Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to the claims filed 7/02/2020.  Claims 1-20 are pending.  Claims 1 (a method), 9 (a machine), and 17 (a non-transitory CRM) are independent.

	Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) a mental process, MPEP 2106.04(a)(2)(III).  The claims, directed to a method of determining comparable entries between two disparate databases is performable in the human mind. This judicial exception is not integrated into a practical application because none of the factors indicative of a practical application listed in MPEP 2106.04(d) apply. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because none of the factors indicative of significantly more in MPEP 2106.05(I)(A) apply.  Further, independent claims 9 and 17 merely “apply” the method to a machine by stating a machine performs the steps and does not constitute significantly more for the reasons detailed in MPEP 2106.05(I)(A)(second iv heading).


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1, 2, 6-10, and 14-20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Bellis et al., US 2020/0110885 (filed 2017-04).
	As to claims 1, 9 and 17, Bellis discloses a method/machine/CRM comprising:
(regarding the machine/CRM of claims 9 and 17, see Bellis Figure 4 and associated description)
determining a set of one or more processed words based on applying text classification to one or more names associated with a product, (“the normalization process may be used to prepare set(s) of metadata 112 for use with query generation logic 120. More specifically, the normalization process may involve extracting, parsing, categorizing, serializing, and/or flattening textual elements included in set(s) of metadata 112.” Bellis ¶ 49. “query generation logic 120 may retrieve the normalized metadata from storage system(s) 104; extract the textual elements “Microsoft”, “Word”, and “2016” from the normalized metadata; tokenize the textual elements; and generate and/or select a query to search for stored data that includes the tokens “Microsoft”, “Word”, and “2016”.” Bellis ¶ 60) wherein the text classification is based on analyzing a database of names associated with a plurality of products; (“vulnerability assessment server system 102 may include metadata processing logic 118 to perform a normalization process on set(s) of metadata 112.” Bellis ¶ 48.  The database of names being the input data to be parsed. See Applicant’s ¶ 60)
determining similarity scores (“searching for a particular token in some unstructured data, such as portions of CVE data, may involve computing similarity scores.” Bellis ¶¶ 66-67) between the set of one or more processed words and names associated with one or more known vulnerabilities (“At block 304, the vulnerability assessment server determines one or more vulnerabilities of the program. This determination may be based on searching for at least the program name in one or more storage systems that maintain sets of vulnerability data.” Bellis ¶ 99) maintained in a database of known vulnerabilities in products; and (“vulnerability data, such as Common Vulnerabilities and Exposures (CVE) data that can be referenced using a standardized program identifier, such as a Common Platform Enumeration (CPE) identifier.” Bellis ¶ 33)
performing equivalence mapping between the one or more names associated with the product and the one or more known vulnerabilities, (“At block 304, the vulnerability assessment server determines one or more vulnerabilities of the program. This determination may be based on searching for at least the program name in one or more storage systems that maintain sets of vulnerability data.” Bellis ¶ 99) based on the similarity scores. (“searching for a particular token in some unstructured data, such as portions of CVE data, may involve computing similarity scores.” Bellis ¶¶ 66-67)

As to claims 2, 10, and 18, Bellis discloses the method/machine/CRM of claims 1, 9, and 17 and further discloses:
wherein the names associated with the plurality of products are based on a first naming convention (“vulnerability assessment server system 102 may include metadata processing logic 118 to perform a normalization process on set(s) of metadata 112.” Bellis ¶ 48. The metadata database.) and the names associated with the one or more known vulnerabilities are defined using a second naming convention, the first naming convention being different from the second naming convention. (“searching for a particular token in some unstructured data, such as portions of CVE data, may involve computing similarity scores.” Bellis ¶¶ 66-67)

As to claims 6 and 14, Bellis discloses the method/machine of claims 1 and 9 and further discloses:	
wherein analyzing the database of names associated with the plurality of products comprises: associating weights with words in the database of names associated with the plurality of products comprises.
(“The feedback may indicate how to construct queries such that false positives and/or false negatives are minimized, such as by using particular query parameters and/or weighting query parameters in a particular manner. For example, the feedback may indicate that a query for the program MICROSOFT WORD 2016 should include multiple filters: a query parameter that searches for the tokens “Microsoft”, “Word”, and “2016” separately and with more weighting on “2016”” Bellis ¶ 61. Note also Bellis ¶¶ 90 and 91)

As to claims 7, 15, and 19, Bellis discloses the method/machine/CRM of claims 1, 9, and 17 and further discloses:
determining word distances (“a similarity score may be based on a cosine distance between tokens” Bellis ¶ 67. “One or more distance calculations may be performed between query vector 204 and one or more queryable vectors.” Bellis ¶ 92) between the set of one or more processed words (“Query generation logic 120 may construct query vector 204 to include a vendor name, a program name, and/or a version identifier as one or more tokens” Bellis ¶ 91) and names associated with one or more known vulnerabilities maintained in a database of known vulnerabilities. (“Tokenized vulnerability data may be stored in queryable vector 200 as one or more tokens, such as token 202.” Bellis ¶ 90).


As to claims 8, 16, and 20, Bellis discloses the method/machine/CRM of claims 1, 9, and 17 and further discloses:
determining a set of potential matches between the one or more names associated with the product and the one or more known vulnerabilities, based on the similarity scores; (“A similarity score may be computed to indicate a degree of similarity between tokens, and a “match” condition may be determined when a predetermined threshold is exceeded. For example, a similarity score may be based on a cosine distance between tokens.” Bellis ¶ 67)
determining precise scores for the set of potential matches; and identifying a subset of potential matches from the set of potential matches, the subset of potential matches having precise scores greater than a predetermined threshold. (“pattern matching logic 122 may be refined via supervised machine learning…. This may be achieved based on adjusting a threshold distance score that establishes a minimum distance score needed to avoid classification as a false positive.” Bellis ¶ 92. “the third vector may be a modified version of query vector 204 that includes the tokens “before” and “43.0.2” and that specifies the tokens should be adjacent to each other. Additionally or alternatively, the modified version of query vector 204 may weight tokens differently. The query generation process may be refined based on feedback regarding accuracy of correlating the program name to the one or more vulnerabilities.” Bellis ¶ 103. “Precise scores” based on adjusted thresholds, weights, and machine learning.)

	


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 3-4 and 11-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bellis et al., US 2020/0110885 (filed 2017-04), in view of Bridges et al., “Automatic Labeling for Entity Extraction in Cyber Security” (published 2014).


As to claims 3 and 11, Bellis discloses the method/machine of claims 1 and 9 but does not disclose:
wherein analyzing the database of names associated with the plurality of products comprises: 
splitting one or more complex words into component word units based on performing word boundary detection on the database of names associated with the plurality of products.

Bridges discloses:
wherein analyzing the database of names associated with the plurality of products comprises: 
splitting one or more complex words into component word units based on performing word boundary detection on the database of names associated with the plurality of products. (“Because many multi-word names are commonplace, standard IOB-tagging is used; specifically, the first word of an identified entity name is labeled with a “B” (for “beginning”) followed by the entity type, and any word in an entity name besides the first is tagged with an “I” (for “inside”) followed by the entity name. Unidentifiedwords are labeled as “O”. An example of an automatically labeled NVD description is given in Figure 1.” Bridges § III.2. Note Figures 1-2.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Bellis with Bridges by utilizing the text parsing system of Bridges to identify term words in the input text of the metadata.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Bellis with Bridges in order to provide domain specific labeling for annotating metadata, thereby providing an improved machine learning labeling system, See Bridges § III.1.

As to claims 4 and 12, Bellis discloses the method/machine of claims 1 and 9 and further discloses:
wherein analyzing the database of names associated with the plurality of products comprises: canonicalizing at least a subset of words in the database of names associated with the plurality of products, (“comparing textual elements to lists of known vendors, programs, and/or version identifiers stored in storage system(s) 104.” Bellis ¶¶ 50-58)

Bellis does not disclose: based on identifying variations for the subset of names in the database of names associated with the plurality of products.

Bellis discloses: based on identifying variations for the subset of names in the database of names associated with the plurality of products.
(“Database Matching. Any string in the text that exactly matches an entry of the database record is labeled with a generalization of the name of the database field. …. Heuristic Rules. A variety of heuristic rules are used for identifying entities in text that are not direct matches of database fields.” Bridges § 2. “the overall goal is to train a classifier that can apply domain-appropriate labels to a wider class of documents including news articles, security blogs, and tweets.” Bridges § V)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Bellis with Bridges by utilizing the text parsing system of Bridges to identify term words in the input text of the metadata.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Bellis with Bridges in order to provide domain specific labeling for annotating metadata, thereby providing an improved machine learning labeling system, See Bridges § 1.

Claim(s) 5 and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Bellis et al., US 2020/0110885 (filed 2017-04), in view of Cai et al., US 2019/0347282 (filed 2019-05).
As to claims 5 and 13, Bellis discloses the method/machine of claims 1 and 9 but does not disclose:
wherein analyzing the database of names associated with the plurality of products comprises: 
identifying stop words in the database of names associated with the plurality of products.

Cai discloses:
wherein analyzing the database of names associated with the plurality of products comprises: 
identifying stop words in the database of names associated with the plurality of products. (“The natural language processor 120 can include instructions or scripts which can include a text similarity process 602 (e.g., Term Frequency and Cosine Similarity) that can involve the following operations: Concatenate Title and Description of new incident ticket; Remove stop words from the title/description; Performs Term Frequency Inverse Document Frequency on Knowledge base 608 (of data storage 110) new Incident with ngram range (1,3)” Cai ¶ 164)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Bellis with Cai by removing “stop words” from the input metadata.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine Bellis with Cai in order to remove “low value words” from input text during natural language processing (Cai ¶ 170), thereby allowing the matching system to focus on more relevant terms in the metadata of Bellis.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Hartsook et al., US 9,304,980 discloses vulnerability determination using textual matching.
Cruz et al., US 2021/0152588, discloses a vulnerability management system scoring textual matches.
Martin, US 10762214, discloses performing text matching between local binaries and the NVD database using fuzzy matching and string matching.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165. The examiner can normally be reached M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL W CHAO/Examiner, Art Unit 2492