Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 1 of 124
`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 1 of 124
`
`EXHIBIT 5
`EXHIBIT 5
`
`
`
`
`
`
`
`

`

`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 3 of 124
`
`PTO/SB/57 (08-13)
`Approved for use through 07/31/2015. OMB 0651-0064
`U.S. Patent and Trademark Office; U.S. DEPARTMENT OF COMMERCE
`Under the Paperwork Reduction Act of 1995, no persons are reouired to respond to a collection of information unless it displavs a valid OMB control number.
`
`13. 0
`
`The attached detailed request includes at least the following items:
`
`a. A statement identifying each substantial new question of patentability based on prior patents and printed
`publications. 37 CFR 1.51 O(b )(1 ).
`
`b. An identification of every claim for which reexamination is requested, and a detailed explanation of the pertinency
`and manner of applying the cited art to every claim for which reexamination is requested. 37 CFR 1.510(b)(2).
`
`14. D A proposed amendment Is included (only where the patent owner is the requester). 37 CFR 1.510(e).
`15.0 a. It is certified that a copy of this request (if filed by other than the patent owner) has been served in its entirety on
`the patent owner as provided in 37 CFR 1.33(c).
`The name and address of the party served and the date of service are:
`Dawn-Marie Bey, Bey & Cotropia PLLC (Finjan Inc.)
`213 Bayly Court, Richmond, VA 23229
`Date of Service: 10/7/2013
`D b. A duplicate copy is enclosed since service on patent owner was not possible. An explanation of the efforts
`
`; or
`
`made to serve patent owner is attached. See MPEP § 2220.
`
`16. Correspondence Address: Direct all communication about the reexamination to:
`
`D
`
`OR
`
`0
`
`Address
`
`The address associated with Customer Number: I
`
`I
`
`Firm or
`Individual Name
`
`Ryan W. Cobb, DLA Piper LLP (US), 401 B St., Ste 1700
`
`city s
`0 .
`an 1ego
`Country
`United States
`Telephone
`
`619.699.2635
`
`I State CA
`I Email
`
`ryan.cobb@dlapiper.com
`
`I Zip 92101
`
`17. 0
`
`The patent is currently the subject of the following concurrent proceeding(s):
`D a. Copending reissue Application No.
`D b. Copending reexamination Control No.
`D c. Copending Interference No.
`0 d. Copending litigation styled:
`Finjan, Inc. v. FireEye, Inc., USDC-NDCA, Case No. 13-cv-03133-SBA; Finjan, Inc. v. Blue Coat Systems, Inc.,
`
`USDC-NDCA, Case No. 13-cv-03999; Finjan, Inc. v. Websense, Inc., USDC-NDCA 13-cv-4398
`
`WARNING: Information on this form may become public. Credit card information should not be
`included on this form. Provide credit card information and authorization on PT0-2038.
`/Ryan W. Cobb/
`10/7/2013
`Date
`Authorized Signature
`RyanW. Cobb
`Typed/Printed Name
`
`64,598
`Registration No.
`
`D For Patent Owner Requester
`0 For Third Party Requester
`
`[Page 2 of2]
`
`2
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 4 of 124
`
`Attorney Docket No. FINREXM0005
`
`PATENT
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`In re Ex Parte Reexamination of
`U.S. Patent No. 7,647,633 to Edery, et al.
`
`Technology Center: 3992
`
`Application No.: 90/013,016
`
`Group Art Unit:
`
`3992
`
`Filed: October 7, 2013
`
`Confirmation No.:
`
`9521
`
`Patent Owner: Finjan, Inc.
`
`CRU Examiner:
`
`Adam L. Basehoar
`
`For U.S. Patent No. 7,647,633- MALICIOUS MOBILE CODE RUNTIME MONITORING
`SYSTEM AND METHODS.
`
`Submitted Electronically
`
`Mail Stop PETITION
`Commissioner for Patents
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`CERTIFICATE OF SERVICE
`
`I hereby certify that a true and correct copy of the foregoing Petition to Accept
`Unintentionally Delayed Priority Claim under 37 C.P.R. § 1.78 filed on February 19, 2014, is to
`be served by first class United States mail on the 20th day of February, 2014, to:
`
`Ryan W. Cobb
`DLA Piper LLP
`401 B Street, Suite 1700
`San Diego, CA 92101
`Tel.: (619) 699-2635
`Fax: (619) 699-2701
`Attorney of Record for Third-Party Requester
`
`Date: February 19, 2014
`
`By:
`
`Respectfully submitted,
`
`/Dawn-Marie Bev- 44.4421
`Dawn-Marie Bey (Reg. No. 44,442)
`Bey & Cotropia PLLC
`213 Bayly Court
`Richmond, VA 23229
`(804) 441-8530
`Attorneys for Patent Owner
`
`1
`
`3
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 5 of 124
`
`Electronic Patent Application Fee Transmittal
`
`Application Number:
`
`Filing Date:
`
`90013016
`
`07-0ct-2013
`
`Title of Invention:
`
`MALICIOUS MOBILE CODE RUNTIME MONITORING SYSTEM AND METHODS
`
`First Named Inventor/Applicant Name:
`
`7647633
`
`Filer:
`
`Dawn-Marie Bey./Jeanne Paolella-Bald
`
`Attorney Docket Number:
`
`FINREXMOOOS
`
`Filed as Large Entity
`
`ex parte reexam Filing Fees
`
`Description
`
`Fee Code
`
`Quantity
`
`Amount
`
`Sub-Total in
`USD($)
`
`Basic Filing:
`
`Pages:
`
`Claims:
`
`Miscellaneous-Filing:
`
`Petition:
`
`Pet. Delay Sub or Restore Priority-Claim
`
`1454
`
`1
`
`1700
`
`1700
`
`Patent-Appeals-and-Interference:
`
`Post-Allowance-and-Post-Issuance:
`
`Extension-of-Time:
`
`4
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 6 of 124
`Description
`Fee Code
`Quantity
`Amount
`
`Sub-Total in
`USD($)
`
`Miscellaneous:
`
`Total in USD ($)
`
`1700
`
`5
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 7 of 124
`Electronic Acknowledgement Receipt
`
`EFSID:
`
`Application Number:
`
`18237387
`
`90013016
`
`International Application Number:
`
`Confirmation Number:
`
`9521
`
`Title of Invention:
`
`MALICIOUS MOBILE CODE RUNTIME MONITORING SYSTEM AND METHODS
`
`First Named Inventor/Applicant Name:
`
`7647633
`
`Customer Number:
`
`115222
`
`Filer:
`
`Dawn-Marie Bey./Jeanne Paolella-Bald
`
`Filer Authorized By:
`
`Dawn-Marie Bey.
`
`Attorney Docket Number:
`
`FINREXM0005
`
`Receipt Date:
`
`Filing Date:
`
`TimeStamp:
`
`19-FEB-2014
`
`07-0CT-2013
`
`11:41:50
`
`Application Type:
`
`Reexam (Patent Owner)
`
`Payment information:
`
`Submitted with Payment
`
`Payment Type
`
`Payment was successfully received in RAM
`
`RAM confirmation Number
`
`yes
`
`Credit Card
`
`$1700
`
`11528
`
`Deposit Account
`
`Authorized User
`
`File Listing:
`Document I
`Number
`
`Document Description
`
`I
`
`File Name
`
`I
`
`File Size( Bytes)/ I Multi 'I Pages
`(ifappl.)
`Message Digest
`Part /.zip
`
`6
`
`

`

`1
`
`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 8 of 124
`130419
`90013016_executed_petitionto
`Petition for review by the Office of
`acceptunintentionallydelayedp
`Petitions.
`riorityclaim.pdf
`
`no
`
`Offde6ff8bd052bfa 18ec6b7aa9b19f8bbad
`3ed
`
`3
`
`Warnings:
`
`Information:
`
`2
`
`Reexam Certificate of Service
`
`90013016_executed_certofserv
`ice_petitiontoacceptunintentio
`nallydelayedpriorityclaim.pdf
`
`128476
`
`adf3b55079e9f61 Of58ae17f642a21239dca
`b625
`
`no
`
`1
`
`Warnings:
`
`Information:
`
`3
`
`Fee Worksheet (SB06)
`
`fee-info. pdf
`
`no
`
`2
`
`30138
`
`5d7bd 1 badd93c0ff2de8c2482514088a 1 cff
`c9a2
`
`Warnings:
`
`Information:
`
`Total Files Size (in bytes)
`
`289033
`
`This Acknowledgement Receipt evidences receipt on the noted date by the USPTO of the indicated documents,
`characterized by the applicant, and including page counts, where applicable. It serves as evidence of receipt similar to a
`Post Card, as described in MPEP 503.
`
`New A~~lications Under 35 U.S.C. 111
`If a new application is being filed and the application includes the necessary components for a filing date (see 37 CFR
`1.53(b)-(d) and MPEP 506), a Filing Receipt (37 CFR 1.54) will be issued in due course and the date shown on this
`Acknowledgement Receipt will establish the filing date of the application.
`
`National Stage of an International A~~lication under 35 U.S.C. 371
`If a timely submission to enter the national stage of an international application is compliant with the conditions of 35
`U.S.C. 371 and other applicable requirements a Form PCT/DO/E0/903 indicating acceptance of the application as a
`national stage submission under 35 U.S.C. 371 will be issued in addition to the Filing Receipt, in due course.
`
`New International A~~lication Filed with the USPTO as a Receiving Office
`If a new international application is being filed and the international application includes the necessary components for
`an international filing date (see PCT Article 11 and MPEP 181 0), a Notification of the International Application Number
`and of the International Filing Date (Form PCT/R0/1 OS) will be issued in due course, subject to prescriptions concerning
`national security, and the date shown on this Acknowledgement Receipt will establish the international filing date of
`the application.
`
`7
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 9 of 124
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`Control Number
`Patent No.
`Inventors
`Issued
`Title
`
`Confirmation No.:
`
`90/013,016
`7,647,633
`Edery et al.
`June 12, 2010
`MALICIOUS MOBILE CODE RUNTIME MONITORING
`SYSTEM AND METHODS
`
`9521
`
`TC/Art Unit
`Examiner:
`Attorney Dckt No.
`
`3992
`Adam L. Basehoar
`FINREXM0005
`
`Mail Stop Ex Parte Reexam
`Central Reexamination Unit
`Commissioner for Patents
`P.O. Box 1450
`Alexandria, VA 22313-14 50
`
`RESPONSE TO NON-FINAL OFFICE ACTION
`
`Sir:
`
`In response to the pending non-final Office Action dated November 19, 2013 (response
`
`due February 19, 2014 with granted extension), please consider the following remarks regarding
`
`the above-captioned patent.
`
`Amendments to the Specification begin on Page 2.
`
`Amendments to the Claims begin on Page 3.
`
`Remarks begin on Page 12.
`
`1
`
`8
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 10 of 124
`
`AMENDMENT TO THE SPECIFICATION
`
`Kindly replace the first paragraph of the specification on page 2 with the following:
`
`This application is a continuation of and incorporates by reference patent application Ser.
`
`No. 09/861,229, filed May 17, 2001 now U.S. Pat. No. 7,058,822, which claims benefit
`
`ofreference provisional application Ser. No. 60/205,591 entitled "Computer Network
`
`Malicious Code Runtime Monitoring," filed on May 17, 2000 by inventors Nimrod
`
`Itzhak V ered, et al. This application also incorporates by reference the provisional
`
`application Ser. No. 60/205,591. This application is also a Continuation-In-Part of and
`
`hereby incorporates by reference patent application Ser. No. 09/539,667, now U.S. Pat.
`
`No. 6,804,780, entitled "System and Method for Protecting a Computer and Network
`
`from Hostile Downloadables" filed on Mar. 30, 2000 by inventor Shlomo Touboul,
`
`which is a continuation of U.S. patent application Ser. No. 08/964,388, now U.S. Patent
`
`No. 6,092,194, entitled "System and Method for Protecting a Computer and a Network
`
`from Hostile Downloadables" filed on November 6, 1997 by inventor Shlomo Touboul.
`
`This application is also a Continuation-In-Part of and hereby incorporates by reference
`
`patent application Ser. No. 90/551,302 now U.S. Pat. No. 6,480,962, entitled "System
`
`and Method for Protecting a Client During Runtime From Hostile Downloadables", filed
`
`on Apr. 2000 by inventor Shlomo Touboul, which is a continuation of U.S. application
`
`Ser. No. 08/790,097, now U.S. Patent No. 6,167,520 entitled "System and Method For
`
`Protecting a Client From Hostile Downloadables", filed January 29, 1997 by inventor
`
`Shlomo Touboul.
`
`1
`
`9
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 11 of 124
`
`1. (Original; Rejected) A computer processor-based method, comprising:
`
`AMENDMENTS TO THE CLAIMS
`
`receiving, by a computer, downloadable-information;
`
`determining, by the computer, whether the downloadable-information includes executable code;
`and
`
`based upon the determination, transmitting from the computer mobile protection code to at least
`one information-destination of the downloadable-information, if the downloadable-information
`is determined to include executable code.
`
`2. (Original; Rejected) The method of claim 1, wherein the receiving includes monitoring
`received information of an information re-communicator.
`
`3. (Original; Rejected) The method of claim 2, wherein the information re-communicator is a
`network server.
`
`4. (Original; Rejected) The method of claim 1, wherein the determining comprises analyzing
`the downloadable-information for an included type indicator indicating an executable file type.
`
`5. (Original; Rejected) The method of claim 1, wherein the determining comprises analyzing
`the downloadable-information for an included type detector indicating an archive file that
`contains at least one executable.
`
`6. (Original; Rejected) The method of claim 1, wherein the determining comprises analyzing
`the downloadable-information for an included file type indicator and an information pattern
`corresponding to one or more information patterns that tend to be included within executable
`code.
`
`7. (Original; Rejected) The method of claim 1, further comprising receiving, by the computer,
`one or more executable code characteristics of executable code that is capable of being executed
`by the information-destination, and wherein the determining is conducted in accordance with the
`executable code characteristics.
`
`8. (Original; Not Rejected) A computer processor-based system for computer security, the
`system comprising
`
`2
`
`10
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 12 of 124
`
`an information monitor for receiving downloadable-information by a computer;
`
`a content inspection engine communicatively coupled to the information monitor for
`determining, by the computer, whether the downloadable-information includes executable code;
`and
`
`a protection agent engine communicatively coupled to the content inspection engine for causing
`mobile protection code ("MPC") to be communicated by the computer to at least one
`information-destination of the downloadable-information, if the downloadable-information is
`determined to include executable code.
`
`9. (Original; Not Rejected) The system of claim 8, wherein the information monitor intercepts
`received information received by an information re-communicator.
`
`10. (Original; Not Rejected) The system of claim 9, wherein the information re-communicator
`is a network server.
`
`11. (Original; Not Rejected) The system of claim 8, wherein the content inspection engine
`comprises a file type detector for determining whether the downloadable-information includes a
`file type indicator indicating an executable file type.
`
`12. (Original; Not Rejected) The system of claim 8, wherein the content inspection engine
`comprises a parser for parsing the downloadable-information and a content analyzer
`communicatively coupled to the parser for determining whether one or more downloadable(cid:173)
`information elements of the downloadable-information correspond with executable code
`elements.
`
`13. (Original; Not Rejected) A processor-based system for computer security, the system
`compnsmg:
`
`means for receiving downloadable-information;
`
`means for determining whether the downloadable-information includes executable code; and
`
`means for causing mobile protection code to be communicated to at least one information(cid:173)
`destination of the downloadable-information, if the downloadable-information is determined to
`include executable code.
`
`3
`
`11
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 13 of 124
`
`14. (Original; Not Rejected) A computer program product, comprising a computer usable
`medium having a computer readable program code therein, the computer readable program code
`adapted to be executed for computer security, the method comprising:
`
`providing a system, wherein the system comprises distinct software modules, and wherein the
`distinct software modules comprise an information re-communicator and a mobile code
`executor;
`
`receiving, at the information re-communicator, downloadable-information including executable
`code; and
`
`causing mobile protection code to be executed by the mobile code executor at a downloadable(cid:173)
`information destination such that one or more operations of the executable code at the
`destination, if attempted, will be processed by the mobile protection code.
`
`15. (Original; Not Rejected) The method of claim 14, wherein the mobile code executor is a
`Java Virtual Machine.
`
`16. (Original; Not Rejected) The method of claim 14, wherein the mobile code executor is the
`operating system, running native code executables.
`
`17. (Original; Not Rejected) The method of claim 14, wherein the mobile code executor is a
`subsystem of the operating system.
`
`18. (Original; Not Rejected) The method of claim 14, wherein the mobile code executor is a
`scripting host.
`
`19. (Original; Not Rejected) The method of claim 14, wherein there-communicator is at least
`one of a firewall and a network server.
`
`0. (Original; Not Rejected) The method claim 14, wherein executing the mobile protection code
`at the destination causes downloadable interfaces to resources at the destination to be modified
`such that at least one attempted operation of the executable code is diverted to the mobile
`protection code.
`
`21. (Original; Not Rejected) A processor-based system for computer security, the system
`compnsmg:
`
`4
`
`12
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 14 of 124
`
`receiving means for receiving, at an information re-communicator of a computer, downloadable(cid:173)
`information, including executable code; and
`
`mobile code means communicatively coupled to the receiving means for causing, by the
`computer, mobile protection code to be executed by a mobile code executor at a downloadable(cid:173)
`information destination such that one or more operations of the executable code at the
`destination, if attempted, will be processed by the mobile protection code.
`
`22. (Original; Not Rejected) The system of claim 21, wherein the mobile code executor is a
`Java Virtual Machine.
`
`23. (Original; Not Rejected) The system of claim 21, wherein the mobile code executor is an
`operating system, running native code executables.
`
`24. (Original; Not Rejected) The system of claim 21, wherein the mobile code executor is a
`subsystem of the windows operating system.
`
`25. (Original; Not Rejected) The system of claim 21, wherein the mobile code executor is a
`scripting host.
`
`26. (Original; Not Rejected) The system of claim 21, wherein there-communicator is at least
`one of a firewall and a network server.
`
`27. (Original; Not Rejected) The system of claim 21, wherein executing the mobile protection
`code at the destination causes downloadable interfaces to resources at the destination to be
`modified such that at least one attempted operation of the executable code is diverted to the
`mobile protection code.
`
`28. (Original; Rejected) A processor-based method, comprising:
`
`receiving a sandboxed package that includes mobile protection code ("MPC") and a
`Downloadable and one or more protection policies at a computer at a Downloadable-destination;
`
`causing, by the MPC on the computer, one or more operations attempted by the Downloadable to
`be received by the MPC;
`
`receiving, by the MPC on the computer, an attempted operation of the Downloadable; and
`
`5
`
`13
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 15 of 124
`
`initiating, by the MPC on the computer, a protection policy corresponding to the attempted
`operation.
`
`29. (Original; Rejected) The method of claim 28, wherein the sandboxed package is configured
`such that the MPC is executed first, the Downloadable is executed by the MPC and the
`protection policies are accessible to the MPC.
`
`30. (Original; Rejected) The method of claim 28, wherein the causing comprises modifying, by
`the MPC, interfaces of a corresponding downloadable to resources at the destination.
`
`31. (Original; Rejected) The method of claim 30, wherein the modifying is accomplished by
`initiating a loading of the Downloadable, thereby causing a mobile code executor to provide and
`initialize the interfaces, modifying one or more interface elements to divert corresponding
`attempted Downloadable operations to the MPC, and initiating execution of the Downloadable.
`
`32. (Original; Rejected) The method of claim 30, wherein the interfaces comprise an import
`address table ("IAT") of a native code executable downloadable.
`
`33. (Original; Rejected) The method of claim 30, wherein modifying the interfaces installs a
`filter-driver between the downloadable and the resources.
`
`34. (Original; Not Rejected) A processor-based system for computer security, the system
`compnsmg:
`
`a mobile code executor on a computer for initiating received mobile code; and
`
`a sandboxed package capable of being received and initiated by the mobile code executor on the
`computer, the sandboxed package including a Downloadable and mobile protection code
`("MPC") for causing one or more Downloadable operations to be intercepted by the computer
`and for processing the intercepted operations by the computer, if the Downloadable attempts to
`initiate the operations.
`
`35. (Original; Not Rejected) The system of claim 34, wherein the MPC comprises:
`
`an MPC installer for causing MPC elements to be installed;
`
`6
`
`14
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 16 of 124
`
`a Downloadable installer communicatively coupled to the MPC installer for installing the
`Downloadable;
`
`a resource access diverter communicatively coupled to the MPC installer for causing the
`Downloadable operations to be intercepted;
`
`a resource access analyzer communicatively coupled to the MPC installer for receiving an
`intercepted Downloadable operation and determining a protection policy corresponding to the
`intercepted Downloadable operation; and
`
`a policy enforcer communicatively coupled to the resource access analyzer for processing the
`intercepted Downloadable operation.
`
`36. (Original; Not Rejected) The system of claim 35, wherein the resource access diverter
`modifies one or more elements of an interface usable by the Downloadable to effectuate the
`Downloadable operations.
`
`37. (Original; Not Rejected) The system of claim 35, wherein the mobile code-executor is a
`Java Virtual Machine.
`
`38. (Original; Not Rejected) The system of claim 35, wherein the mobile code executor is an
`operating system, running native code executables.
`
`39. (Original; Not Rejected) The system of claim 35, wherein the mobile code executor is a
`subsystem of the operating system.
`
`40. (Original; Not Rejected) The system of claim 35, wherein the mobile code executor is a
`scripting host.
`
`41. (Original; Not Rejected) A processor-based system for computer security, the system
`compnsmg:
`
`receiving means for receiving a sandboxed package that includes mobile protection code
`("MPC") and a Downloadable and one or more protection policies at a Downloadable(cid:173)
`destination;
`
`monitoring means for causing, by the MPC, one or more operations attempted by the
`Downloadable to be received by the MPC;
`
`7
`
`15
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 17 of 124
`
`second receiving means receiving, by the MPC, an attempted operation of the Downloadable;
`and
`
`initiating means for initiating, by the MPC, a protection policy corresponding to the attempted
`operation.
`
`42. (NEW) A computer processor-based method, comprising:
`
`receiving, by a computer, multiple instances of downloadable-information, wherein at least one
`of the multiple instances of downloadable-information includes non-executable information, at
`least one of the multiple instances of downloadable-information includes executable information
`and at least one of the multiple instances of downloadable-information includes a combination of
`non-executable and executable code portions;
`
`determining, by the computer, whether each of the multiple instances of downloadable(cid:173)
`information includes executable code; and
`
`based upon the determination, transmitting from the computer mobile protection code to at least
`one information-destination of each instance of downloadable-information that is determined to
`include executable information and each instance of downloadable information that is
`determined to include a combination of non-executable and executable code portions.
`
`43. (NEW) A computer processor-based method, comprising:
`
`receiving, by a server, multiple instances of downloadable-information, wherein at least one of
`the multiple instances of downloadable-information includes non-executable information, at least
`one of the multiple instances of downloadable-information includes executable information and
`at least one of the multiple instances of downloadable-information includes a combination of
`non-executable and executable code portions;
`
`detecting, by a code detector associated with the server, whether each of the multiple instances of
`downloadable-information includes executable code; and
`
`if executable code is detected, transmitting from the server mobile protection code to at least one
`information-destination of each instance of downloadable-information that is determined to
`include executable information and each instance of downloadable information that is
`determined to include a combination of non-executable and executable code portions.
`
`44. (NEW) A computer processor-based method, comprising:
`
`receiving, by a computer, downloadable-information;
`
`determining, by the computer, whether the downloadable-information includes executable code;
`and
`
`8
`
`16
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 18 of 124
`
`based upon the determination, transmitting from the computer mobile protection code and the
`downloadable-information to at least one information-destination of the downloadable(cid:173)
`information, if the downloadable-information is determined to include executable code and
`transmitting the downloadable-information without the mobile protection code if the
`downloadable-information is determined not to include executable code.
`
`45. (NEW) A computer processor-based method, comprising:
`
`receiving, by a server, downloadable-information;
`
`detecting, by a code detector associated with the server, whether the downloadable-information
`includes executable code; and
`
`if executable code is detected, transmitting from the server mobile protection code and the
`downloadable-information to at least one information -destination of the downloadable(cid:173)
`information.
`
`46. (NEW) A computer processor-based method, comprising:
`
`receiving, by a computer, downloadable-information;
`
`determining, by a code detector associated with the computer, whether any portion of the
`downloadable-information is executable code; and
`
`if executable code is detected, transmitting from the computer mobile protection code and the
`downloadable-information to at least one information -destination of the downloadable(cid:173)
`information.
`
`47. (NEW) A computer processor-based method, comprising:
`
`receiving, by a computer, downloadable-information;
`
`determining, by a content inspection engine associated with the computer, whether the
`downloadable-information includes executable code, wherein determining whether the
`downloadable-information includes executable code includes analyzing downloadable(cid:173)
`information for operations to be executed on a computer; and
`
`based upon the determination, transmitting from the computer mobile protection code to at least
`one information-destination of the downloadable-information, if the downloadable-information
`is determined to include executable code.
`
`48. (NEW) A computer processor-based system for computer security, the system comprising:
`
`an information monitor for receiving downloadable-information by a computer;
`
`9
`
`17
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 19 of 124
`
`a content inspection engine communicatively coupled to the information monitor for
`determining, by the computer, whether the downloadable-information includes executable code,
`wherein determining if downloadable information includes executable code includes analyzing
`the downloadable information for operations to be executed on a computer; and
`
`a protection agent engine communicatively coupled to the content inspection engine for causing
`mobile protection code ("MPC") to be communicated by the computer to at least one
`information-destination of the downloadable-information, if the downloadable-information is
`determined to include executable code.
`
`49. (NEW) The computer processor-based system of claim 48, wherein the content of the
`downloadable information is analyzed for one or more of binary information and a pattern
`indicative of executable code.
`
`50. (NEW) A computer processor-based system for computer security, the system comprising:
`
`a server for receiving downloadable-information;
`
`a code detector associated with the server for detecting whether the downloadable-information
`includes executable code; and
`
`if executable code is detected, transmitting from the server mobile protection code and the
`downloadable-information to at least one information -destination of the downloadable(cid:173)
`information.
`
`51. (NEW) A computer processor-based system, comprising:
`
`a computer for receiving downloadable-information;
`
`a code detector associated with the computer for determining whether any portion of the
`downloadable-information is executable code; and
`
`if executable code is detected, transmitting from the computer mobile protection code and the
`downloadable-information to at least one information -destination of the downloadable(cid:173)
`information.
`
`52. (NEW) A computer processor-based system, comprising:
`
`a computer for receiving downloadable-information;
`
`a content inspection engine associated with the computer for determining whether the
`downloadable-information includes executable code, wherein determining whether the
`downloadable-information includes executable code includes analyzing the downloadable(cid:173)
`information for operations to be executed on a computer; and
`
`10
`
`18
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 20 of 124
`
`based upon the determination, transmitting from the computer mobile protection code to at least
`one information-destination of the downloadable-information, if the downloadable-information
`is determined to include executable code.
`
`11
`
`19
`
`

`

`Case 3:17-cv-05659-WHA Document 182-6 Filed 08/20/18 Page 21 of 124
`
`I.
`
`OVERVIEW
`
`REMARKS
`
`This Reexamination concerns three prior art references, two of which are cited in the
`
`specification ofU.S. Patent No. 7,647,633 ("the '633 Patent) and were considered during a
`
`thorough examination by Examiner Christopher Revak. Requester's allegation of a substantial
`
`new question of patentability improperly presents the same question about the same previously
`
`considered prior art and, as such, should be rejected.
`
`One important aspect of the claimed invention is that it includes a step of determining
`
`whether the downloadable-information includes executable code. The prior art does not
`
`determine whether anything is executable. Ji, which is one of the references cited and
`
`distinguished in the specification of the '633 Patent, simply discloses a scanning system that is
`
`only configured to scan known applets for potential maliciousness and does not determine
`
`whether a Downloadable contains executable code. In fact, Ji specifically teaches that it does not
`
`scan non-applets. Liu is concerned with protecting a remote sever, not a client, and replacing
`
`Java class names so that its remote server can generate webpages with modified content. Like Ji,
`
`Liu does not determine whether a Downloadable includes executable code.
`
`Additionally, the prior art does not disclose receiving a sandboxed package. Ji discloses
`
`receiving a JAR archive file. A JAR archive file is a compressed file containing other files, like
`
`a zip file, and is not a sandboxed package. The secondary reference Golan, also cited and
`
`distinguished in the specification of the '633 Patent, fails to address Ji's sandboxed package
`
`deficiency as Golan's security monitor exists within a monitored web browser on a client
`
`computer and is never transmitted nor received. Moreover, a combination of Ji and Golan would
`
`yield inoperable results because the monitoring package of Ji would not function with the
`
`security monitor that exists within Golan's monitored web browser.
`
`For these and further reasons discussed below, this ex parte reexamination proceeding is
`
`now in condition for confirming the patentability of all of the original claims of the '633 Patent.
`
`II.
`
`STATUS
`
`A.
`
`Status of Specification
`
`The amendments to the specification are submitted in conjunction with Patent Owner's
`
`