Ex Parte Hay et alDownload PDFPatent Trial and Appeal BoardSep 26, 201614026347 (P.T.A.B. Sep. 26, 2016) Copy Citation UNITED STA TES p A TENT AND TRADEMARK OFFICE APPLICATION NO. FILING DATE FIRST NAMED INVENTOR 14/026,347 09/13/2013 Roee Hay 73109 7590 09/28/2016 Cuenot, Forsythe & Kim, LLC 20283 State Road 7 Ste. 300 Boca Raton, FL 33498 UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www .uspto.gov ATTORNEY DOCKET NO. CONFIRMATION NO. IL920120075US2_8150-0456 9889 EXAMINER STEINLE, ANDREW J ART UNIT PAPER NUMBER 2497 NOTIFICATION DATE DELIVERY MODE 09/28/2016 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address( es): ibmptomail@iplawpro.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte ROEE HAY, DANIEL KALMAN, ROI SALTZMAN, and OMER TRIPP Appeal2015-005652 Application 14/026,347 Technology Center 2400 Before JEAN R. HOMERE, BETH Z. SHAW, and KARA L. SZPONDOWSKI, Administrative Patent Judges. SHAW, Administrative Patent Judge. DECISION ON APPEAL Appellants appeal under 35 U.S.C. § 134(a) from the Examiner's final rejection of claims 1-3 and 6-8, which are the only claims currently pending in this application. App. Br. 2. We have jurisdiction under 35 U.S.C. § 6(b). We AFFIRM. RELATED APPEALS Appellants identify this appeal as related to an appeal concurrently filed in U.S. Application No. 13/705,705, which is Appeal 2015-003348. See App. Br. 1. INVENTION Appellants' invention is directed to computer tools for detecting security vulnerabilities. Spec. i-f 2. Appeal2015-005652 Application 14/026,347 Claim 1, which is representative, reads as follows: 1. A method for identifying security vulnerabilities on computing devices, the method comprising: detecting an inter-process communication on a computing device; determining whether the inter-process communication is consistent with a predefined specification of a security vulnerability; and causing a predefined action to be performed on the computing device responsive to determining that the inter-process communication is consistent with a predefined specification of a security vulnerability, wherein the determining comprises determining where the security vulnerability is a susceptibility to a confidentiality violation. REJECTIONS AT ISSUE The Examiner rejected claims 1-3 and 6-8 under 35 U.S.C. § 102(b) as being anticipated by Freund (US 2004/01997 63; published Oct. 7, 2004 ). Final Act. 5-8. ISSUES Appellants argue that the Examiner's rejections are in error. App. Br. 7-12; Reply Br. 2. The dispositive issue presented by these arguments is: Did the Examiner err in finding Freund discloses "determining where the security vulnerability is a susceptibility to a confidentiality violation," as recited in claim 1? ANALYSIS We have reviewed Appellants' arguments in the Briefs, the Examiner's rejection, and the Examiner's response to Appellants' 2 Appeal2015-005652 Application 14/026,347 arguments. We adopt as our own the findings and reasons set forth in the Final Rejection from which this appeal is taken and in the Examiner's Answer in response to Appellants' Appeal Brief. See Final Act. 2-8; Ans. 2-3. We highlight and address specific arguments and findings for emphasis as follows. Appellants argue that Freund fails to disclose "wherein the determining comprises determining where the security vulnerability is a susceptibility to a confidentiality violation," as recited in claim 1. App. Br. 8-12; Reply Br. 2. Here, the Examiner finds Freund's monitoring connection of potential malware requests discloses the disputed limitation of claim 1. See Ans. 2-3 (citing Freund i-f 72); Final Act. 6 (citing Freund i-fi-172-73, 88). Freund describes that connection requests are monitored, and that an incoming connection request attempts to create a communication channel (port), but that connection request can be trapped and re-directed, resulting in access being blocked. Id. (citing i-f 72; see also i-fi-173, 76, 84). The connection request attempt includes sufficient information (e.g., text string) to allow determination of the type of service that is being requested. Ans. 3 (citing f 72). Once the communication port has been opened, malware may send messages to a DNS server, including sending confidential information to a malicious DNS server. Id. The Examiner finds, and we agree, that the connection requests are inter-process communications that are monitored and assessed to determine what type of service is being requested. Id. The Examiner finds paragraph 72 refers to one such request, which is a confidentiality violation. Id. This type of request can be detected and mitigated by trapping or re-directing. Ans. 2-3; see also Freund i-fi-173. 84. 3 Appeal2015-005652 Application 14/026,347 Although Appellants argue that requesting a type of service does not identically disclose the claimed "'determining whether the inter-process communication is consistent with a susceptibility to a confidentiality violation,'" (Reply Br. 2), we are not persuaded. As described above, Freund describes monitoring connection requests, trapping, and redirecting certain requests to determine whether the requesting application has appropriate privileges, because if a requesting application does not have appropriate privileges, it may be used to send confidential information to a malicious DNS server. Freund i-fi-172, 73, 84. Appellants argue that the claimed invention involves "characterizing the type of security violation." App. Br. 9. However, this limitation is not recited in claim 1, and we decline to import this argued limitation into the claim. We agree with the Examiner's finding that a broad but reasonable interpretation of the claim Freund discloses "determining where the security vulnerability is a susceptibility to a confidentiality violation" as recited in claim 1 because Freund discloses determining where a request of malware may be used to send confidential information to a malicious DNS server. See Freund i-fi-1 72-73. In the absence of sufficient evidence or line of technical reasoning to the contrary, the Examiner's findings are reasonable and we find no reversible error. Because Appellants have not presented separate patentability arguments or have reiterated substantially the same arguments as those previously discussed for patentability above (see App. Br. 7-12), the remaining pending claims fall for the same reasons as claim 1. See 37 C.F.R. § 41.37(c)(l)(iv). 4 Appeal2015-005652 Application 14/026,347 DECISION The decision of the Examiner to reject claims 1-3 and 6-8 is affirmed. No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(l). See 37 C.F.R. § 1.136(a)(l )(iv). AFFIRMED 5 Copy with citationCopy as parenthetical citation
