DETAILED ACTION
Claims 1-15 are pending in this action.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 5/5/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement has been considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-11 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claims do not fall within at least one of the four categories of patent eligible subject matter because the system comprises “network functions” which has been defined in the specification as possibly comprising solely software. This is considered software per se under the MPEP and is explicitly defined as not statutory subject matter. See MPEP 2106.03.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1-3, 6, 8, 10 and 12-15 are rejected under 35 U.S.C. 102(a)(1) and (a)(2) as being anticipated by Teeple et al. (US PGPUB No. 2016/0308898) [hereinafter “Teeple”].

As per claim 1, Teeple teaches a 4G or 5G core network system ([0028], 4G wireless network), comprising: a plurality of network functions in a 4G or 5G core network (Claim interpretation - “function” is defined to be any entity/module whether hardware/software that provides a network function see instant application at [0131]) ([0007], monitoring all traffic in a network including traffic between network servers) which includes ([0025] and [0029], all logical functions in the network elements including communication control and related services); wherein the network functions are configured to communicate with each other using data packets (Abstract, traffic in network using data packets); and at least one deep packet inspection (DPI) engine which is configured to process the data packets and to analyze a protocol stack of said data packets in order to detect security-relevant activities in the 4G or 5G core network (Abstract, determining security threats based on deep packet inspection).

As per claim 2, Teeple teaches the system according to claim 1, wherein the at least one DPI engine is configured to detect, as said security-relevant activities, unwanted intrusions in the 4G or 5G core network ([0042] and [0047], detecting attacker intrusion into network which includes 4G see [0028]).

As per claim 3, Teeple teaches the system according to claim 2, wherein the system is configured to block said unwanted intrusions ([0074], active defense including remediation and blocking capabilities).

As per claim 6, Teeple teaches the system according to claim 1, wherein the system comprises two or more of the DPI engines (Abstract, [0048] and [0059], DPI includes monitors and analytic servers that can be implemented across multiple servers); wherein at least two of the plurality of network functions comprise a respective one of the two or more DPI engines [0059], multiple cyber-intelligence analytics servers with DPI functionality, communicating across network).

As per claim 8, Teeple teaches the system according to claim 1, wherein at least one of the plurality of network functions does not comprise a DPI engine ([0057], routers and firewalls may include monitors/sensors performing DPI or may not, see also [0008] and [0048], with other DPI functionality implemented in servers in the enterprise see Fig. 4 and [0059]).

As per claim 10, Teeple teaches the system according to claim 1, wherein the at least one DPI engine is configured to analyze the entire protocol stack of the data packets in order to detect the security-relevant activities ([0048], analyzing full protocol stack of packet including multiple headers.

As per claim 12, the substance of the claimed invention is identical to that of claim 1. Accordingly, this claim is rejected under the same rationale.

As per claim 13, the substance of the claimed invention is identical to that of claim 2. Accordingly, this claim is rejected under the same rationale.

As per claim 14, the substance of the claimed invention is identical to that of claim 3. Accordingly, this claim is rejected under the same rationale.

As per claim 15, Teeple teaches the of the method according to claim 12 for intrusion detection in a 4G or 5G core network ([0042] and [0047], detecting attacker intrusion into network which includes 4G see [0028]).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 4 and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Teeple in view of Hazay et al. (US PGPUB No. 2020/0220814) [hereinafter “Hazay”].

As per claim 4, Teeple teaches the system according to claim 1.
Teeple does not explicitly teach a service communication proxy which is configured to mediate the communication between the network functions. Hazay teaches a service communication proxy which is configured to mediate the communication between the network functions (Abstract and [0006], mediating communications from and to network functions residing on network elements like routers by a cloud-based proxy).
	At the time of filing, it would have been obvious to one of ordinary skill in the art to combine Teeple with the teachings of Hazay, a service communication proxy which is configured to mediate the communication between the network functions, to provide DPI inspection in all types of network components in a 4g or 5g core network.

As per claim 5, the combination of Teeple and Hazay teaches the system according to claim 4, wherein the service communication proxy comprises one of the at least one DPI engines (Hazay; [0006], DPI deployed as an network function application in a network element like the described cloud-based proxy) see also (Teeple; Abstract, [0019] and Fig. 4, where monitors can be deployed in any endpoint including firewalls, routers and access points see [0020]).

Claims 7 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Teeple in view of Thakkar et al. (US PGPUB No. 2021/0132981) [hereinafter “Thakkar”].

As per claim 7, Teeple teaches the system according to claim 6.
Teeple does not explicitly teach wherein the at least two of the plurality of network functions are associated with the control plane of the 4G or 5G core network. Thakkar teaches wherein the at least two of the plurality of network functions are associated with the control plane of the 4G or 5G core network ([0036], API exposing functionality of local control plane in the 5g network see [0026]). 
	At the time of filing, it would have been obvious to one of ordinary skill in the art to combine Teeple with the teachings of Thakkar, wherein the at least two of the plurality of network functions are associated with the control plane of the 4G or 5G core network, to provide DPI inspection in all network communications in a 4g or 5g core network.

As per claim 11, Teeple teaches the system according to claim 1.
Teeple teaches wherein the network functions are virtual network functions in the 4G or 5G core network. Thakkar teaches wherein the network functions are virtual network functions in the 4G or 5G core network (Abstract, communications in a 5g network between virtual network functions see [0026]).
At the time of filing, it would have been obvious to one of ordinary skill in the art to combine Teeple with the teachings of Thakkar, wherein the network functions are virtual network functions in the 4G or 5G core network, to provide DPI inspection in all network communications in a 4g or 5g core network including virtualized functions.

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Teeple in view of Mishra et al. (WO-2020146328-A1) [hereinafter “Mishra”].

As per claim 9, Teeple teaches the system according to claim 1, wherein the system further comprises a network component which comprises one of the at least one DPI engines ([0079], analysis and threat databases with connected sensors to determine threats).
Teeple does not explicitly teach network repository function module. Mishra teaches network repository function module (Fig. 1 and Page 2 para. 1, network repository function module can register any other NF which includes DPI inspection see Page 2 para. 3).
	At the time of filing, it would have been obvious to one of ordinary skill in the art to combine Teeple with the teachings of Mishra, network repository function module, to provide the DPI inspection taught in Teeple in all types of network components in a 4g or 5g core network. This combination would be easily implemented since Teeple envisions monitors and sensors being provided in all types of network components see Teeple at Abstract and [0008].

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Suthar et al. (US Patent No. 10,361,843) discloses virtual network functions including a repository function entity. Hearn et al. (US PGPUB No. 2017/0134403) discloses monitoring malicious activity between network functions using DPI. Dowlatkhah et al. (US Patent No. 10,070,344) managing virtual network function in network slices and monitoring for a condition. Kim et al. ("A Scalable Carrier-Grade DPI System Architecture Using Synchronization of Flow Information," in IEEE Journal on Selected Areas in Communications, vol. 32, no. 10, pp. 1834-1848, Oct. 2014, doi: 10.1109/JSAC.2014.2358836), Li et al. ("5GC Network and MEC UPF Data Collection Scheme Research," 2021 International Conference on Information and Communication Technologies for Disaster Management (ICT-DM), 2021, pp. 80-85, doi: 10.1109/ICT-DM52643.2021.9664122), Pérez et al. ("Dynamic Reconfiguration in 5G Mobile Networks to Proactively Detect and Mitigate Botnets," in IEEE Internet Computing, vol. 21, no. 5, pp. 28-36, 2017, doi: 10.1109/MIC.2017.3481345), Araújo et al ("Accelerating VNF-based Deep Packet Inspection with the use of GPUs," 2018 20th International Conference on Transparent Optical Networks (ICTON), 2018, pp. 1-4, doi: 10.1109/ICTON.2018.8473638) and Radivilova et al. ("Analysis of Approaches of Monitoring, Intrusion Detection and Identification of Network Attacks," 2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T), 2020, pp. 819-822, doi: 10.1109/PICST51311.2020.9467973) all generally discuss the state of art for deep packet inspection in the context of network functions and potential intrusion detection.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to PETER C SHAW whose telephone number is (571)270-7179. The examiner can normally be reached Max Flex.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/PETER C SHAW/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        November 9, 2022