Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Note: The terminal disclaimer filed on 08/10/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of any patent granted on Application Number 16/774,661 has been reviewed and is accepted. The terminal disclaimer has been recorded.

Response to Amendment
The Amendment filed on 08/10/2022 has been entered. Claims 1-5, 7-11 and 13-17 have been amended. Claims 19-20 have been added. Claims 1-20 are pending in this application.

Response to Argument
Applicant's arguments for the amendment filed on 08/10/2022 with respect to independent claims 1, 7 and 13 rejection under 35 U.S.C 103 have been fully considered and persuasive. The rejection has been withdrawn.

Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance:

The closest prior arts made of records are, Sanders et al. (U.S Pub No. 2016/0048683 A1, referred to as Sanders), in view of Armstrong et al. (U.S Pub No. 2006/0136720 A1, referred to as Armstrong).

Sanders discloses a system wherein a potential malware sample is received from a security device at a server associated with a security cloud service. The sample is executed in a sandbox environment on the server, including by monitoring interaction of the sample with an application program interface (API), provided by the sandbox environment, in order to obtain an API log. It is determined whether the sample is associated with a known malware family including by determining, based at least in part on the API log, if the sample created an executable file and if the sample registered the executable file in a run key. If it is determined that the sample is associated with a known malware family, then an alert is generated.

Armstrong discloses a security scheme for providing security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.
However, regarding claims 1, 7 and 13, the prior art of Sanders and Armstrong when taken in the context of the claim as a whole do not disclose nor suggest, “incrementing a counter based at least in part on identifying a match between the fingerprint [[to]] and a malware fingerprint of a plurality of malware fingerprints in a malware catalog; and based at least in part on a value of the counter breaching a within a threshold duration of time.”.

Claims 2-6 and 19-20 depend on claim 1, claims 8-12 depend on claim 7 and claims 14-18 depend on claim 13, and are of consequence allowed.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:  See PTO-892.  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN SAADOUN whose telephone number is (571)272-8408. The examiner can normally be reached Mon-Fri 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HASSAN SAADOUN/Examiner, Art Unit 2435

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435