DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This is a reply to the request for Continued Examination (RCE) filed on 08/12/2022, in which Claim(s) 1-3 and 5-20 are presented for examination. Claim(s) 1, 7-8 and 12, 14 are amended. Claim(s) 4 is cancelled. No claim(s) are newly added.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 08/12/2022 has been entered.

Examiner’s Note
Claims 7 and 12 filed on 08/12/2022 are previously presented in the claims filed on 04/29/2022. Therefore, the status identifiers of claims 7 and 12 filed on 08/12/2022 should be (Previously presented) instead of (Currently amended).

Response to Argument
Claim Rejections - 35 U.S.C. § 102 and 35 U.S.C. § 103:
Applicants’ arguments, see pages 9-10, filed 08/12/2022, regarding the U.S.C. 102 and 103 rejections of Claims 1-20 have been fully considered but they are not persuasive.
Applicants argue that “As described in detail in paragraph [0023] of the published specification, the present claims recite an interface filter that "may be implemented between customer networks (such as between ISP networks), between a customer network and a backbone network, or between a customer network and a content distribution network, among other locations within a broader telecommunications network." Oguchi fails to describe such a filter. Instead, Oguchi discloses simply that prefix filters can be set using an interface, without disclosing or suggesting the use of an interface filter”. 
Applicant’s interpretation of the reference has been noted; however, examiner respectfully disagrees.  Applicant argues that “Oguchi fails to describe such a filter”. Instead of clearly define what is “such a filter”, applicant points to [0023] to explain where “an interface filter that may be implemented”. Besides, applicant agrees that “Oguchi discloses simply that prefix filters can be set using an interface”. Persons of ordinary skill in the art would understand that Oguchi teaches an interface filter as “prefix filters can be set using an interface”.
Applicants’ arguments with mere conclusory statement are not persuasive. Therefore, the rejection is maintained.

Applicant is encouraged to schedule an interview with the Examiner prior to the next communication to compact prosecution of the case.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-4, 6-9, 11-17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Alcala et al. (US 2009/0016236 A1) in view of Oguchi et al. (US 2007/0263548 A1).
Regarding Claims 1 and 8, Alcala discloses
obtaining, at a computing system, routing information for an autonomous system of a communications network, the routing information identifying Internet Protocol (IP) addresses associated with the autonomous system ([0042], “the sampling agents 114 generate datagrams or other units of data that include specified information obtained from the sampled packets. The sample packet data 119 generally includes at least the source IP address, destination IP address, port numbers, and protocol associated with the sampled packet. Some sampling standards, such as sFlow, also obtain autonomous system numbers associated with the sampled packet”, “each collector node 116 obtains a routing table 117 from the respective communication node 112”); 
in response to receiving the routing information, generating, at the computing system, a prefix list based on the routing information, the prefix list including one or more prefixes encompassing the IP addresses identified by the routing information ([0044], “The routing table 117 includes a list of networks (or prefixes) to which IP addresses belong that the collector node 116 correlates with destination IP addresses in the sample packet data 119. In addition to the destination IP prefixes of routes, the routing table includes AS numbers for all AS's in the route”); 
Alcala does not explicitly teach but Oguchi teaches
automatically transmitting, from the computing system to a network device of the communications network in response to generating the prefix list, instructions configured to cause the network device to update a filter function of the network device based on the prefix list such that the network device permits network traffic that originates from IP addresses within the one or more prefixes of the prefix list ([0085], “The router name indicates a name of the router for setting the prefix filters 19a to 19c”, [0146], “If the IGP router 10c has received the filter data (Yes at step S207), based on the filter data, the configuration defining unit 13 carries out setting and updation of the filter rules in the prefix filter table 12a and the packet filter table 12d”, [0070-0072], “The community control server 20 refers to the prefix management table 24c and specifies the prefixes that correspond to the community indicated by the recorded community name in the policy defining table 24a”, “The community control server 20 searches from the community defining table 24b, position data of the communication interface that corresponds to the community name, and carries out a process to set prefix filters 19a to 19c in the communication interface”, “For example, in the policy defining table 24a shown in FIG. 2, "Put 10:1 to 20:1" of a policy "Com 1" indicates that transmission of the RIP message 30 from the community "10:1" to the community "20:1" is permitted”, [0078], “the prefix filters 19a to 19c permit the passage of only the control data that includes predetermined prefixes”, see also Fig. 4), 
wherein the network device is a router and the filter function is an interface filter ([0085], “The router name indicates a name of the router for setting the prefix filters 19a to 19c. The interface is the communication interface in which the prefix filters 19a to 19c are set”, [0096], “specifies the IGP routers 10a to 10d and the communication interface for setting the filter rule”).  
Alcala and Oguchi are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to generate a prefix list based on the obtained routing information (as disclosed by Alcala) and automatically update filter functions of a router with the prefix information (as taught by Oguchi). The motivation/suggestion would have been to efficiently carry out complicated path control used in the company network (Oguchi, [0021]).

Regarding Claims 2, 9 and 15, the combined teaching of Alcala and Oguchi teaches 
wherein the routing information includes at least one of Border Gateway Protocol (BGP) routing information and Interior Gateway Protocol (IGP) routing information announced by the autonomous system ((Alcala, [0063], “Interior Gateway Protocol (IGP)”, [0042], “autonomous system”, Oguchi, [0008], “Interior Gateway Protocol (IGP)”, [0013], “Border Gate Protocol (BGP)”).  

Regarding Claims 3 and 13, the combined teaching of Alcala and Oguchi teaches 
wherein generating the prefix list comprises extracting and aggregating prefixes included in the routing information (Alcala, [0043], “the collector nodes 116 identify each of the specified data (e.g., source and destination IP addresses) in the sample packet data 119, extract the data”, [0073], “In an aggregating operation 812, sample packet data and related routing table data are aggregated from multiple network interconnection points”).

Regarding Claims 6 and 11, the combined teaching of Alcala and Oguchi teaches 
wherein obtaining the routing information comprises retrieving the routing information from a route registry, the route registry storing routing information provided to the route registry by a computing device associated with the autonomous system (Alcala, [0047-0048], “the aggregator node 118 uses an AS registry 120 and customer attributes data 122 to derive other correlations between data and further enrich the data in the traffic flow report”, “The AS registry 120 provides information about autonomous systems worldwide”).

Regarding Claims 7 and 12, the combined teaching of Alcala and Oguchi teaches 
wherein the network device is a first network device and the instructions are first instructions, the method further comprising: transmitting, from the computing system to a second network device, second instructions configured to cause the second network device to update a filter function of the second network device based on the prefix list such that the second network device permits network traffic that originates from IP addresses within the one or more prefixes of the prefix list (Oguchi, [0069], “Upon receiving the prefix data from the IGP routers 10a to 10d, the community control server 20 updates the prefix management table 24c”, [0070-0072], “The community control server 20 refers to the prefix management table 24c and specifies the prefixes that correspond to the community indicated by the recorded community name in the policy defining table 24a”, “The community control server 20 searches from the community defining table 24b, position data of the communication interface that corresponds to the community name, and carries out a process to set prefix filters 19a to 19c in the communication interface”, “For example, in the policy defining table 24a shown in FIG. 2, "Put 10:1 to 20:1" of a policy "Com 1" indicates that transmission of the RIP message 30 from the community "10:1" to the community "20:1" is permitted”, [0078], “the prefix filters 19a to 19c permit the passage of only the control data that includes predetermined prefixes”, see also Fig. 4).  

Regarding Claim 14, Alcala discloses
generating, at a computing system, a prefix list from routing information associated with an autonomous system of a communications network, the prefix list including a plurality of prefixes encompassing trusted addresses within the autonomous system ([0042], “the sampling agents 114 generate datagrams or other units of data that include specified information obtained from the sampled packets. The sample packet data 119 generally includes at least the source IP address, destination IP address, port numbers, and protocol associated with the sampled packet. Some sampling standards, such as sFlow, also obtain autonomous system numbers associated with the sampled packet”, “each collector node 116 obtains a routing table 117 from the respective communication node 112”, [0044], “The routing table 117 includes a list of networks (or prefixes) to which IP addresses belong that the collector node 116 correlates with destination IP addresses in the sample packet data 119”); 
Alcala does not explicitly teach but Oguchi teaches
automatically distributing, in response to generating the prefix list, the plurality of prefixes from the computing system to a filter device within the communications network. the distributing for implementation of a filter rule at the filter device, the filter rule permitting network traffic originating from addresses within the plurality of prefixes ([0085], “The router name indicates a name of the router for setting the prefix filters 19a to 19c”, [0146], “If the IGP router 10c has received the filter data (Yes at step S207), based on the filter data, the configuration defining unit 13 carries out setting and updation of the filter rules in the prefix filter table 12a and the packet filter table 12d”, [0070-0072], “The community control server 20 refers to the prefix management table 24c and specifies the prefixes that correspond to the community indicated by the recorded community name in the policy defining table 24a”, “The community control server 20 searches from the community defining table 24b, position data of the communication interface that corresponds to the community name, and carries out a process to set prefix filters 19a to 19c in the communication interface”, “For example, in the policy defining table 24a shown in FIG. 2, "Put 10:1 to 20:1" of a policy "Com 1" indicates that transmission of the RIP message 30 from the community "10:1" to the community "20:1" is permitted”, [0078], “the prefix filters 19a to 19c permit the passage of only the control data that includes predetermined prefixes”, see also Fig. 4), 
wherein the filter device utilizes an interface filter ([0085], “a name of the router for setting the prefix filters 19a to 19c. The interface is the communication interface in which the prefix filters 19a to 19c are set”, [0096], “specifies the IGP routers 10a to 10d and the communication interface for setting the filter rule”).  
Alcala and Oguchi are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to generate a prefix list from routing information (as disclosed by Alcala) and automatically distributing the prefix information to a filter device (as taught by Oguchi). The motivation/suggestion would have been to efficiently carry out complicated path control used in the company network (Oguchi, [0021]).

Regarding Claim 16, the combined teaching of Alcala and Oguchi teaches wherein distributing the portion of the prefix list comprises transmitting instructions from the computing system to the filter device, the instructions to cause the filter device to update the filter rule to permit network traffic originating from addresses within the plurality of prefixes (Oguchi, [0069], “Upon receiving the prefix data from the IGP routers 10a to 10d, the community control server 20 updates the prefix management table 24c”, [0070-0072], [0078], “the prefix filters 19a to 19c permit the passage of only the control data that includes predetermined prefixes”).  

Regarding Claim 17, the combined teaching of Alcala and Oguchi teaches 
wherein distributing the portion of the prefix list comprises: receiving, at the computing system, a request for the prefix list from at least one of the filter device and a computing device associated with the filter device; and providing the plurality of prefixes from the computing system to the at least one of the filter device and the computing device (Oguchi, [0069], “Upon receiving the prefix data from the IGP routers 10a to 10d, the community control server 20 updates the prefix management table 24c”, [0070-0072], [0078], “the prefix filters 19a to 19c permit the passage of only the control data that includes predetermined prefixes”).  

Regarding Claim 19, the combined teaching of Alcala and Oguchi teaches 
distributing the plurality of prefixes from the computing system to a second filter device within the communications network, the distributing to the second filter device for implementation of a second filter rule at the second filter device, the second filter rule permitting network traffic originating from addresses encompassed by the plurality of prefixes (Oguchi, [0069], “Upon receiving the prefix data from the IGP routers 10a to 10d, the community control server 20 updates the prefix management table 24c”, [0070-0072], [0078], “the prefix filters 19a to 19c permit the passage of only the control data that includes predetermined prefixes”).

Regarding Claim 20, the combined teaching of Alcala and Oguchi teaches 
obtaining the routing information from a route registry containing routing information provided by a computing device associated with the autonomous system during a route registration process (Alcala, [0047-0048], “the aggregator node 118 uses an AS registry 120 and customer attributes data 122 to derive other correlations between data and further enrich the data in the traffic flow report”, “The AS registry 120 provides information about autonomous systems worldwide”).

Claims 5, 10 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Alcala et al. (US 2009/0016236 A1) in view of Oguchi et al. (US 2007/0263548 A1) further in view of Benjamin James Steele (US 2017/0272465 A1).
Regarding Claims 5 and 10, the combined teaching of Alcala and Oguchi teaches wherein the instructions are first instructions, the method further comprising: 
transmitting second instructions from the computing system to the network device, the second instructions configured to cause the network device to update the filter function (Oguchi, [0069], “Upon receiving the prefix data from the IGP routers 10a to 10d, the community control server 20 updates the prefix management table 24c”);
The combined teaching of Alcala and Oguchi does not explicitly teach but Steele teaches
obtaining a source address at the computing system, the source address associated with a source of traffic to be blocked within the communications network; such that the network device blocks traffic that originates from the source address ([0047], “Once the traffic data is correlated with the security rules, a blacklist 308 is generated identifying attackers. In one embodiment, the blacklist includes one or more source IP addresses to be blocked by the routers”),
Alcala, Oguchi and Steele are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Steele with the combined teaching of Alcala and Oguchi. The motivation/suggestion would have been for automated detection and mitigation of Denial of Service (DoS) attacks (Steele, Abstract).

Regarding Claim 18, The combined teaching of Alcala and Oguchi does not explicitly teach but Steele teaches
generating, at the computing system, an address blacklist including a blocked address corresponding to a source from which traffic is to be blocked ([0047], “Once the traffic data is correlated with the security rules, a blacklist 308 is generated identifying attackers. In one embodiment, the blacklist includes one or more source IP addresses to be blocked by the routers”); and 
distributing the address blacklist, from the computing system to the filter device, the distributing of the address blacklist for implementing a second filter rule at the filter device, the second filter rule to block network traffic originating from addresses on the blacklist including the blocked address ([0065], “transmitting incremental additions or deletions to the safe blacklist. For example, if a new threat is detected, an update to the required routers is sent to block the source IP address for the newly detected threat”),
Alcala, Oguchi and Steele are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Steele with the combined teaching of Alcala and Oguchi. The motivation/suggestion would have been for automated detection and mitigation of Denial of Service (DoS) attacks (Steele, Abstract).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497