2020000274 (P.T.A.B. May. 24, 2021)

NSS Labs, Inc.

Patent Trials and Appeals BoardMay 24, 2021

2020000274 (P.T.A.B. May. 24, 2021)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/606,813 05/26/2017 Francisco S. Artes 385043-991112 1077 26379 7590 05/24/2021 DLA PIPER LLP (US ) 2000 UNIVERSITY AVENUE EAST PALO ALTO, CA 94303-2248 EXAMINER RAHMAN, SHAWNCHOY ART UNIT PAPER NUMBER 2438 NOTIFICATION DATE DELIVERY MODE 05/24/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): PatentDocketingUS-PaloAlto@dlapiper.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE _____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD _____________ Ex parte FRANCISCO S. ARTES and STEFAN FREI 1 _____________ Appeal 2020-000274 Application 15/606,813 Technology Center 2400 ______________ Before KRISTEN L. DROESCH, JOHN A. EVANS, and JOHN D. HAMANN, Administrative Patent Judges. EVANS, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE This is a decision on appeal under 35 U.S.C. § 134(a) from the Examiner’s final rejection of claims 1–25. Appeal Br. 1. We have jurisdiction over the pending claims under 35 U.S.C. § 6(b). We AFFIRM. 1 We use the word “Appellant” to refer to “applicant” as defined in 37 C.F.R. § 1.42 (2018). The Appeal Brief identifies NSS Labs, Inc., as the real party in interest. Appeal Br. 1. Appeal 2020-000274 Application 15/606,813 2 INVENTION The invention is directed to a system and method for modeling viable threats and for evading deployed defenses on a network. See Spec., Abstract. Claims 1 and 13 are independent. Illustrative claim 1 is reproduced below with some formatting added. 1. A method for modeling computer and network threats, comprising: receiving information about an entity that is to be protected from threats, the entity being one of a software application and an operating system of a computer; receiving information about one or more security products for protecting the entity; modeling each security product to identify one or more exploits that are not stopped by the security product; and displaying a graphical output of a representation of the one or more security products for protecting the entity and a plurality of known exploits and each exploit is linked to one or more of the security products, each security product having an icon and a particular security product having an indication that more exploits are linked to the particular security product than other security products. PRIOR ART Name2 Reference Date Wiemer US 2007/0067847 A1 Mar. 22, 2007 Leach US 2007/0113281 A1 May 17, 2007 Artes US 9,665,721 B2 May 30, 2017 2 All citations herein to the references are by reference to the first named inventor/author only. Appeal 2020-000274 Application 15/606,813 3 REJECTIONS AT ISSUE3 1. Claims 1–25 stand rejected on the basis of non-statutory obviousness- type double patenting over claims 1–25 of US 9,665,721. Final Act. 6–7. 2. Claims 1–25 stand rejected as unpatentable under 35 U.S.C. § 103 over Leach and Wiemer. Final Act. 8–13. ANALYSIS4 We have reviewed the rejections of claims 1–25 in light of Appellant’s arguments that the Examiner erred. We review the appealed rejections for error based upon the issues identified by the Appellant and in light of the arguments and evidence produced thereon. Ex parte Frye, 94 USPQ2d 1072, 1075 (BPAI 2010) (precedential), cited with approval in In re Jung, 637 F.3d 1356, 1365 (Fed. Cir. 2011) (“[I]t has long been the Board’s practice to require an applicant to identify the alleged error in the examiner’s rejections.”). We have considered in this decision only those arguments Appellant actually raised in the Briefs. Any other arguments which the Appellant could have made but chose not to make in the Briefs are deemed to be forfeited. See 37 C.F.R. § 41.37(c)(1)(iv). We consider Appellant’s arguments as they are presented in the Appeal Brief and the Reply Brief. 3 Throughout this Decision, we refer to the Appeal Brief (“Appeal Br.”) filed June 11, 2019, the Reply Brief (“Reply Br.”) filed October 15, 2019, the Final Office Action (“Final Act.”) mailed June 19 2018, the Examiner’s Answer mailed August 15, 2019, and the Specification (“Spec.”) filed May 26, 2017. Appeal 2020-000274 Application 15/606,813 4 CLAIMS 1–25: OBVIOUSNESS-TYPE DOUBLE PATENTING. The Examiner’s Answer does not maintain this rejection. We, therefore, find it is not before us. CLAIMS 1–25: OBVIOUSNESS OVER LEACH AND WIEMER. Appellant argues the claims as a group and specifically addresses the recitations of claim 1. See Appeal Br. 4. (“Each independent claim recites ‘receiving information about an entity that is to be protected from threats, the entity being one of a software application and an operating system of a computer’ and ‘receiving information about one or more security products for protecting the entity’ which are not taught by Leach or Wiemer.”). Therefore, we decide the appeal of the § 103 rejection on the basis of claim 1 and refer to the rejected claims collectively herein as “the claims.” See 37 C.F.R. § 41.37(c)(1)(iv); In re King, 801 F.2d 1324, 1325 (Fed. Cir. 1986). Appellant contends Wiemer does not disclose these claim elements. Appeal Br. 4. Appellant argues Leach discloses that physical systems, such as computers, a device or physical infrastructure, may be protected. Id. Because, according to Appellant, Leach fails to disclose software or operating systems may be protected, Appellant argues Leach fails to disclose receiving information about the protected entity (i.e., a software application or operating system of a computer) or receiving information about security products that protect the claimed entity. Id. The Examiner finds Leach discloses his invention may be applied to any security threat including digital threats such as viruses, worms, and Trojan horses. Ans. 4 (citing Leach ¶¶ 1, 2, 26). The Examiner finds it is Appeal 2020-000274 Application 15/606,813 5 known in the “field of computer security that viruses and worms infect executable files, documents, exploit loopholes in operating system[s] and application security.” Id. (“for worms which exploit software vulnerabilities in the core of the Microsoft Windows operating system”). In view of this disclosure, the Examiner finds it evident: that Leach does disclose either a software application or an operating system of a computer is the claimed entity being protected from viruses, worms, etc. and thus also teaches “receiving information about an entity that is to be protected from threats, the entity being one of a software application and an operating system of a computer” . . . [and] “receiving information about one or more security products for protecting the entity.” Ans. 5. Appellant acknowledges Leach discloses viruses and worms, as found by the Examiner, but argues Leach fails to teach information received about the software applications and the operating system, as claimed. Reply Br. 2. Appellant fails to define with specificity what claimed “information” about the software application or operating system that Leach fails to teach. As cited by the Examiner, Leach discloses: for worms which exploit software vulnerabilities in the core of the Microsoft Windows operating system, if the target is a Microsoft Windows system which has no countermeasures in place, i.e. is completely unpatched and unfirewalled, it could be taken that any exposure to any worm within the threat will inevitably lead to a successful security attack. Leach ¶ 124 (cited by the Examiner). Thus, we find Leach teaches information received about the software applications and the operating system, as claimed. Appeal 2020-000274 Application 15/606,813 6 Appellant further contends “Leach does not disclose ‘modeling each security product to identify one or more exploits that are not stopped by the security product’ since Leach at most disclose[s] modeling a risk of a countermeasure failing[,] not identifying exploits that are not stopped.” Appeal Br. 5. Appellant’s Reply re-iterates this argument. See Reply Br. 3. The Examiner finds Leach discloses The methodology models the interactions between threats and countermeasures and shows how to determine the rate and characteristics of the specific security breaches which result.’ [and] ‘modelling a risk chain, the risk chain being a series of two or more entities that each model a discrete part of how a threat leads to damage to a target system.’ Ans. 5 (citing Leach ¶¶ 45, 20). We find a model that determines the rate and characteristics of a security breach, as taught by Leach, of necessity, determines exploits that are not stopped by a given countermeasure. Accordingly, we are not persuaded the Examiner errs. In view of the foregoing, we sustain the rejection of claims 1–25 under 35 U.S.C. § 103. CONCLUSION In summary:5 Claim(s) Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1–25 103 Leach, Wiemer 1–25 5 The Examiner entered an obviousness-type double patenting rejection. Final Act. 6. The Answer does not maintain this rejection. We, therefore, find it is not before us. Appeal 2020-000274 Application 15/606,813 7 TIME PERIOD FOR RESPONSE No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a). See 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED6 6 We find the Specification fails to disclose a specific algorithm for performing the claimed modeling. Should prosecution continue, we suggest the Examiner consider entering a written description rejection.