NSS LABS, INC.Download PDFPatent Trials and Appeals BoardJul 21, 20212020001789 (P.T.A.B. Jul. 21, 2021) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/346,358 11/08/2016 Mohamed SAHER 385043-990102 1012 26379 7590 07/21/2021 DLA PIPER LLP (US ) 2000 UNIVERSITY AVENUE EAST PALO ALTO, CA 94303-2248 EXAMINER NAGHDALI, KHALIL ART UNIT PAPER NUMBER 2437 NOTIFICATION DATE DELIVERY MODE 07/21/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): PatentDocketingUS-PaloAlto@dlapiper.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte MOHAMED SAHER, JAYENDRA PATHAK, and AHMED ELGARY Appeal 2020-001789 Application 15/346,358 Technology Center 2400 Before JEAN R. HOMERE, MICHAEL J. ENGLE, and SCOTT RAEVSKY, Administrative Patent Judges. HOMERE, Administrative Patent Judge. DECISION ON APPEAL I. STATEMENT OF THE CASE1 Pursuant to 35 U.S.C. § 134(a), Appellant2 appeals from the Examiner’s decision to reject claims 1–23, which constitute all of the claims pending. Appeal Br. 1. We have jurisdiction under 35 U.S.C. § 6(b). We affirm. 1 We refer to the Specification, filed Nov. 8, 2016 (“Spec.”); Final Office Action, mailed Dec. 10, 2018 (“Final Act.”); Appeal Brief, filed Oct. 10, 2019 (“Appeal Br.”); Examiner’s Answer, mailed Nov. 5, 2019 (“Ans.”), and Reply Brief, filed Jan. 6, 2020 (“Reply Br.”). 2 We use the word “Appellant” to refer to “Applicant” as defined in 37 C.F.R. § 1.42(a). Appellant identifies the real party in interest as NSS Labs, Inc. Appeal Br. 1. Appeal 2020-001789 Application 15/346,358 2 II. CLAIMED SUBJECT MATTER According to Appellant, the claimed subject matter relates to a method and system for detecting a malware/exploit campaign (a.k.a. BaitNET), which is injected into the operating systems or virtual machines in virtual private networks (VPNs) to crawl uniform resource locators (URLs) to detect, identify, and isolate malware attacks. Spec. ¶¶ 5–7. Figure 1, reproduced below, is useful for understanding the claimed subject matter: Figure 1 illustrates BaitNET architecture (100) featuring three arrays of servers including capture stack (104), replay stack (106), and proxy stack (108) controlled by master hypervisor controller (110) to capture, test, and identify malicious URLs that are catalogued as malicious code for subsequent baiting. Id. ¶¶ 20–22. Appeal 2020-001789 Application 15/346,358 3 Independent claim 1 is illustrative of the claimed subject matter: 1. A malware and exploit campaign detection system, comprising: a plurality of computer systems; a capture stack including a server of one of the plurality of the computer systems having a processor that is configured to identify a plurality of malicious uniform resource locators that each have a piece of malicious code by testing each piece of malicious code and cataloging changes to an operating system of a computer system that tested each piece of malicious code; a replay stack including a server of one of the plurality of computer systems having a processor that is configured to test each piece of malicious code from the capture stack in a live environment using a victim by accessing one of the plurality of malicious uniform resource locators and to generate data about a replay of each piece of malicious code, each victim having a configuration that includes a combination of an operating system, a browser and at least one application that is exploitable by an exploit; and wherein the capture stack has a scout process that gathers the plurality of malicious uniform resource locators and that sends each malicious uniform resource locator to a particular victim of the replay stack. Appeal Br. 7 (Claims App.) (emphasis added). III. REFERENCES The Examiner relies upon the following references.3 Name Reference Date Ghosh US 2010/0122343 A1 May 13, 2010 Mahaffey US 2011/0145920 A1 July 16, 2011 Aziz US 2012/0174186 A1 July 5, 2012 3 All reference citations are to the first named inventor only. Appeal 2020-001789 Application 15/346,358 4 (“Aziz’186”) Aziz (“Aziz’553”) US 2012/0331553 A1 Dec. 27, 2012 Kraitsman US 2013/0133072 A1 May 23, 2013 IV. REJECTIONS4 The Examiner rejects claims 1–23 as follows: Claims 1, 5–12, and 16–19 stand provisionally rejected under nonstatutory obviousness-type double patenting over claims 1–14 of Saher (co-pending application number 14/482,696), Kraitsman, and Aziz’186. Final Act. 6–7. Claims 1, 2, 8, 9, 12, 13, 18–20, 22, and 23 stand rejected under 35 U.S.C. § 103 as unpatenable over the combined teachings of Aziz’553 and Kraitsman. Final Act. 8–14. Claims 3, 4, 14, and 15 stand rejected under 35 U.S.C. § 103 as unpatenable over the combined teachings of Aziz’553, Kraitsman, and Mahaffey. Final Act. 14–18. Claims 5–7, 10, 11, 16, 17, and 21 stand rejected under 35 U.S.C. § 103 as unpatenable over the combined teachings of Aziz’553, Kraitsman, and Ghosh. Final Act. 18–20. 4 The Examiner withdrew the indefiniteness rejection previously entered against claims 1–21. Final Act. 2. Appeal 2020-001789 Application 15/346,358 5 V. ANALYSIS A. Double Patenting “An appeal, when taken, is presumed to be taken from the rejection of all claims under rejection.” 37 C.F.R. § 41.31(c). Because Appellant does not identify any error in Examiner’s rejection on the ground of nonstatutory obviousness double patenting, we summarily sustain this rejection in this proceeding. Except for our ultimate decision, we do not discuss this double patenting rejection of claims 1, 5–12, and 16–19 further herein. B. Obviousness Rejections We consider Appellant’s arguments seriatim, as they are presented in the Appeal Brief, pages 4–5 and the Reply Brief, pages 1–3.5 We are unpersuaded by Appellant’s contentions. Appellant argues that the Examiner erred in concluding that the combination of Aziz’553 and Kraitsman teaches or suggests all the limitations as recited in independent claim 1. Appeal Br. 16. In particular, Appellant argues Kraitsman’s disclosure that known vulnerabilities may be to a browser, an application or an operating system does not teach or suggest a combination of an operating system, a browser and an application exploitable by an exploit, as required by the claim. Appeal Br. 4 (citing Kraitsman ¶¶ 11, 13), Reply Br. 2. Appellant’s arguments are not persuasive of reversible Examiner error. Kraitsman indicates that a cyber criminal may identify and exploit specific vulnerabilities of an online system, and in particular “certain 5 We have considered in this Decision only those arguments Appellant actually raised in the Briefs. Arguments not made are forfeited. See 37 C.F.R. § 41.37(c)(1)(iv) (2017). Appeal 2020-001789 Application 15/346,358 6 malicious webpages . . . exploit known vulnerabilities of a browser, application or operating system in order to install the malware surreptitiously.” Kraitsman ¶¶ 11, 13. Thus, according to Kraitsman, when an online system accesses a website, a cyber criminal can exploit specific vulnerabilities of an application to surreptitiously install the malware, thereby infecting the system. A person of ordinary skill in the art would have understood that (1) the most obvious way to access a website is via a browser, as evidenced by Kraitsman’s reference to a browser, and that (2) both an application and a browser run on an operating system, as evidenced by Kraitsman’s reference to an operating system. Id. ¶ 13. Consequently, we agree with the Examiner that Kraitsman’s disclosure teaches or at least suggests a combination of an operating system, a browser, and an application that is exploitable by an exploit. Ans. 3–4. Because we are not persuaded of Examiner error, we sustain the Examiner’s rejection of claim 1, as unpatentable over the combination of Aziz’553 and Kraitsman. Regarding the rejections of claims 2–23, because Appellant does not present separate patentability arguments or reiterates substantially the same arguments as those previously discussed for the patentability of claim 1 above, claims 2–23 fall therewith. See 37 C.F.R. § 41.37(c)(1)(iv). VI. CONCLUSION We affirm the Examiner’s rejection of claims 1–23. Appeal 2020-001789 Application 15/346,358 7 In summary: Claims Rejected 35 U.S.C. § Reference(s) /Basis Affirmed Reversed 1, 5–12, 16–19 Double Patenting 1, 5–12, 16–19 1, 2, 8, 9, 12, 13, 18–20, 22, 23 103 Aziz’553, Kraitsman 1, 2, 8, 9, 12, 13, 18–20, 22, 23 3, 4, 14, 15 103 Aziz’553, Kraitsman, Mahaffey 3, 4, 14, 15 5–7, 10, 11, 16, 17, 21 103 Aziz’553, Kraitsman, Ghosh 5–7, 10, 11, 16, 17, 21 Overall Outcome 1–23 No time period for taking any subsequent action in connection with this appeal may be extended under 37 C.F.R. § 1.136(a)(1). See 37 C.F.R. § 1.136(a)(1)(iv). AFFIRMED Copy with citationCopy as parenthetical citation
