Notice of Pre-AIA  or AIA  Status
Claims 1-28 remain for examination.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The amendment of 8/23/22 alleges that claims 1, 4, 15, and 28 were amended; however, Examiner determined that all indicated changes to the claims in the amendment of 8/23/22 were already present in the previous iteration of the claims as of 1/4/22; accordingly, the correct status of those claims is “Previously Presented”.  Consequently, Examiner observes that no claims have been amended, and all claims in the current amendment are identical to those presented in the amendment of 1/4/22.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 8/23/22 has been entered.

Response to Arguments
Applicant's arguments filed 8/23/22 have been fully considered but they are not persuasive. Regarding the Yoshigoe reference, Applicant argues:
Yoshigoe is cited as disclosing a system that seeks to inject synthetic packets into an JOT network traffic, wherein the synthetic packets imitate behavior of real devices in the network. In pertinent part, the Office cites to Yoshigoe for disclosing that a device identifier (e.g., IP address) can be associated with a device profile (e.g., door sensor), and that device profile can include a mean baseline packet interval (e.g., transmits every few seconds) in a table. Action at p. 6, citing Yoshigoe at p. 4, Col. 2, Table 1. However, these aspects of Yoshigoe disclose only measuring the traffic frequency for a given device, storing that parameter in a look-up table and injecting synthetic packets into the network at the prescribed frequency. Yoshigoe thus fails to disclose or suggest calculating a data transmission rate as a function of a portion of a device identification value, in accordance with the recitations of amended claim 1. Moreover, because Yoshigoe, at best, uses the device ID to select the measured/stored packet transmission rate, Yoshigoe fails to disclose or suggest that “generating the forged data traffic based on the calculated at least one of data transmission rate, number of destinations and data payload size adds an entropy factor to the data traffic from said communication device connected to the network,” as recited in amended claim 1.

In response, the Examiner notes that the claims do not exclusively require calculating the data transmission rate, but instead recite calculating at least one of the data transmission rate, a number of destinations, or the data payload size.  The data payload size was noted in the previous Office Action as also being taught by Yoshigoe (see page 6 of the Non-Final Rejection of 8/5/21, citing Yoshigoe at page 4, 2nd column of Table 1).  It is observed that Yoshigoe teaches that knowledge of inter alia the typical packet payload size for one’s IoT network can be beneficial for an attacker, for analyzing and targeting their attack (top of page 5: “If a hacker can grasp such traffic patterns by accessing and observing the network, he/she can guess presence or absence of in the home residence”). Consequently, Yoshigoe teaches, as a response, that one should not only encrypt one’s data via the use of a VPN, but also add padding to the packets, as doing so thwarts the ability of the hacker from usefully monitoring the traffic to and from one’s IoT hub (page 5, “IV Smart Home Privacy”, “A. Previously Implemented Solutions”, first paragraph).  Thus, upon further consideration, the Examiner concludes that adding padding to a data packet to ensure that it no longer has the previously calculated packet length of a data packet of its kind, thus obfuscating the true nature of said data packet [i.e. adding an entropy factor] still reads on the “generating forged data traffic for the communication device based on the calculated at least one of data transmission rate, number of destinations, and data payload size” limitation, as well as the related limitations of the other claims.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-28 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-31 of copending Application No. 16/184,152 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because they significantly overlap in scope.  By way of illustration, consider the following copending claims (emphasis Examiner’s):

Claims 1 & 3 of the instant application
Claim 1 of Application 16/684,152
1. A method for protecting data traffic from a communication device against fingerprinting or privacy leakage, the method comprising: 

receiving data traffic from a communication device connected to a network; 

parsing a device identification value for the communication device from the received data traffic; 

determining at least one of a data transmission rate based on a first portion of the device identification value, a number of destinations based on a second portion of the device identification value, and a data payload size based on a third portion of the device identification value; 

generating forged data traffic for the communication device based on the determined at least one of data transmission rate, number of destinations and data payload size; and 

transmitting the forged data traffic to an external communication device that is located outside the network, wherein the forged data traffic adds an entropy factor to the data traffic from said communication device connected to the network. 


3. The method in claim 1, further comprising:
 
analyzing the received data traffic to determine network activity or operational characteristics of the communication device; and
 
generating forged data traffic for the network based on the determined network activity or operational characteristic of the communication device. 


1. A method for protecting data traffic from a communication device against fingerprinting or privacy leakage, the method comprising: 

receiving data traffic from a communication device connected to a network; 

analyzing the received data traffic to determine network activity or operational characteristics of the communication device; 









generating forged data traffic for the network based on the determined network activity or operational characteristic of the communication device; and 

transmitting the forged data traffic to an external communication device that is located outside the network, wherein the forged data traffic adds an entropy factor to the data traffic from said communication device connected to the network. 



As can be seen above, the claims are significantly overlapping in scope, and the limitations specific to claim 1 of the ‘152 application are not only fully supported by the instant application, but in fact appear as limitations of dependent claim 3; thus, there is no reason why the claims of the ‘152 application could not have been presented in the instant application.  Independent claims 15 and 28 of the instant application are substantially similar to independent claims 16 and 31 of the ‘152 application and are similarly rejected as discussed supra.  Dependent claims 2-14 and 16-27 of the instant application are substantially similar to dependent claims 2-15 and 17-30 of the ‘152 application and are similarly rejected as discussed supra. 
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.

Claim Rejections - 35 USC § 102
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-4, 7-9, 12, 13, 15, 16, 19-22, 25, 26, & 28 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by “Overcoming Invasion of Privacy in Smart Home Environment with Synthetic Packet Injection” (from the IDS of 2/25/21; hereinafter, “Yoshigoe”).

Regarding claims 1, 15, and 28:
Yoshigoe discloses a method, system, and non-transitory computer readable storage medium for protecting data traffic from a communication device against fingerprinting or privacy leakage, the method comprising: receiving data traffic from a communication device connected to a network (pages 2-3, “B. Capturing Network Traffic of Smart Things”); parsing a device identification value for the communication device from the received data traffic (page 3, Ibid, noting that the techniques disclosed by the author(s) obtain inter alia the IP addresses identifying the particular Smart Home devices on the network;  see also page 5, “B. Synthetic Packet Injection Framework”, wherein the system disclosed by the author(s) maintains a profile of each device on the network for the purpose of being able to create synthetic [false] packets that mimic actual traffic that would be sent or received by said each device); calculating at least one of a data transmission rate based on a first portion of the device identification value (the Frequency of page 4, 2nd column, Table 1), a number of destinations based on a second portion of the device identification value, and a data payload size based on a third portion of the device identification value (the Length of page 4, 2nd column, Table 1); generating forged data traffic for the communication device based on the calculated at least one of data transmission rate, number of destinations and data payload size (page 5, “B. Synthetic Packet Injection Framework”); and transmitting the forged data traffic to an external communication device that is located outside the network, wherein generating the forged data traffic calculated at least one of data transmission rate, number of destinations, and payload size adds an entropy factor to the data traffic from said communication device connected to the network (Ibid; see also page 5, “C. Synthetic Packets Engine and VPN”, which confirms that fake packets can be sent to an external cloud server). 

Regarding claims 2 and 16:	Yoshigoe further discloses wherein the external communication device comprises an Internet Service Provider server (e.g. Figures 1, 2, and 12). 

Regarding claim 3:	Yoshigoe further discloses further comprising: analyzing the received data traffic to determine network activity or operational characteristics of the communication device (page 4, 2nd column, particularly Table 1 wherein operational characteristics of the devices such as the length and frequency of the packets generated are observed and recorded); and generating forged data traffic for the network based on the determined network activity or operational characteristic of the communication device (page 5, “B. Synthetic Packet Injection Framework”). 

Regarding claim 4:	Yoshigoe further discloses further comprising: scheduling transmission of the forged data traffic for the communication device based on the calculated at least one of data transmission rate, number of destinations and data payload size (Ibid). 

Regarding claims 7 and 20:	Yoshigoe further discloses further comprising encrypting the forged data traffic before transmitting the forged data traffic to the external communication device (page 5, “C. Synthetic Packets Engine and VPN”, particularly the first sentence thereof). 

Regarding claims 8 and 21:	Yoshigoe further discloses wherein the forged data traffic comprises encrypted data (Ibid). 

Regarding claims 9 and 22:	Yoshigoe further discloses 5, wherein the fabricated destination address comprises a website on the Internet (e.g. Amazon, as per page 3, 1st column, 1st paragraph). 

Regarding claims 12 and 25:	Yoshigoe further discloses wherein said communication device comprises an Internet-of-Things (IoT) device (the various SmartThings products being IoT devices as per page 1, “I. Introduction”). 

Regarding claims 13 and 26:	Yoshigoe further discloses wherein transmitting the forged data traffic to the external communication device comprises sending the forged data traffic through a virtual private network (VPN) tunnel (page 5, “C. Synthetic Packets Engine and VPN”). 

Regarding claim 19:
	Yoshigoe further discloses wherein the forged data traffic comprises at least one of a fabricated source address, fabricated destination address, and synthesized payload content data (synthesized payload content data including padding at page 5, “IV. Smart Home Privacy, A. Previously Implemented Solutions”, first paragraph; see also the flags that designate a packet as synthetic at page 6, “D. Interactive Synthetic Packet Engine”)

Claim Rejections - 35 USC § 103
Claims 5, 6, & 17-19 are rejected under 35 U.S.C. 102(a)(1) as anticipated by Yoshigoe or, in the alternative, under 35 U.S.C. 103 as obvious over Yoshigoe in view of “Closing the Blinds: Four Strategies for Protecting Smart Home Privacy from Network Observers” (from the IDS of 1/9/20; hereinafter, “Apthorpe”).
Claims 14 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Yoshigoe as applied to claims 1 & 26 above, and further in view of Apthorpe.

Regarding claims 5, 6, and 17-19:
	Yoshigoe further discloses using a VPN to encrypt and encapsulate traffic to protect one’s privacy (page 5, “IV. Smart Home Privacy, A. Previously Implemented Solutions”, first paragraph), which inter alia hides the source and destination addresses of the original traffic (Ibid: “This removes the ability for a hacker to monitor the source and destination addresses of packets coming from your network and specifically from your hub”). A person of ordinary skill in the cryptographic arts would recognize Yoshigoe’s recitation of employing a VPN to hide one’s traffic would inherently entail that the envelope packet containing the encrypted packet would have fabricated source and destination addresses instead of the actual addresses of the original packet.  Nevertheless, assuming arguendo that this were not inherently the case, Apthorpe confirms in a related disclosure pertaining to known methods to protect IoT traffic that not only is a VPN recommended for this purpose, but that doing so specifically alters the source address of the new packet to that of the home gateway router and the destination address to that of the VPN exit point instead of the IoT server (Apthorpe, page 4, “C. Tunneling traffic”, particularly the second paragraph).  It would have been obvious prior to the effective filing date of the instant invention to use a VPN that fabricates the source and destination addresses of the IoT traffic as the VPN explicitly disclosed by Yoshigoe, as VPNs were a well-known and long understood option within the grasp of a person of ordinary skill in the art to protect their network traffic from hackers (Yoshigoe, Ibid).

Regarding claims 14 and 27:	Although Yoshigoe discloses sending at least one forged data traffic stream through a VPN tunnel (page 5, “C. Synthetic Packets Engine and VPN”), it is unclear if this could be extended to embodiments comprising two or more separate VPN tunnels.  However, Apthorpe teaches in a related disclosure pertaining to known methods to protect IoT traffic that one could not only use VPNs to protect one’s smart home traffic, but that one could establish a single VPN creating multiple tunnels to service multiple smart homes (Apthorpe, page 4, “C. Tunneling traffic”, particularly the penultimate paragraph: “This problem could be addressed by having the VPN provider act as an endpoint for traffic from multiple smart homes”).  It would have been obvious prior to the effective filing date of the instant application to divide the forged data traffic into two or more forged data traffic streams; and send the forged data traffic streams through two or more virtual private network (VPN) tunnels, wherein the two or more forged data traffic streams include the received data from said communication device, as suggested by Apthorpe, as doing so would help protect the anonymity of the owners of said smart home devices (Apthorpe, Ibid). 

Claims 10, 11, 23, and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Yoshigoe as applied to claims 3 & 15 above, and further in view of “ProfilloT: A Machine Learning Approach for IoT Device Identification Based on Network Traffic Analysis” (from the IDS of 1/9/20; hereinafter, “Meidan”).

Regarding claims 10 and 23:	Yoshigoe is silent regarding training a machine learning model based on the analysis of the received data traffic. However, Meidan discloses a related invention for analyzing IoT traffic comprising the use of a machine learning model (e.g. page 507, “3.2 Model Training”).  It would have been obvious prior to the effective filing date of the instant application to train a machine learning model as disclosed by Meidan, to help identify the particular traffic that needs to be analyzed by the Yoshigoe disclosure, as doing so also provides the additional advantage of being able to detect unknown and unwanted IoT devices on one’s network and subsequently mitigate violations of operational policies (Meidan, page 509, “6. Conclusion”).

Regarding claims 11 and 24:	Yoshigoe further discloses an activity monitor arranged to analyze the received data traffic to determine network activity or operational characteristics of the communication device (page 4, 2nd column, particularly Table 1 wherein operational characteristics of the devices such as the length and frequency of the packets generated are observed and recorded), but is silent regarding updating a machine learning model based on the analysis of the received data traffic or the determined network activity or operational characteristics of said communication device.  However, Meidan discloses a related invention for analyzing IoT traffic comprising the use of a machine learning model (e.g. page 507, “3.2 Model Training”).  It would have been obvious prior to the effective filing date of the instant application to train a machine learning model as disclosed by Meidan, to help identify the particular traffic that needs to be analyzed by the Yoshigoe disclosure, as doing so also provides the additional advantage of being able to detect unknown and unwanted IoT devices on one’s network and subsequently mitigate violations of operational policies (Meidan, page 509, “6. Conclusion”).

Conclusion
All claims are either identical to or patentably indistinct from claims in the application prior to the entry of the submission under 37 CFR 1.114 (that is, restriction would not be proper) and all claims could have been finally rejected on the grounds and art of record in the next Office action if they had been entered in the application prior to entry under 37 CFR 1.114. Accordingly, THIS ACTION IS MADE FINAL even though it is a first action after the filing of a request for continued examination and the submission under 37 CFR 1.114.  See MPEP § 706.07(b). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THOMAS A GYORFI whose telephone number is (571)272-3849. The examiner can normally be reached 10:00am - 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

THOMAS A. GYORFI
Examiner
Art Unit 2435



/THOMAS A GYORFI/Examiner, Art Unit 2435                                                                                                                                                                                                        9/21/2022

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435