UNITED STATES PATENT AND TRADEMARK OFFICE
`
`___________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`___________________
`
`
`SYMANTEC CORPORATION
`Petitioner
`
`
`v.
`
`
`THE TRUSTEES OF COLUMBIA UNIVERSITY
` IN THE CITY OF NEW YORK
`Patent Owner
`
`___________________
`
`CASE IPR2015-00375
`Patent 8,074,115
`___________________
`
`
`
`DECLARATION OF GEORGE CYBENKO, Ph.D. IN SUPPORT OF
`COLUMBIA’S PATENT OWNER RESPONSE
`
`
`
`
`
`
`
`
`
`Mail Stop “PATENT BOARD”
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`Columbia Ex 2030-1
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`I. 
`
`II. 
`
`TABLE OF CONTENTS
`
`Page
`
`Introduction ............................................................................................ 1 
`
`Basis Of Opinion .................................................................................... 1 
`
`A.  Qualifications And Background ................................................... 1 
`
`B.  Materials Considered ................................................................... 3 
`
`III.  Legal Standards ...................................................................................... 4 
`
`A. 
`
`B. 
`
`C. 
`
`D. 
`
`Standard Of Proof ........................................................................ 4 
`
`Scope Of Prior Art ....................................................................... 4 
`
`The Anticipation Inquiry .............................................................. 5 
`
`The Obviousness Inquiry ............................................................. 6 
`
`IV.  Level Of Ordinary Skill In The Art ........................................................ 8 
`
`V. 
`
`The Invention Of The ’115 Patent ........................................................ 12 
`
`VI.  Background On Symantec’s Cited Prior Art ........................................ 15 
`
`A.  Khazan ........................................................................................ 15 
`
`1. 
`
`2. 
`
`3. 
`
`4. 
`
`Khazan Uses Static Analysis To Construct A
`Simple List Of Function Calls And Related
`Information ...................................................................... 16 
`
`Khazan Uses Dynamic Analysis To Verify
`Function Calls .................................................................. 21 
`
`Khazan Distinguishes Itself From Anomaly
`Detection .......................................................................... 23 
`
`Khazan Teaches Tracking Only Predetermined
`DLL Function Calls ......................................................... 24 
`
`B. 
`
`C. 
`
`Arnold ......................................................................................... 26 
`
`Agrawal ...................................................................................... 31 
`
`
`
`
`- ii -
`
`
`
`Columbia Ex 2030-2
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`1. 
`
`2. 
`
`Agrawal’s Detection Algorithms ..................................... 31 
`
`Agrawal’s Usage Of Its Detection Algorithms................ 35 
`
`3.  Many of Agrawal’s Models Are Statistical Models
`That Are Created Using Machine Learning .................... 39 
`
`4. 
`
`Agrawal’s Markov Process Models ................................. 41 
`
`VII.  Ground 1: Khazan Does Not Anticipate Claims 22, 25, 27,-29,
`32, 35-39 or 42 ..................................................................................... 43 
`
`A.  Khazan Does Not Disclose Identifying A Function Call
`As Anomalous ............................................................................ 43 
`
`1. 
`
`2. 
`
`Khazan Does Not Disclose “A Model of Typical
`Computer System Usage” ................................................ 43 
`
`Khazan Does Not Disclose Identifying A
`“Deviation From A Model” ............................................. 46 
`
`B. 
`
`Khazan Does Not Disclose “Modifying A Program To
`Include Indicators Of Program-Level Function Calls” .............. 52 
`
`1. 
`
`2. 
`
`Khazan Does Not Teach That The Program
`Application Itself Is Modified ......................................... 53 
`
`Khazan Does Not Disclose Indicators Of Which
`Of The Program’s Internal Functions Are Being
`Called ............................................................................... 58 
`
`C. 
`
`Khazan Does Not Disclose A “Model Of Function Calls” ........ 60 
`
`D.  Khazan Does Not Disclose An “Emulator” ............................... 65 
`
`E. 
`
`F. 
`
`Khazan Does Not Disclose “The Model Reflects Normal
`Activity” ..................................................................................... 75 
`
`Khazan Does Not Disclose “The Model Reflects Attacks
`Against The At Least A Part Of The Program,” Nor
`Would It Be Obvious To Modify Khazan To Include This
`Limitation ................................................................................... 77 
`
`
`
`
`- iii -
`
`
`
`Columbia Ex 2030-3
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`VIII.  Ground 2: Claims 1, 4-8, 11, 14-18, 21, Or 26 Are Not Obvious
`Under The Combination Of Khazan And Arnold ................................ 79 
`
`A. 
`
`B. 
`
`The Combination Of Khazan And Arnold Does Not
`Render Obvious An “Application Community” ........................ 79 
`
`The Combination Of Khazan And Arnold Does Not
`Render Obvious “Upon Identifying The Anomalous
`Function Call,” Notifying Any Computer “Of The
`Anomalous Function Call” ......................................................... 84 
`
`IX.  Ground 3: Claims 2-3, 9-10, 12-13, 19-20, 23-24, 30-31, 33-34,
`Or 40-41 Are Not Obvious Under The Combination Of Khazan,
`Arnold, And Agrawal ........................................................................... 93 
`
`A. 
`
`The Combination Of Khazan, Arnold, And Agrawal
`Does Not Disclose “Randomly Selecting The Model As
`To Be Used In The Comparison From A Plurality Of
`Different Models Relating To The Program” ............................ 93 
`
`1. 
`
`2. 
`
`3. 
`
`4. 
`
`5. 
`
`A Markov Process Model Is Not Random ....................... 93 
`
`Agrawal Does Not Teach Using A Markov Model
`To Select Which Model Is Used ...................................... 95 
`
`A POSITA Would Not Have Modified Khazan To
`Incorporate Random Selection Of Models ...................... 97 
`
`Dr. Goodrich’s New Arguments Raised For The
`First Time At Deposition Are Not Accurate ................... 99 
`
`Sobel Does Not Suggest Random Selection Of
`Models............................................................................ 103 
`
`B. 
`
`C. 
`
`The Combination of Khazan, Arnold, and Agrawal Does
`Not Disclose “Randomly Selecting A Portion Of The
`Model To Be Used In The Comparison” ................................. 104 
`
`The Combination Of Khazan, Arnold, And Agrawal
`Does Not Disclose “Creating A Combined Model From
`At Least Two Models Created Using Different
`Computers” .............................................................................. 106 
`
`
`
`
`- iv -
`
`
`
`Columbia Ex 2030-4
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`
`
`
`1. 
`
`2. 
`
`Agrawal Does Not Render This Limitation
`Obvious .......................................................................... 106 
`
`A Combination Of Khazan, Arnold, and Agrawal
`Would Not Include The Limitation ............................... 109 
`
`D. 
`
`The Combination Of Khazan, Arnold, And Agrawal
`Does Not Disclose “Creating A Combined Model From
`At Least Two Models Created At Different Times” ................ 111 
`
`1. 
`
`2. 
`
`Agrawal Does Not Render This Limitation
`Obvious .......................................................................... 111 
`
`A Combination Of Khazan, Arnold, and Agrawal
`Would Not Include The Limitation ............................... 115 
`
`Khazan, Arnold, and Agrawal May Not Be Combined to
`Render the Challenged Claims Obvious .................................. 118 
`
`E. 
`
`
`
`- v -
`
`
`
`Columbia Ex 2030-5
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`I.
`
`Introduction
`1. My name is Dr. George Cybenko. I have been asked by Columbia
`
`to assess the Petition for Inter Partes Review of U.S. Patent No. 8,074,115
`
`(IPR2015-00375) filed by Symantec Corporation (“Symantec”), and in
`
`particular the patentability of claims 1-42 of U.S. Patent No. 8,074,115 (the
`
`“’115 patent”) over various combinations of Khazan, Arnold, and Agrawal.
`
`II. Basis Of Opinion
`A. Qualifications And Background
`2.
`I am currently the Dorothy and Walter Gramm Professor of
`
`Engineering at Dartmouth College in Hanover, New Hampshire. I have been a
`
`professor at Dartmouth since 1992. My primary research interests include
`
`machine learning of processes, insider threat analysis, and computational
`
`behavior analysis.
`
`3.
`
`I graduated from the University of Toronto in 1974 with a B.Sc. in
`
`mathematics, and in 1978 received a Ph.D. in Electrical Engineering, Computer
`
`Science and Applied Mathematics from Princeton University.
`
`4.
`
`After completing my Ph.D., I served as a Visiting Scientist at MIT
`
`and Stanford University. In 1978, I joined Tufts University as Assistant
`
`Professor, and become an Associate Professor in 1984. I served as Founding
`
`Chairman of the Department of Computer Science in 1985-1986.
`
`
`
`
`
`
`
`
`Columbia Ex 2030-6
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`5.
`
`In 1988, I joined the University of Illinois at Urbana-Champaign,
`
`where I served as the Associate Director of the Center for Supercomputing
`
`Research and Development and Professor of Electrical and Computer
`
`Engineering.
`
`6.
`
`In total, I have over 35 years of experience working and
`
`researching in the fields of computer software and computer security.
`
`7.
`
`I have been a Fellow of the IEEE1 since 2000, for “contributions
`
`to algorithms and theory of artificial neural networks in signal processing, and
`
`to theory and systems software for distributed and parallel computing.”
`
`Ex. 2036. My election to IEEE Fellow relates to my work in proving the
`
`universal approximation theorem for artificial neural networks with sigmoid
`
`activation functions.
`
`8.
`
`I am also a member of the U.S. Air Force Scientific Advisory
`
`Board, where I advise the Air Force on matters such as computer security. I
`
`presently serve on the U.S. Army Cyber Institute’s Advisory Board. I was the
`
`Founding Editor-in-Chief of IEEE Security & Privacy from 2002-2006, and I
`
`have served as an editor and advisor for numerous groups between 1990 and
`
`
`1 The total number of IEEE Fellow selected in any one year does not
`
`exceed 0.1% of the total voting IEEE membership. Ex. 2037 (available from
`
`http://www.ieee.org/membership_services/membership/fellows/index.html).
`
`
`
`
`- 2 -
`
`
`
`Columbia Ex 2030-7
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`present on the general subject of computer security. I have over 200
`
`publications on numerous topics including machine learning, distributed
`
`anomaly detection systems, intrusion detection systems and network and
`
`operating systems auditing.
`
`9. My current research interests include distributed information,
`
`control systems, and signal processing, with a focus on applications to
`
`computer security and infrastructure protection. I have authored or co-
`
`authored numerous publications relating to machine learning (see, e.g.,
`
`Ex. 2034 at 9 n.65; id. at 7 n.37) and emulation (see, e.g., Ex. 2034 at 15
`
`n.166).
`
`10. Further details regarding my experience can be found in my
`
`curriculum vitae, attached as Exhibit 2034. My CV also includes a list of
`
`additional selected publications.
`
`B. Materials Considered
`11.
`I was asked to evaluate issues relating to whether claims 1-42 of
`
`the ’115 patent are patentable under 35 U.S.C. §§ 102 and 103 over various
`
`combinations of Khazan, Arnold, and Agrawal. As part of my work, I
`
`reviewed Khazan, Arnold, Agrawal, the ’115 patent, the ’115 patent’s
`
`prosecution history (including the provisional application), the materials
`
`discussed herein, and the materials cited in the Petition, the Patent Owner’s
`
`
`
`
`- 3 -
`
`
`
`Columbia Ex 2030-8
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`Preliminary Response, and the Patent Owner’s Response. I also spoke with
`
`Scott Lewandowski, one of the named inventors on the Khazan reference.
`
`12. My opinions and the bases for my opinions are contained in the
`
`remainder of this declaration. If called as a witness in this matter in connection
`
`with this declaration, I can testify to the opinions and the basis contained
`
`herein.
`
`III. Legal Standards
`13.
`I have been advised by counsel about some of the legal principles
`
`pertinent to an analysis of United States patent validity-related issues, as
`
`summarized below. I have conducted my analysis in accordance with these
`
`principles.
`
`A.
`14.
`
`Standard Of Proof
`In an inter partes review, a claim’s patentability is evaluated on a
`
`preponderance of the evidence—i.e., a “more likely than not”—standard.
`
`B.
`Scope Of Prior Art
`15. The scope of the prior art has been defined as that “reasonably
`
`pertinent to the particular problem with which the inventor was involved.” A
`
`reference qualifies as prior art only when it is analogous to the claimed
`
`invention.
`
`16. To ascertain the scope of the prior art, one examines the field of
`
`the inventor’s endeavor, and the particular problem with which the inventor
`
`
`
`
`- 4 -
`
`
`
`Columbia Ex 2030-9
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`was involved. Two separate tests define the scope of analogous prior art:
`
`(1) whether the art is from the same field of endeavor, regardless of the
`
`problem addressed, and (2) if the reference is not within the field of the
`
`inventor’s endeavor, whether the reference still is reasonably pertinent to the
`
`particular problem with which the inventor is involved. The purposes of both
`
`the invention and the prior art are important in determining whether the
`
`reference is reasonably pertinent to the problem the invention attempts to solve.
`
`C. The Anticipation Inquiry
`17. For a reference to anticipate a claim, the reference must disclose
`
`each and every element of the claim within the four corners of the reference,
`
`arranged or combined in the same way as the claim. I am informed that any
`
`differences between the prior art reference and the claim elements of the
`
`invention prevent anticipation.
`
`18.
`
`I understand that a reference can disclose an element either
`
`expressly or inherently. I am informed that anticipation by inherent disclosure
`
`is appropriate only when the reference discloses prior art that must necessarily
`
`include the unstated limitation. I understand that it is insufficient to show
`
`anticipation by inherency by merely establishing that one of ordinary skill in
`
`the art understands that a prior art reference may possibly or probably disclose,
`
`or suggest, a feature.
`
`
`
`
`- 5 -
`
`
`
`Columbia Ex 2030-10
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`19. For a reference to anticipate, it must be enabling—that is, it must
`
`enable a person of ordinary skill in the art to make or use the invention without
`
`undue experimentation. I understand that determination of whether the
`
`requisite amount of experimentation is undue may include consideration of
`
`(1) the quantity of experimentation necessary, (2) the amount of direction of
`
`guidance presented, (3) the presence of absence of working examples, (4) the
`
`nature of the invention, (5) the state of the prior art, (6) the relative skill of
`
`those in the art, (7) the predictability or unpredictability of the art, and (8) the
`
`breadth of the claims.
`
`D. The Obviousness Inquiry
`20. The following factors should be considered
`
`in analyzing
`
`obviousness: (1) the scope and content of the prior art, (2) the difference
`
`between the prior art and the claims, (3) the level of ordinary skill in the
`
`pertinent art, and (4) the objective evidence of non-obviousness.
`
`21. A claim is not rendered obvious by a combination of references if
`
`a person of ordinary skill in the relevant field would not have combined the
`
`elements in the way the claimed invention does, such as when they would not
`
`have had a reasonable expectation of success in doing so at the time of the
`
`claimed invention, or when the references or the state of the knowledge teach
`
`away from the combination. I understand that the test for whether combined
`
`
`
`
`- 6 -
`
`
`
`Columbia Ex 2030-11
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`teachings of references render a claim obvious is what the combined teachings
`
`of those references would have suggested to those of ordinary skill in the art.
`
`22.
`
`In determining the differences between the prior art and the
`
`claims, the question under the obviousness inquiry is not whether the
`
`differences themselves would have been obvious, but whether the claimed
`
`invention as a whole would have been obvious. I am also informed that in
`
`conducting the obviousness analysis, one should take into consideration the
`
`predictability of the relevant field as well as the number of identifiable and
`
`predictable solutions. I am informed that a predictable solution refers not only
`
`to the expectation that prior art elements are capable of being physically
`
`combined, but also that the combination would have worked for its intended
`
`purpose. I am informed that whether an art is predictable or unpredictable
`
`turns on, for example, the degree of predictability of technical variations in this
`
`field of art, such as the unpredictability in performance of certain species or
`
`subcombinations other than those specifically enumerated.
`
`23.
`
`I understand that a patent claim may be obvious if it would have
`
`been “obvious to try.” However, for a claim to be obvious under this rationale,
`
`there must have been a recognized problem or need in the prior art and a finite
`
`number of identified, predictable potential solutions to the recognized need.
`
`Obvious-to-try, however, is insufficient, when what was allegedly “obvious to
`
`try” was to explore a new technology or general approach that seemed to be a
`
`
`
`
`- 7 -
`
`
`
`Columbia Ex 2030-12
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`promising field of experimentation, where the prior art gave only general
`
`guidance as to the particular form of the claimed invention or how to achieve
`
`it. Nor is obvious to try sufficient to justify a finding of obviousness where
`
`what would have been “obvious to try” would have been to vary all parameters
`
`or try each of numerous possible choices until one possibly arrived at a
`
`successful result, where the prior art gave either no indication of which
`
`parameters were critical or no direction as to which of many possible choices is
`
`likely to be successful. Additionally, a person of ordinary skill must have been
`
`able to pursue the known potential solutions with a reasonable expectation of
`
`success. See MPEP § 2143.E.
`
`IV. Level Of Ordinary Skill In The Art
`24.
`I understand that the obviousness analysis, including claim
`
`construction, must be performed from the perspective of a person having
`
`ordinary skill in the art at the time of the invention. For purposes of this
`
`analysis, I use the level of ordinary skill in the art as of October 25, 2005,
`
`which is the date of the earliest provisional application to which the ’115 patent
`
`claims priority. My opinion would not change if the date of the invention were
`
`determined to be October 25, 2006, the date of the filing of the application.
`
`25.
`
`I understand that factors to consider in determining the level of
`
`ordinary skill in the art may include the education level of the inventors, the
`
`type of problems encountered in the art, prior art solutions to those problems,
`
`
`
`
`- 8 -
`
`
`
`Columbia Ex 2030-13
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`rapidity with which innovations are made, sophistication of the technology, and
`
`educational level of active workers in the field.
`
`26.
`
`In my opinion, the level of ordinary skill in the art of the
`
`’115 patent as of October 25, 2005 is a person with an undergraduate degree in
`
`computer science or mathematics, and one or two years of experience in the
`
`field of computer security (or an equivalent combination of experience and
`
`education). This level of skill corresponds to the level of active workers in the
`
`field of computer security. First, in the academic context, a person with this
`
`level of experience could be entering the research phase of their PhD, during
`
`which they would design security systems as part of their research. Second, in
`
`the commercial environment, a person with this level of experience would be
`
`working with a team of people to make design decisions for security systems.
`
`27.
`
`I consider myself to be of at least ordinary skill in the art, both
`
`now and at the effective filing date of the ’115 patent.
`
`28.
`
`I understand that Dr. Goodrich contends that the level of ordinary
`
`skill in the field “is a person with a Master’s degree in computer science or a
`
`related field with two to three years of experience in the field of software
`
`security systems.” That level of ordinary skill would have been greater than
`
`many workers in the field who were actively contributing to computer security
`
`systems. Although I disagree with Dr. Goodrich’s proposed level of ordinary
`
`
`
`
`- 9 -
`
`
`
`Columbia Ex 2030-14
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`skill, my conclusions regarding claim construction and validity would be the
`
`same regardless of which level of skill is adopted.
`
`29.
`
`I understand that Dr. Goodrich has pointed specifically to the
`
`formula at 4:58-62 of the ’115 patent as the basis for his opinion on the level of
`
`skill in the art. Ex. 2029 at 254:16-255:6 (“This equation is wrong at line
`
`60. . . . The correction can be found in a paper that’s cited in this patent by
`
`Friedman and Singer, but again, it’s including a . . . function that’s the gamma
`
`function that is not normally taught to undergrads.”); 260:2-8 (“It would
`
`require that level to realize now you need to go digging through all these
`
`references hopefully to finally find this one by Friedman and Singer that then is
`
`going to inform you what would be the correct way to understand this formula,
`
`and the paper by Friedman and Singer is quite advanced as well.”). I disagree
`
`with Dr. Goodrich for several reasons. First, the gamma function shown in that
`
`formula is commonly taught to undergraduate students and is not unduly
`
`complicated. For example, I am aware of the textbook Sheldon Ross, A First
`
`Course in Probability, Prentice Hall, Sixth Edition, 2002, which is commonly
`
`taught to undergraduate students. That textbook contains a description of the
`
`gamma function. Ex. 2050. Second, the paper by Friedman and Singer
`
`mentioned in the patent that contains the corrected formula is also not unduly
`
`complicated. For example, the paper itself notes that it is directed to the
`
`problem of “multinomial estimation,” which is one of “the basic building
`
`
`
`
`- 10 -
`
`
`
`Columbia Ex 2030-15
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`blocks in more complex statistical models.” Ex. 2051 at 417. It is true that the
`
`paper contains numerous mathematical formulas, but the formulas relate to
`
`foundational aspects of Bayesian statistics, which is widely used in the
`
`machine learning field. Third, immediately following the formula, the patent
`
`itself discloses that “Because this computation of C can be time consuming, C
`
`can also be calculated by” an alternative formula. Ex. 1001 at 4:66-5:5. A
`
`person with only an undergraduate degree in computer science or mathematics
`
`and one to two years of experience in the field of computer security would
`
`have no difficulty being directed to, and using, the alternative formula. Fourth,
`
`the corrected formula is also available in the provisional application. See Ex.
`
`2028 at 31. I understand that a POSITA for a particular patent is assumed to
`
`have read the patent itself, including the provisional application. Therefore, the
`
`POSITA would have been exposed to the correct formula in the provisional
`
`application and would have no difficulty correcting the formula in the patent.
`
`Fifth, I disagree that this formula is material to the level of skill needed to
`
`understand the patent. Both as a matter of quantity (one formula out of many
`
`pages) and contextual importance (the formula is only relevant to one
`
`exemplary embodiment), the error in the formula is not enough, by itself, to
`
`elevate the level of ordinary skill from the one proposed by me to the one
`
`proposed by Dr. Goodrich.
`
`
`
`
`- 11 -
`
`
`
`Columbia Ex 2030-16
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`V. The Invention Of The ’115 Patent
`30. The ’115 patent discloses significant innovations in anomaly
`
`detection for computer security. See Ex. 1001 at 1:18-19. The patent describes
`
`the use of statistical machine-learning models that can be used to detect
`
`anomalous program executions. Id. at 3:7-19. These models may be created on
`
`different computers or at different times in order to improve their effectiveness.
`
`See id. at 8:9-49. The ’115 patent also teaches methods to capture, isolate, and
`
`repair the harm caused by any detected anomalies, and to notify the
`
`application community of specific information regarding anomalous functions.
`
`See id. at 3:28-4:5, 18:44-62.
`
`31. The ’115 patent makes the important recognition that function
`
`calls made by running programs can be indicative of intrusions or attacks. Id.
`
`at 3:28-56; 3:64-4:5 (“[T]he application of an anomaly detector to function
`
`calls can enable rapid detection of malicious program executions, such that it is
`
`possible to mitigate against such faults or attacks (e.g., by using patch
`
`generation systems, or content filtering signature generation systems).”).
`
`32. Each claim of the ’115 patent requires a “model of function calls.”
`
`The specification teaches that this model of function calls is developed using a
`
`learning algorithm with a training phase to develop a statistical profile of
`
`function calls – the claimed “model of function calls.” For example, the patent
`
`teaches that “in a first phase, an anomaly detector models normal program
`
`
`
`
`- 12 -
`
`
`
`Columbia Ex 2030-17
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`execution stack behavior,” and that in a second phase, “after a model has been
`
`computed, the anomaly detector can detect stacked function references as
`
`anomalous by comparing those references [] to the model based on the
`
`training data.” Id. at 3:50-56. The ’115 patent provides two examples of
`
`algorithms that can be used to generate the model, both of which are machine-
`
`learning algorithms based upon training data. See, e.g., id. at 4:9-10 (“A
`
`probabilistic anomaly detection (PAD) algorithm can be used to train a model
`
`for detecting anomalies.”)2; id. at 5:8-13 (“Another approach that may be used
`
`instead of PAD for model generation and anomaly detection is a one class
`
`SVM (OCSVM) algorithm. The OCSVM algorithm can be used to . . . find the
`
`maximal margin hyperplane which best separates the training data from the
`
`origin.”); Ex. 2029 at 31:13-22 (explaining that both PAD and OCSVM
`
`algorithms are machine-learning algorithms).
`
`33. Both of these algorithms rely on statistics of the training data, and
`
`they both compute results that relate to the probability that a subsequent
`
`observation is anomalous. See Ex. 1001 at 4:10-14 (explaining that PAD
`
`“allows the definition of anomalies as data elements that occur with low
`
`probability); Ex. 2035 at 232 (explaining a technique to calculate the
`
`
`2 Within this declaration, all emphasis is added unless otherwise noted.
`
`
`
`
`- 13 -
`
`
`
`Columbia Ex 2030-18
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`probability that a “normal” data point will be incorrectly classified as
`
`anomalous according to an OCSVM system).
`
`34. The ’115 further teaches that the model must be trained on
`
`sufficient data so that its insights have sufficient statistical reliability:
`
`It is noted that a single application instance may have to be run
`many times (e.g., thousands of times) in order to compute an
`application profile or model. However, distributed sensor whose
`data is correlated among many (e.g., a thousand) application
`community members can be used to compute a substantially
`accurate code profile in a relatively short amount of time. This
`time may be viewed as a “training period” to create the code map.
`
`Id. at 7:50-57. In order to train the model of function calls, there must be an
`
`“acquisition of statistics” of function calls. Id. at 6:43-47. For instance, the
`
`training phase may collect information about stack frames or arguments
`
`associated with a function call, by repeatedly running a program and gathering
`
`information from the context of its function calls. Id. at 3:37-45.
`
`35. After the model of function calls is created using the training
`
`phase, the model can identify anomalous function calls within a running
`
`program in a second phase. Id. at 3:52-56. This detection phase is conducted
`
`using an emulator, which allows for “enhanced detection of some types of
`
`attacks,” as well as “enhanced reaction mechanisms.” Id. at 9:35-40, 3:37-45,
`
`3:56-62.
`
`
`
`
`- 14 -
`
`
`
`Columbia Ex 2030-19
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`36. The specification further explains that once an anomalous function
`
`call is detected on one computer, that computer can notify an “application
`
`community” of the anomalous function call. Providing information about the
`
`anomalous function call to members of the application community allows the
`
`notified computers to “isolate the portion of the code that caused the fault.” Id.
`
`at 18:44-62.
`
`37. The ’115 patent teaches additional ways to make the model more
`
`robust to enhance the efficacy of the system. For example, an original model
`
`of function call executions can be combined with other models created at
`
`different times or using different computers. See id. at 8:9-31, 6:31-47
`
`(describing how these combined models allow distribution of computer
`
`workload, and reduce the effects of “concept drift”).
`
`VI. Background On Symantec’s Cited Prior Art
`38.
`I have reviewed all of the prior art cited by Symantec in its
`
`petition, as well as the interpretations of the art by Symantec and Dr. Goodrich.
`
`A. Khazan
`39. U.S. Patent Publication No. 2005/0108562 (“Khazan”) is entitled
`
`“TECHNIQUE FOR DETECTING EXECUTABLE MALICIOUS CODE
`
`USING A COMBINATION OF STATIC AND DYNAMIC ANALYSES” and
`
`was published on May 19, 2005. Khazan lists four inventors: Roger Khazan,
`
`Jesse Rabek, Scott Lewandowski, and Robert Cunningham. It was published
`
`
`
`
`- 15 -
`
`
`
`Columbia Ex 2030-20
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`from U.S. Patent Application No. 10/464,828, which was filed on June 18,
`
`2003.
`
`40. Khazan is directed to detection of “malicious code,” which is
`
`“machine instructions which, when executed, perform an unauthorized function
`
`or task that may be destructive, disruptive, or otherwise cause problems within
`
`the computer system upon which it is executed.” Ex. 1010 at ¶ 5. Malicious
`
`code is not necessarily a standalone program. It may be “injected into a
`
`software application” or “embedded within a software application on disk.” Id.
`
`at ¶¶ 6-7.
`
`1. Khazan Uses Static Analysis To Construct A Simple List
`Of Function Calls And Related Information
`41. Khazan uses “static analysis of a binary form of the application”
`
`to build what it terms a “model.” Ex. 1010 at Abstract. Khazan provides an
`
`explicit definition of static analysis: “Static analysis processing as described
`
`herein may be characterized as identifying information about code by static
`
`examination of code without execution.” Id. at ¶ 43. Static analysis is used to
`
`find a “predetermined location” in the application from which a target routine
`
`executes. Id. at ¶ 11. The static analyzer identifies “the calls that are made to a
`
`set of predetermined target functions, and information related to those calls.”
`
`Id. at ¶ 43. At run time, if the location of the target function does not match the
`
`“predetermined location” that was recorded using static analysis, then the
`
`
`
`
`- 16 -
`
`
`
`Columbia Ex 2030-21
`Symantec v Columbia
`IPR2015-00375
`
`

`
`
`
`application is determined to contain malicious code. Id. The “model” used by
`
`Khazan may identify multiple “locations within said application from which
`
`invocations of the at least one predetermined target routine occur.” Id. at ¶ 12.
`
`42. Khazan’s “model” is “comprised of a list of calls to targets