The Online Ecosystem. Journal of Information Systems Applied Research. 2017 Dec 1; 10(3):29. Discloses a general overview to malicious advertisements in RTB (“malvertising”).
Review of the cited prior arts fail to disclose, teach, or reasonably suggest each and every element of the claimed invention. For example, the closest prior arts would be [8] and [10]. Both prior arts disclose the concept of adding “tracking code[s]” to ads but for different purposes and in via distinct manners. In [6], unknown content in ads are indicated as potentially malicious. However, [6] fails to further disclose using that indication (e.g. “tracking code”) in the same manner as recited in the claimed invention. Therefore, the claims contain subject matter that would be allowable over the prior arts.


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT B LEUNG whose telephone number is (571)270-1453. The examiner can normally be reached Mon - Thurs: 10am-7pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG KIM can be reached on 571-272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/ROBERT B LEUNG/Primary Examiner, Art Unit 2494                                                                                                                                                                                                        8-23-2022