iBoss, Inc.Download PDFPatent Trials and Appeals BoardMar 30, 202014811797 - (D) (P.T.A.B. Mar. 30, 2020) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/811,797 07/28/2015 Paul Michael Martini 38097-0056003 4235 20985 7590 03/30/2020 FISH & RICHARDSON P.C. (SD) P.O. BOX 1022 MINNEAPOLIS, MN 55440-1022 EXAMINER ZAIDI, SYED A ART UNIT PAPER NUMBER 2432 NOTIFICATION DATE DELIVERY MODE 03/30/2020 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): PATDOCTC@fr.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ Ex parte PAUL MICHAEL MARTINI and PETER ANTHONY MARTINI ________________ Appeal 2018-006918 Application 14/811,797 Technology Center 2400 ____________ Before LARRY J. HUME, JUSTIN BUSCH, and MATTHEW J. McNEILL, Administrative Patent Judges. McNEILL, Administrative Patent Judge. DECISION ON APPEAL Appellant1 appeals under 35 U.S.C. § 134(a) from the Examiner’s rejection of claims 1‒7, 10‒17, 20, and 22, which are all the claims pending in this application. An oral hearing was held March 17, 2020, and a transcript of that hearing will be made of record in due course. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42. Appellant identifies the real party in interest as iboss, Inc. Appeal Br. 1. Appeal 2018-006918 Application 14/811,797 2 STATEMENT OF THE CASE Introduction Appellant’s application relates to selectively introducing security issues in a sandbox environment to elicit malicious application behavior. Spec. ¶ 1. In one embodiment, Appellant discloses a virtual machine environment that is configured to introduce one or more security issues to elicit a particular malicious application to perform particular malicious actions. Id. ¶ 3. Claim 1 is illustrative of the appealed subject matter and reads as follows: 1. A computer-implemented method executed by one or more processors for analyzing software application behavior within a virtual machine environment, the method comprising: configuring the virtual machine environment to introduce one or more security issues within the virtual machine environment, wherein each introduced security issue causes the virtual machine environment to be less secure by eliciting a particular malicious application to perform one or more malicious actions when the security issue is present during execution of the particular malicious application; after configuring the virtual machine environment, transferring a software application into the virtual machine environment; after transferring the software application into the virtual machine environment; executing the software application within the virtual machine environment; detecting a malicious action being performed by the software application during execution within the virtual machine environment, wherein the detected malicious action is one of the one or more malicious actions associated with at Appeal 2018-006918 Application 14/811,797 3 least one of the security issues introduced in the virtual machine environment prior to execution of the software application; and initiating an analysis action in response to detecting the malicious action being performed by the software application. The Examiner’s Rejections Claim 22 stands rejected under 35 U.S.C. § 112(b) as being indefinite. Final Act. 3‒4. Claims 1, 3‒7, 10, 11, 13‒17, and 20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Ford (US 2013/0305368 A1; Nov. 14, 2013) and Dixon (US 2015/0172305 A1; June 18, 2015). Final Act. 5‒11. Claims 2 and 12 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over Ford, Dixon, and Fitzgerald (US 2013/0091564 A1; Apr. 11, 2013). Final Act. 11‒12. ANALYSIS Indefiniteness Claim 22 stands rejected under 35 U.S.C. § 112(b) as being indefinite. Final Act. 3‒4. Appellant does not provide any argument regarding this rejection. See Appeal Br. 1‒8; Reply Br. 1. Accordingly, we summarily affirm the Examiner’s indefiniteness rejection of claim 22. Obviousness We have reviewed the Examiner’s rejections in light of Appellant’s contentions that the Examiner erred. We disagree with Appellant’s contentions. Except as noted below, we adopt as our own: (1) the findings and reasons set forth by the Examiner in the action from which this appeal is taken and (2) the reasons set forth by the Examiner in the Examiner’s Answer in response to Appellant’s Appeal Brief. We concur with the Appeal 2018-006918 Application 14/811,797 4 conclusions reached by the Examiner. We highlight the following additional points. Appellant argues the Examiner erred in rejecting claim 1 as unpatentable over Ford and Dixon. See Appeal Br. 4‒7; Reply Br. 2. In particular, Appellant argues Ford does not teach or suggest “configuring the virtual machine environment to introduce one or more security issues within the virtual machine environment,” as recited in claim 1. See Appeal Br. 5‒6. Appellant argues Ford teaches loading an application and executing the application to detect security issues, but does not teach a separate configuration of the application or virtual machine environment to introduce one or more security issues. Id. Appellant has not persuaded us of Examiner error. The Examiner finds Ford discloses security issues are introduced to the system, but does not explicitly disclose whether the security issues are introduced before or after the software is installed on the system. Final Act. 6. We agree. As one example, Ford teaches a file emulator that attempts to trigger a malicious application by simulating a file open or website access to determine if the actions occur with unusual behavior. Ford ¶ 22. Ford also teaches an example where an executable application accesses a banking website, in particular a log-in page, and provides user credentials to attempt to trigger a malicious application. Id. ¶ 59. Thus, we agree with the Examiner that Ford teaches introducing “security issues” as claimed. Regarding the timing of the security issue introduction, the Examiner finds Dixon teaches configuring a virtual machine to introduce one or more security issues and an ordinarily skilled artisan would have modified Ford “to include setting up passwords and other information (i.e., security issues) Appeal 2018-006918 Application 14/811,797 5 and then installing a malware in the virtual environment.” Final Act. 7. Accordingly, the Examiner relies on the combination of Ford and Dixon’s teachings, not Ford alone, for configuring a virtual machine in the claimed manner. Thus, the relevant inquiry is whether the claimed subject matter would have been obvious to those of ordinary skill in the art in light of the combined teachings of those references. In re Keller, 642 F.2d 413, 425 (CCPA 1981). Appellant’s arguments relating to Ford alone are unpersuasive of error because they do not persuasively rebut the Examiner’s findings regarding the combined teachings of Ford and Dixon. Appellant also argues Dixon does not teach or suggest the claimed security issues and that the Examiner’s findings regarding Dixon are inconsistent because the Examiner finds Dixon teaches “introduc[ing] one or more security issues . . . [to] cause[] the virtual machine environment to be less secure,” but also finds an ordinarily skilled artisan would have introduced Dixon’s teachings to Ford to provide defense against malware. See Appeal Br. 7 (citing Final Act. 7). Appellant has not persuaded us of Examiner error because the Examiner’s findings regarding an ordinarily skilled artisan’s motivation to modify Ford with Dixon’s teachings are not inconsistent with causing the virtual machine environment to be less secure. To the contrary, Dixon, like Ford, teaches introducing security issues to a virtual machine to elicit a malicious application to perform a malicious action, thus making the virtual machine less secure. See Ans. 3‒5. The purpose of introducing these security issues is to monitor malicious applications so that the system developer may develop defenses against malware and their operators. See Ford, Abstract; Dixon Abstract. Thus, the Examiner’s finding regarding an ordinarily skilled Appeal 2018-006918 Application 14/811,797 6 artisan’s motivation to combine these references is entirely consistent with the purpose of both references. We, therefore, sustain the Examiner’s rejection of independent claim 1 as unpatentable over Ford and Dixon. We also sustain the obviousness rejection of independent claims 11 and 20, for which Appellant provides the same argument (see Appeal Br. 8), and dependent claims 2‒7, 10, and 12‒17, for which Appellant provides no separate argument (see id.). CONCLUSION Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 22 112(b) Definiteness 22 1, 3‒7, 10, 11, 13‒17, 20 103 Ford, Dixon 1, 3‒7, 10, 11, 13‒17, 20 2, 12 103 Ford, Dixon, Fitzgerald 2, 12 Overall Outcome 1‒7, 10‒ 17, 20, 22 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 41.50(f). AFFIRMED Copy with citationCopy as parenthetical citation
