Ex Parte 7,339,914 B2 et alDownload PDFPatent Trial and Appeal BoardFeb 26, 201690013153 (P.T.A.B. Feb. 26, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 90/013, 153 02/20/2014 7,339,914 B2 21269 7590 02/26/2016 PEPPER HAMIL TON LLP 500 GRANT STREET SUITE 5000 PITTSBURGH, PA 15219-2507 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. 141588.00190 5590 EXAMINER BONSHOCK, DENNIS G ART UNIT PAPER NUMBER 3992 MAILDATE DELIVERY MODE 02/26/2016 PAPER Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte AIR TIGHT NETWORKS, INC. Appellant Appeal2016-000154 Reexamination Control 90/013,153 Patent 7,339,914 B2 Technology Center 3900 Before ERIC B. CHEN, ANDREW J. DILLON, and JENNIFER L. MCKEOWN, Administrative Patent Judges. CHEN, Administrative Patent Judge. DECISION ON APPEAL Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 This is an appeal under 35 U.S.C. §§ 134(b) and 306 from the final rejection of claims 1-16. We have jurisdiction under§§ 134(b) and 306. An oral hearing was held on February 17, 2016. The record will include a written transcript of the oral hearing. We reverse. STATEMENT OF THE CASE Reexamination Proceedings A previous request for ex parte reexamination of U.S. Patent No. 7,339,914 (the '914 patent) was filed on February 15, 2013, and assigned Reexamination Control No. 90/012,797. This request was denied on May 9, 2013. On September 18, 2013, the Director of the Central Reexamination Unit denied a petition for review, filed May 22, 2013. Another request for ex parte reexamination of the '914 patent was filed on May 24, 2013 and assigned Reexamination Control No. 90/012,879. An Ex Parte Reexamination Certificate (9,898th) was issued on October 23, 2013, in which the patentability of claims 1-16 was confirmed. A subsequent request for ex parte reexamination of the '914 patent was filed on February 20, 2014, and assigned Reexamination Control No. 90/013,153. The '914 patent, entitled "Automated Sniffer Apparatus and Method for Monitoring Computer Systems for Unauthorized Access," issued March 4, 2008, to Pravin Bhagwat, Shantanu Gogate, and David C. King, based on Application No. 10/931,585, filed August 31, 2004. 2 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 The '914 patent is said to be assigned to AirTight Networks, Inc., said to be the assignee and real party in interest. Related Litigation The '914 patent has been subject to multiple patent infringement suits, including Aerohive Networks, Inc. v. AirTight Networks, Inc., No. 3: 13-cv- 329 (N.D. Cal. Jan. 23, 2013) andAirTight Networks, Inc. v. Aerohive Networks, Inc., No. 3:13-cv-383 (N.D. Cal. Jan. 28, 2013). The Claims Independent claim 1 is exemplary, with disputed limitations in italics: 1. A method for monitoring for unauthorized wireless access to computer networks, the method comprising: receiving a list of one or more wireless access point devices which are allowed to be connected to a computer network within a selected geographic region; monitoring wireless communications within the selected geographic region using one or more sniffer devices to at least detect an active wireless access point device that transmits wireless signals within the selected geographic region, the one or more sniffer devices being spatially disposed within the selected geographic region; determining that the active wireless access point device is not among the one or more wireless access point devices which are allowed to be connected to the computer network within the selected geographic region; transferring a plurality of marker packets into the computer network, the plurality of marker packets being adapted to be transferred to wireless medium within the selected geographic region from the computer network through one or more wireless access point devices which are actually connected to the computer network and 3 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 which are configured to function as layer two bridges between their wired and wireless interfaces, the plurality of marker packets having a predetermined format, at least a subset of the one or more sniff er devices being configured to be able to identify at least a portion of the predetermined format, the transferring being actively transferring at least for a process of detection of unauthorized wireless access to the computer network; processing using at least one of the at least the subset of the one or more sniffer devices at least a portion of the monitored wireless communications within the selected geographic region, the processing being directed to at least identifying at least one of the plurality of marker packets being actually transferred from the computer network to the wireless medium within the selected geographic region through the active wireless access point device, the processing including identifying the at least the portion of the predetermined format within at least one of one or more packets included in the at least the portion of the monitored wireless communications; and determining that the active wireless access point device provides unauthorized wireless access to the computer network based at least upon the at least one of the plurality of marker packets being identified as transferred from the computer network to the wireless medium within the selected geographic region through the active wireless access point device and the determining that the active wireless access point device is not among the one or more wireless access point devices which are allowed to be connected to the computer network The Rejections Claims 1-16 stand rejected under 35 U.S.C. § 103(a) as unpatentable over Challener (EP 1490773 Bl; Jan. 9, 2013) and Calhoun (US 7,336,670 B 1; Feb. 26, 2008). Claims 1-16 stand rejected under 35 U.S.C. § 103(a) as unpatentable over Calhoun, Chirumamilla (Mohan K. Chirumamilla & Byrav 4 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 Ramamurthy, Agent Based Intrusion Detection and Response System for Wireless LANs, 1 IEEE INT'L CONF. ON COMMS. 492-96 (2003)), and 802.11 (American National Standards Institute (ANSI)/Institute of Electrical and Electronics Engineers (IEEE) Std 802.11 (1999)). Appellant relied upon the following in rebuttal to the Examiner's rejection: Supplemental Declaration under 3 7 C.F .R. § 1.13 2 of Kevin Negus, dated October 29, 2014. (Exhibit E.) ANALYSIS § 103 Rejection-Challener and Calhoun We are persuaded by Appellant's arguments (App. Br. 24; see also Reply Br. 8-9) that the combination of Challener and Calhoun would not have rendered obvious independent claim 1, which includes the limitation "transferring a plurality of marker packets into the computer network ... the transferring being actively transferring at least for a process of detection of unauthorized wireless access to the computer network." The Examiner found that the "listening" client of Challener, which monitors traffic through an access point, and the interrogation of access points collectively correspond to the limitation "transferring a plurality of marker packets into the computer network ... the transferring being actively transferring at least for a process of detection of unauthorized wireless access to the computer network." (Ans. 14--15; see also Final Act. 5.) We do not agree. 5 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 Challener relates to "enabling a network administrator or manager to identify the presence of a rogue, or unauthorized, access point." (i-f 15.) Figure 1 of Challener illustrates network 10 installed within a facility (i-f 17), including server computer system 11, authorized access points 12, workstation computer systems 14 (i-f 22), such that access network 10 is established either through authorized wireless access point 15 or rogue wireless access point 16 (i-f 23). Challener explains that by "monitoring access points [ 12, 14, 16] through which data can be exchanged with a network [10] occurs, an unauthorized access point [16] is identified, and the location of the identified unauthorized access point [ 16] is determined" (i-f 31 ), and that such determination is obtained using "passive acquisition of information" (i-f 32). Challener further explains that "[a] 'listening' client continues to monitor traffic [i.e., passively] through the access point, monitoring the packet stream to determine either an IP address of a client connecting to the access point or watching a DHCP occur" thus, "providing sufficient information for the server to make a determination of whether the access point is in fact within an enterprise intranet." (i-f 33.) Additionally, Challener explains that "an interogation [sic] technique, where a special ICMP packet is sent to the access point directed to the MAC address but broadcast to the subnet" can be used, such that "[t]he access point will reply with its IP address." (Id.) Because Challener explains that monitoring (i.e., "passive acquisition of information" (i-f 32)) is used to determine if an access point is unauthorized, Challener does not teach the limitation "transferring a 6 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 plurality of marker packets into the computer network ... the transferring being actively transferring at least for a process of detection of unauthorized wireless access to the computer network." Accordingly, we are persuaded by Appellant's argument that "Challener fails to disclose 'actively transferring' marker packets at least for a process of detection of unauthorized wireless access to the computer network as claimed in independent claims 1 and 12" because "Challener passively monitors existing data traffic by having a "'listening" client continue[] to monitor traffic through the access point, monitoring the packet stream to determine either an IP address of a client connecting to the access point or watching a DHCP occur."' (App. Br. 24; see also Reply Br. 8-9.) Therefore, we do not agree with the Examiner that the combination of Challener and Calhoun would have rendered obvious independent claim 1, which includes the limitation "transferring a plurality of marker packets into the computer network ... the transferring being actively transferring at least for a process of detection of unauthorized wireless access to the computer network." We are further persuaded by Appellant's arguments (App. Br. 36; see also Reply Br. 17-18) that the combination of Challener and Calhoun would not have rendered obvious independent claim 1, which includes the limitation "determining that the active wireless access point device provides unauthorized wireless access to the computer network based at least upon the at least one of the plurality of marker packets being identified as 7 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 transferred from the computer network to the wireless medium ... through the active wireless access point device." The Examiner found that transmitting the Rogue Location Discovery (RLD) packet of Calhoun, from the central control element to the network of the rogue assess point, corresponds to the limitation "determining that the active wireless access point device provides unauthorized wireless access to the computer network based at least upon the at least one of the plurality of marker packets being identified as transferred from the computer network to the wireless medium ... through the active wireless access point device." (Ans. 9, 24.) We do not agree. Calhoun relates to wireless computer networks, in particular, "the containment of rogue access points and clients in wireless network environments." (Col. 1, 11. 38-39.) Figure 9 of Calhoun illustrates a block diagram illustrating a process flow for a rogue location discovery methodology (col. 4, 11. 1-3), including central control element 24 and rogue access point 99 connected to the network 50, such that central control element 24 composes and transmits a Rogue Location Discovery (RLD) packet (col. 15, 11. 9-12). Figure 9 of Calhoun further illustrates the path of the RLD packet, as indicated by reference arrows 3a, 3b and 3c. (Col. 15, 11. 12-15.) Calhoun explains that "if central control element 24 receives the RLD packet on its LAN interface (416) central control element 24 ... can then operate to report the rogue access point 99 and contain it ( 418), using one or a combination of the rogue containment functionalities." (Col. 15, 11. 51-55; see also Fig. 9.) 8 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 Because Calhoun explains that rogue access point 99 is reported once the RLD packet is received by central control element 24, Calhoun does not teach the limitation "determining that the active wireless access point device provides unauthorized wireless access to the computer network based at least upon the at least one of the plurality of marker packets being identified as transferred from the computer network to the wireless medium ... through the active wireless access point device." Accordingly, we are persuaded by Appellant's argument that "[t]o the contrary, Calhoun '670's RLD packet approach is opposite to the marker packet approach claimed in the '914 patent" because "Calhoun '6 7 0 discloses that its RLD packet is initially transferred from a computer network through an authorized access point to a wireless space, and then transferred from the wireless space to the computer network through an unauthorized access point." (App. Br. 36; see also Reply Br. 17-18.) Therefore, we do not agree with the Examiner that the combination of Challener and Calhoun would have rendered obvious independent claim 1, which includes the limitation "determining that the active wireless access point device provides unauthorized wireless access to the computer network based at least upon the at least one of the plurality of marker packets being identified as transferred from the computer network to the wireless medium ... through the active wireless access point device." Accordingly, we do not sustain the rejection of independent claim 1 under 35 U.S.C. § 103(a). Claims 2-11 depend from independent claim 1. We do not sustain the rejection of claims 2-11 under 35 U.S.C. § 103(a) for the same reasons discussed with respect to independent claim 1. 9 Appeal2016-000154 Reexamination Control 90/013, 15 3 Patent 7,339,914 B2 Independent claim 12 recites limitations similar to those discussed with respect to independent claim 1. We do not sustain the rejection of claim 12, as well as dependent claims 13-16, for the same reasons discussed with respect to claim 1. § 103 Rejection-Calhoun, Chirumamilla, and 802.11 We do not sustain the rejection of claims 1-16 for the same reasons discussed previously with respect to Calhoun for the rejection of independent claims 1-16 under 35 U.S.C. § 103(a) as unpatentable over Challener and Calhoun. DECISION The Examiner's decision rejecting claims 1-16 is reversed. REVERSED 10 Copy with citationCopy as parenthetical citation