Patent application number | Description | Published |
20090300266 | IDENTIFICATION OF READ/WRITE CHAINS DURING STATIC ANALYSIS OF COMPUTER SOFTWARE - A system for identifying read/write chains in computer software, including a static analysis engine identifying within computer software logical container accesses, a string analyzer configured to at least partly resolve any variables identifying the logical container in any of the accesses by determining a set of potential values of any of the variables, and a Logical Container Access Virtualization component (LCAV) configured to identify the type and scope of any permutations of the accesses, where each of the permutations is defined by substituting any of the potential values for any of the access variables, and identify any read/write chains within the computer software by matching any of the access permutations that read from the logical container with any of the access permutations that write to the logical container if there is an intersection between the scopes of the read and write access permutations. | 12-03-2009 |
20100050263 | BROWSER BASED METHOD OF ASSESSING WEB APPLICATION VULNERABILITY - A novel and useful mechanism and method for assessing the vulnerability of web applications while browsing the application. As a user interacts with the web application, HTTP requests are sent from the browser to the web server. Each HTTP request is analyzed to determine if its associated elements need testing. Vulnerability assessment tests are sent to the server. Test results are then returned to the browser, where they are analyzed, displayed and/or stored in a log file. | 02-25-2010 |
20100284527 | Importance-Based Call Graph Construction - A system and method for importance-based call graph construction, including a) analyzing a computer software application to identify a plurality of calls within the computer software application, b) assigning an importance value to any of the calls in accordance with a predefined importance rule, c) selecting any of the calls for inclusion in a call graph in accordance with a predefined inclusion rule, d) representing the call in the call graph, e) adjusting the importance value of any call represented in the call graph in accordance with a predefined importance adjustment rule, and f) iteratively performing any of steps a)-e) until a predefined termination condition is met. | 11-11-2010 |
20110087892 | Eliminating False Reports of Security Vulnerabilities when Testing Computer Software - A system for eliminating false reports of security vulnerabilities when testing computer software, including a taint analysis engine configured to identify a tainted variable v in a computer application, a data mapping identification engine configured to identify a variable x within the application that holds data derived from v, where x is in a different format than v, an AddData identification engine configured to identify an AddData operation within the application that is performed on x, a signature identification engine configured to identify a Sign operation within the application that is performed on the results of the AddData operation on x, a signature comparison identification engine configured to identify an operation within the application that compares the results of the Sign operation with another value | 04-14-2011 |
20110131656 | IDENTIFYING SECURITY VULNERABILITY IN COMPUTER SOFTWARE - Identifying a security vulnerability in a computer software application by identifying at least one source in a computer software application, identifying at least one sink in the computer software application, identifying at least one input to any of the sinks, determining whether the input derives its value directly or indirectly from any of the sources, determining a set of possible values for the input, and identifying a security vulnerability where the set of possible values for the input does not match a predefined specification of legal values associated with the sink input. | 06-02-2011 |
20110302566 | FIXING SECURITY VULNERABILITY IN A SOURCE CODE - A computer implemented method for automatically fixing a security vulnerability in a source code is disclosed. The method includes obtaining identification of code that sends tainted data to corresponding sink code in the source code; and automatically fixing the vulnerability by automatically performing code modification which is selected from the group of code modifications consisting of: code motion and code duplication. Also disclosed are computer program product and data processing system. | 12-08-2011 |
20110321016 | INJECTION CONTEXT BASED STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS - Embodiments of the invention generally relate to injection context based static analysis of computer software applications. Embodiments of the invention may include selecting a sink within a computer software application, tracing a character output stream leading to the sink within the computer software application, determining an injection context of the character output stream at the sink, where the injection context is predefined in association with a state of the character output stream at the sink, identifying any actions that have been predefined in association with the identified injection context, and providing a report of the actions. | 12-29-2011 |
20120023486 | Verification of Information-Flow Downgraders - A method includes determining grammar for output of an information-flow downgrader in a software program. The software program directs the output of the information-flow downgrader to a sink. The method includes determining whether the grammar of the output conforms to one or more predetermined specifications of the sink. The method includes, in response to a determination the grammar of the output conforms to the one or more predetermined specifications of the sink, determining the information-flow downgrader is verified for the sink, wherein determining grammar, determining whether the grammar, and determining the information-flow downgrader are performed via static analysis of the software program. Apparatus and computer program products are also disclosed. An apparatus includes a user interface providing a result of whether or not output of an information-flow downgrader in the software program conforms to one or more predetermined specifications of a sink in the software program. | 01-26-2012 |
20120102474 | STATIC ANALYSIS OF CLIENT-SERVER APPLICATIONS USING FRAMEWORK INDEPENDENT SPECIFICATIONS - Systems and methods are provided for statically analyzing a software application that is based on at least one framework. According to the method, source code of the software application and a specification associated with the software application are analyzed. The specification includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework. Based on the source code and the specification, intermediate representations for the source code and the synthetic methods are generated. Based on the intermediate representations and the specification, call graphs are generated to model which application methods of the software application invoke synthetic methods or other application methods of the software application. The software application is statically analyzed based on the call graphs and the intermediate representations so as to generate analysis results for the software application. | 04-26-2012 |
20120110551 | SIMULATING BLACK BOX TEST RESULTS USING INFORMATION FROM WHITE BOX TESTING - Systems, methods are program products for simulating black box test results using information obtained from white box testing, including analyzing computer software (e.g., an application) to identify a potential vulnerability within the computer software application and a plurality of milestones associated with the potential vulnerability, where each of the milestones indicates a location within the computer software application, tracing a path from a first one of the milestones to an entry point into the computer software application, identifying an input to the entry point that would result in a control flow from the entry point and through each of the milestones, describing the potential vulnerability in a description indicating the entry point and the input, and presenting the description via a computer-controlled output medium. | 05-03-2012 |
20120192161 | DISTRIBUTED STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS - A method for distributed static analysis of computer software applications, includes: statically analyzing instructions of a computer software application; identifying at least one entry point in the computer software application; assigning a primary agent to statically analyze the computer software application from the entry point; assigning a secondary agent to statically analyze a call site encountered by the primary agent and produce a static analysis summary of the call site; and presenting results of any of the static analyses via a computer-controlled output device. | 07-26-2012 |
20120198417 | Static Analysis of Computer Software Applications Having A Model-View-Controller Architecture - Preparing a computer software application for static analysis by identifying a control flow within a model portion of a computer software application having a model-view-controller architecture, where the control flow passes a value to a controller portion of the computer software application, analyzing a declarative specification of the controller portion of the computer software application to identify a view to which the controller portion passes control based on the value, and synthesizing a method within the computer software application, where the method calls the view. | 08-02-2012 |
20120215757 | WEB CRAWLING USING STATIC ANALYSIS - A crawler including a document retriever configured to retrieve a first computer-based document, a link identifier configured to identify an actual string within the computer-based document as being a hyperlink-type string, and a static analyzer configured to perform static analysis of an operation on a variable within the first computer-based document to identify a possible string value of the variable as being a hyperlink-type string, where any of the strings indicate a location of at least a second computer-based document. | 08-23-2012 |
20120216177 | Generating Sound and Minimal Security Reports Based on Static Analysis of a Program - A method is disclosed that includes, using a static analysis, analyzing a software program to determine a number of paths from sources accepting information to sinks using that information or a modified version of that information and to determine multiple paths from the number of paths. The determined multiple paths have a same transition from an application portion of the software program to a library portion of the software program and require a same downgrading action to address a vulnerability associated with source-sink pairs in the multiple paths. The analyzing includes determining the multiple paths using a path-sensitive analysis. The method includes, for the determined multiple paths, grouping the determined multiple paths into a single representative indication of the determined multiple paths. The method includes outputting the single representative indication. Computer program products and apparatus are also disclosed. | 08-23-2012 |
20120254839 | SIMULATING BLACK BOX TEST RESULTS USING INFORMATION FROM WHITE BOX TESTING - Systems, methods are program products for simulating black box test results using information obtained from white box testing, including analyzing computer software (e.g., an application) to identify a potential vulnerability within the computer software application and a plurality of milestones associated with the potential vulnerability, where each of the milestones indicates a location within the computer software application, tracing a path from a first one of the milestones to an entry point into the computer software application, identifying an input to the entry point that would result in a control flow from the entry point and through each of the milestones, describing the potential vulnerability in a description indicating the entry point and the input, and presenting the description via a computer-controlled output medium. | 10-04-2012 |
20130133075 | FIXING SECURITY VULNERABILITY IN A SOURCE CODE - A computer implemented method for automatically fixing a security vulnerability in a source code is disclosed. The method includes obtaining identification of code that sends tainted data to corresponding sink code in the source code; and automatically fixing the vulnerability by automatically performing code modification which is selected from the group of code modifications consisting of: code motion and code duplication. Also disclosed are computer program product and data processing system. | 05-23-2013 |
20130174260 | TARGETED SECURITY TESTING - Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads. | 07-04-2013 |
20130174262 | TARGETED SECURITY TESTING - Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads. | 07-04-2013 |
20130191691 | IMPORTANCE-BASED CALL GRAPH CONSTRUCTION - Call graph construction systems that utilize computer hardware are presented including: a processor a candidate pool configured for representing a number of calls originating from a root node of a computer software application; an importance value assigner configured for assigning an importance value for any of the number of calls represented in the candidate pool; a candidate selector configured for selecting from the number of calls represented in the candidate pool for inclusion in a call graph based on a sufficient importance value; and an importance value adjuster configured for adjusting the importance value of any call represented in the call graph. | 07-25-2013 |
20130239097 | DISTRIBUTED STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS - A method for distributed static analysis of computer software applications, includes: statically analyzing instructions of a computer software application; identifying at least one entry point in the computer software application; assigning a primary agent to statically analyze the computer software application from the entry point; assigning a secondary agent to statically analyze a call site encountered by the primary agent and produce a static analysis summary of the call site; and presenting results of any of the static analyses via a computer-controlled output device. | 09-12-2013 |
20140075560 | AUTOMATIC CLASSIFICATION OF SECURITY VULNERABILITIES IN COMPUTER SOFTWARE APPLICATIONS - Automatically classifying security vulnerabilities in computer software applications by identifying candidate security vulnerabilities in a learning set including at least a first computer software application, classifying each of the candidate security vulnerabilities using predefined classifications, determining, for each of the candidate security vulnerabilities, values for predefined properties, creating a set of correlations between the property values and the classifications of the candidate security vulnerabilities, identifying a candidate security vulnerability in a second computer software application, determining, for the candidate security vulnerability in the second computer software application, values for the predefined properties, and using the set of correlations to classify the candidate security vulnerability in the second computer software application with a classification from the predefined classifications that best correlates with the property values of the candidate security vulnerability in the second computer software application. | 03-13-2014 |
20140109227 | TRANSFORMING UNIT TESTS FOR SECURITY TESTING - A method, computer program product, and system for transforming unit tests is described. A unit test associated with one or more software units is identified. A first input parameter of the unit test is identified. A substitute parameter value is determined, wherein the substitute parameter value is associated with a security test for the one or more software units. A value of the first input parameter in the unit test is replaced with the substitute parameter value. The unit test including the substitute parameter value is implemented for the one or more software units. A first security issue associated with the one or more software units is identified, based upon, at least in part, replacing the first input parameter of the unit test with the substitute parameter value and implementing the unit test including the substitute parameter value. | 04-17-2014 |
20140109228 | TRANSFORMING UNIT TESTS FOR SECURITY TESTING - A method, computer program product, and system for transforming unit tests is described. A unit test associated with one or more software units is identified. A first input parameter of the unit test is identified. A substitute parameter value is determined, wherein the substitute parameter value is associated with a security test for the one or more software units. A value of the first input parameter in the unit test is replaced with the substitute parameter value. The unit test including the substitute parameter value is implemented for the one or more software units. A first security issue associated with the one or more software units is identified, based upon, at least in part, replacing the first input parameter of the unit test with the substitute parameter value and implementing the unit test including the substitute parameter value. | 04-17-2014 |
20140157406 | APPLICATION TESTING SYSTEM AND METHOD - A method, computer program product, and computer system for sending, by a first computing device, a payload from a plurality of payloads to a second computing device. A response from the second computing device responding to the payload is received at the first computing device. It is determined whether the payload has successfully attacked an application executing at the second computing device based upon, at least in part, the response. If not, at least a portion of the plurality of payloads that shares a structural overlap with the first payload is identified. At least a second payload of the portion is prevented from being sent to the second computing device in response to identifying that the second payload shares the structural overlap with the first payload. | 06-05-2014 |
20140157413 | APPLICATION TESTING SYSTEM AND METHOD - A method, computer program product, and computer system for sending, by a first computing device, a payload from a plurality of payloads to a second computing device. A response from the second computing device responding to the payload is received at the first computing device. It is determined whether the payload has successfully attacked an application executing at the second computing device based upon, at least in part, the response. If not, at least a portion of the plurality of payloads that shares a structural overlap with the first payload is identified. At least a second payload of the portion is prevented from being sent to the second computing device in response to identifying that the second payload shares the structural overlap with the first payload. | 06-05-2014 |
20140201840 | IDENTIFYING STORED SECURITY VULNERABILITIES IN COMPUTER SOFTWARE APPLICATIONS - Identifying stored security vulnerabilities in computer software applications by providing via a first interface of a computer software application during execution of the computer software application, test data having a characteristic of a malicious payload, where an interaction performed with the first interface resulted in data being written to a location within a persistent data store, and where an interaction performed with a second interface of the computer software application resulted in data being read from the location within the persistent data store, and identifying a stored security vulnerability associated with the computer software application if the test data are written to the persistent data store at the location. | 07-17-2014 |
20140201842 | IDENTIFYING STORED SECURITY VULNERABILITIES IN COMPUTER SOFTWARE APPLICATIONS - Identifying stored security vulnerabilities in computer software applications by providing via a first interface of a computer software application during execution of the computer software application, test data having a characteristic of a malicious payload, where an interaction performed with the first interface resulted in data being written to a location within a persistent data store, and where an interaction performed with a second interface of the computer software application resulted in data being read from the location within the persistent data store, and identifying a stored security vulnerability associated with the computer software application if the test data are written to the persistent data store at the location. | 07-17-2014 |
20140215431 | STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS HAVING A MODEL-VIEW-CONTROLLER ARCHITECTURE - Preparing a computer software application for static analysis by identifying a control flow within a model portion of a computer software application having a model-view-controller architecture, where the control flow passes a value to a controller portion of the computer software application, analyzing a declarative specification of the controller portion of the computer software application to identify a view to which the controller portion passes control based on the value, and synthesizing a method within the computer software application, where the method calls the view. | 07-31-2014 |
20140298474 | AUTOMATIC SYNTHESIS OF UNIT TESTS FOR SECURITY TESTING - Performing security analysis on a computer program under test (CPUT). The CPUT can be analyzed to identify data pertinent to potential security vulnerabilities of the CPUT. At least a first unit test configured to test a particular unit of program code within the CPUT can be automatically synthesized. The first unit test can be configured to initialize at least one parameter used by the particular unit of program code within the CPUT, and can be provided at least a first test payload configured to exploit at least one potential security vulnerability of the CPUT. The first unit test can be dynamically processed to communicate the first test payload to the particular unit of program code within the CPUT. Whether the first test payload exploits an actual security vulnerability of the CPUT can be determined, and a security analysis report can be output. | 10-02-2014 |
20150095893 | OPTIMIZING TEST DATA PAYLOAD SELECTION FOR TESTING COMPUTER SOFTWARE APPLICATIONS THAT EMPLOY DATA SANITIZERS AND DATA VALIDATORS - Testing computer software applications is implemented by probing a computer software application to determine the presence in the computer software application of any data-checking features, and applying a rule to the data-checking features that are determined to be present in the computer software application, thereby producing a testing set of inputs. The testing set includes any sets of inputs that were used to test sets of data-checking software, where each of the sets of data-checking software includes one or more data sanitizers and/or data validators, and where the rule is configured to produce the testing set to include one or more of the sets of inputs when the rule is applied to any of the data-checking features. The computer software application is tested using the testing set. | 04-02-2015 |
20150278202 | OPTIMIZING WEB CRAWLING THROUGH WEB PAGE PRUNING - Crawling computer-based documents by performing static analysis on a computer-based document to identify within the computer-based document one or more execution vectors, where each execution vector includes a computer program segment including a call to an entity that is external to the computer-based document, and one or more additional computer program segments whose execution precedes and leads ultimately to execution of the computer program segment that includes the call to the entity, and causing any of the computer program segments in any of the execution vectors to be executed during a crawling of the computer-based document, and any computer program segment within the computer-based document that is excluded from the execution vectors to be excluded from execution during the crawling of the computer-based document. | 10-01-2015 |
Patent application number | Description | Published |
20110088023 | SYSTEM AND METHOD FOR STATIC DETECTION AND CATEGORIZATION OF INFORMATION-FLOW DOWNGRADERS - A system and method for static detection and categorization of information-flow downgraders includes transforming a program stored in a memory device by statically analyzing program variables to yield a single assignment to each variable in an instruction set. The instruction set is translated to production rules with string operations. A context-free grammar is generated from the production rules to identify a finite set of strings. An information-flow downgrader function is identified by checking the finite set of strings against one or more function specifications. | 04-14-2011 |
20130007885 | BLACK-BOX TESTING OF WEB APPLICATIONS WITH CLIENT-SIDE CODE EVALUATION - Detecting security vulnerabilities in web applications by interacting with a web application at a computer server during its execution at the computer server, identifying client-side instructions provided by the web application responsive to an interaction with the web application, where the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server, evaluating the identified client-side instructions, and identifying a security vulnerability associated with the client-side instructions. | 01-03-2013 |
20130007887 | BLACK-BOX TESTING OF WEB APPLICATIONS WITH CLIENT-SIDE CODE EVALUATION - Detecting security vulnerabilities in web applications by interacting with a web application at a computer server during its execution at the computer server, identifying client-side instructions provided by the web application responsive to an interaction with the web application, where the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server, evaluating the identified client-side instructions, and identifying a security vulnerability associated with the client-side instructions. | 01-03-2013 |
20130111449 | STATIC ANALYSIS WITH INPUT REDUCTION | 05-02-2013 |
20130111594 | DETECTION OF DOM-BASED CROSS-SITE SCRIPTING VULNERABILITIES | 05-02-2013 |
20130111595 | DETECTION OF DOM-BASED CROSS-SITE SCRIPTING VULNERABILITIES | 05-02-2013 |
20130205398 | AUTOMATIC SYNTHESIS OF UNIT TESTS FOR SECURITY TESTING - Performing security analysis on a computer program under test (CPUT). The CPUT can be analyzed to identify data pertinent to potential security vulnerabilities of the CPUT. At least a first unit test configured to test a particular unit of program code within the CPUT can be automatically synthesized. The first unit test can be configured to initialize at least one parameter used by the particular unit of program code within the CPUT, and can be provided at least a first test payload configured to exploit at least one potential security vulnerability of the CPUT. The first unit test can be dynamically processed to communicate the first test payload to the particular unit of program code within the CPUT. Whether the first test payload exploits an actual security vulnerability of the CPUT can be determined, and a security analysis report can be output. | 08-08-2013 |
20130205399 | AUTOMATIC SYNTHESIS OF UNIT TESTS FOR SECURITY TESTING - Performing security analysis on a computer program under test (CPUT). The CPUT can be analyzed to identify data pertinent to potential security vulnerabilities of the CPUT. At least a first unit test configured to test a particular unit of program code within the CPUT can be automatically synthesized. The first unit test can be configured to initialize at least one parameter used by the particular unit of program code within the CPUT, and can be provided at least a first test payload configured to exploit at least one potential security vulnerability of the CPUT. The first unit test can be dynamically processed to communicate the first test payload to the particular unit of program code within the CPUT. Whether the first test payload exploits an actual security vulnerability of the CPUT can be determined, and a security analysis report can be output. | 08-08-2013 |
20140310812 | IDENTIFYING SECURITY VULNERABILITIES RELATED TO INTER-PROCESS COMMUNICATIONS - Identifying security vulnerabilities related to inter-process communications by identifying within the instructions of a computer software application an object creation location configured to create an inter-process communications object, identifying within the instructions of the computer software application a location of an inter-process communications method, determining whether a path exists for an inter-process communications object created at the object creation location to propagate to the inter-process communications method, classifying with a classification selected from a plurality of predefined classifications, any of the inter-process communications object, the object creation location, and the location of the inter-process communications method, and reporting as a security vulnerability the classified inter-process communications object, object creation location, or location of the inter-process communications method if the path exists and if the classification is predefined to indicate that reporting is warranted. | 10-16-2014 |
20140310814 | IDENTIFYING SECURITY VULNERABILITIES RELATED TO INTER-PROCESS COMMUNICATIONS - Identifying security vulnerabilities related to inter-process communications by identifying within the instructions of a computer software application an object creation location configured to create an inter-process communications object, identifying within the instructions of the computer software application a location of an inter-process communications method, determining whether a path exists for an inter-process communications object created at the object creation location to propagate to the inter-process communications method, classifying with a classification selected from a plurality of predefined classifications, any of the inter-process communications object, the object creation location, and the location of the inter-process communications method, and reporting as a security vulnerability the classified inter-process communications object, object creation location, or location of the inter-process communications method if the path exists and if the classification is predefined to indicate that reporting is warranted. | 10-16-2014 |