Patent application number | Description | Published |
20080201688 | SYSTEM AND METHOD FOR THE AUTOMATIC VERIFICATION OF PRIVILEGE-ASSERTING AND SUBJECT-EXECUTED CODE - The present relates to a method for verifying privileged and subject-executed code within a program, the method further comprising the steps of constructing a static model of a program, identifying checkPermission nodes that are comprised within the invocation graph, and performing a fixed-point iteration, wherein each determined permission set is propagated backwards across the nodes of the static model until a privilege-asserting code node is reached. The method further comprises the steps of associating each node of the invocation graph with a set of Permission allocation sites, analyzing each identified privilege-asserting code node and subject-executing code node to determine the Permission allocation site set that is associated with each privilege-asserting code node and subject-executing code node, and determining the cardinality of a Permission allocation-site set that is associated with each privilege-asserting code node and subject-executing code node. | 08-21-2008 |
20080201693 | SYSTEM AND METHOD FOR THE AUTOMATIC IDENTIFICATION OF SUBJECT-EXECUTED CODE AND SUBJECT-GRANTED ACCESS RIGHTS - The present invention relates to a method for identifying subject-executed code and subject-granted access rights within a program, the method further comprising the steps of: constructing a static model of a program, and determining a set of access rights that are associated with each subject object that is comprised within the program. The method further comprises the steps of annotating the invocation graph with the set of access right data to generate a subject-rights analysis, wherein each node comprised within the invocation graph is mapped to a set of access rights that represent subject-granted access rights under which a method that corresponds to a respective node will be executed, and utilizing the subject-rights analysis to perform a subject-rights analysis of the program. | 08-21-2008 |
20080201760 | SYSTEM AND METHOD FOR THE AUTOMATIC EVALUATION OF EXISTING SECURITY POLICIES AND AUTOMATIC CREATION OF NEW SECURITY POLICIES - The present invention relates to methodologies for combining policy analysis and static analysis of code and thereafter determining whether the permissions granted by the policy to the code and to the subjects executing it are appropriate. In particular, this involves the verification that too many permissions have not been granted (wherein this would be a violation of the Principle of Least Privilege), and that the permissions being granted are sufficient to execute the code without run-time authorization failures, thus resulting in the failure of the program to execute. | 08-21-2008 |
20090094667 | Method and Apparatus for Automatic Determination of Authorization Requirements While Editing or Generating Code - Systems and methods are presented for automatically determining the security requirements of program code during the creation or modification of that program code and for presenting the necessary security permissions to a developer of the program code at the time of the creation or modification of the program code. A cache is established containing program code segments including library calls and application program interfaces that require security permissions at runtime. The cache also includes the security permissions associated with the stored program code segments. Program code editing is monitored in real time during the editing, and instances of edits that add, modify or delete the stored program code segments from the program code being edited are identified. The security permissions associated with the program code segments that are modified by the edits are retrieved from the cache. The retrieved security permissions are immediately presented to the developer in an interactive format that provides the developer with the ability to accept or decline the necessary changes to the security permissions. | 04-09-2009 |
20090193492 | METHOD FOR INFORMATION TRACKING IN MULTIPLE INTERDEPENDENT DIMENSIONS - A method for information flow tracking is provided using, for example, a functional programming language based on lambda calculus, λ | 07-30-2009 |
20090300266 | IDENTIFICATION OF READ/WRITE CHAINS DURING STATIC ANALYSIS OF COMPUTER SOFTWARE - A system for identifying read/write chains in computer software, including a static analysis engine identifying within computer software logical container accesses, a string analyzer configured to at least partly resolve any variables identifying the logical container in any of the accesses by determining a set of potential values of any of the variables, and a Logical Container Access Virtualization component (LCAV) configured to identify the type and scope of any permutations of the accesses, where each of the permutations is defined by substituting any of the potential values for any of the access variables, and identify any read/write chains within the computer software by matching any of the access permutations that read from the logical container with any of the access permutations that write to the logical container if there is an intersection between the scopes of the read and write access permutations. | 12-03-2009 |
20100043048 | System, Method, and Apparatus for Modular, String-Sensitive, Access Rights Analysis with Demand-Driven Precision - A static analysis for identification of permission-requirements on stack-inspection authorization systems is provided. The analysis employs functional modularity for improved scalability. To enhance precision, the analysis utilizes program slicing to detect the origin of each parameter passed to a security-sensitive function. Furthermore, since strings are essential when defining permissions, the analysis integrates a sophisticated string analysis that models string computations. | 02-18-2010 |
20100088668 | Crawling of object model using transformation graph - A transformation tree for an object model (OM) is defined. The transformation tree has nodes interconnected by edges, where each node is connected to at most one other tree node. Each node corresponds to a state of the OM; each edge corresponds to an event causing the OM to transition from the state of one node to the state of another node. A transformation graph for the OM is constructed by simulating the transformation tree. The transformation graph has nodes interconnected by edges, and is a directed graph in which each node is connected to one or more other nodes. Each node corresponds to a state of the OM; each edge corresponds to an event causing the OM to transition from the state of one node to the state of another node. Crawling-oriented actions are performed in relation to the OM by being performed in relation to the transformation graph. | 04-08-2010 |
20100284527 | Importance-Based Call Graph Construction - A system and method for importance-based call graph construction, including a) analyzing a computer software application to identify a plurality of calls within the computer software application, b) assigning an importance value to any of the calls in accordance with a predefined importance rule, c) selecting any of the calls for inclusion in a call graph in accordance with a predefined inclusion rule, d) representing the call in the call graph, e) adjusting the importance value of any call represented in the call graph in accordance with a predefined importance adjustment rule, and f) iteratively performing any of steps a)-e) until a predefined termination condition is met. | 11-11-2010 |
20100333201 | SYSTEM, METHOD, AND PROGRAM FOR DETERMINING VALIDITY OF STRING - A computer-implemented method, program product, and system for determining the validity of a string generated by a computer programming language program. The method includes: abstracting a constraint between variables extracted from a source code for a programming language, describing the constraint in M2L, and storing the constraint; and evaluating the validity of the string on an M2L solver on the basis of the constraint and a M2L specification to determine whether the string is safe or unsafe. | 12-30-2010 |
20110029946 | EFFICIENT EXTRACTION OF SOFTWARE DEPENDENCIES FROM PROGRAM CODE - Calls to stop functions are identified in a computer program file. The stop functions are functions that interact with external resources. Parameters of the calls to the stop functions that are references to the external resources are identified. An analysis is performed over the computer program file to find out possible values of the parameters of the calls. | 02-03-2011 |
20110030061 | DETECTING AND LOCALIZING SECURITY VULNERABILITIES IN CLIENT-SERVER APPLICATION - The present invention provides a system, computer program product, and a computer implemented method for analyzing a set of two or more communicating applications. The method includes executing a first application, such as a client application, and executing a second application, such as a server application. The applications are communicating with each other. A correlation is recorded between the applications and an execution characteristic exhibited on execution. An oracle is used to determine an analysis of the first application that has been executed. The execution of the first application causes a change of state in the second application and/or a change control flow in the second application. Code fragment in the first application and/or the second application are prioritized based on an evaluation produced by the oracle, and based on the correlation between the code fragments that have been executed and the execution characteristic exhibited by the code fragments. | 02-03-2011 |
20110087892 | Eliminating False Reports of Security Vulnerabilities when Testing Computer Software - A system for eliminating false reports of security vulnerabilities when testing computer software, including a taint analysis engine configured to identify a tainted variable v in a computer application, a data mapping identification engine configured to identify a variable x within the application that holds data derived from v, where x is in a different format than v, an AddData identification engine configured to identify an AddData operation within the application that is performed on x, a signature identification engine configured to identify a Sign operation within the application that is performed on the results of the AddData operation on x, a signature comparison identification engine configured to identify an operation within the application that compares the results of the Sign operation with another value | 04-14-2011 |
20110126282 | System, Method and Apparatus for Simultaneous Definition and Enforcement of Access-control and Integrity Policies - Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions. | 05-26-2011 |
20110131656 | IDENTIFYING SECURITY VULNERABILITY IN COMPUTER SOFTWARE - Identifying a security vulnerability in a computer software application by identifying at least one source in a computer software application, identifying at least one sink in the computer software application, identifying at least one input to any of the sinks, determining whether the input derives its value directly or indirectly from any of the sources, determining a set of possible values for the input, and identifying a security vulnerability where the set of possible values for the input does not match a predefined specification of legal values associated with the sink input. | 06-02-2011 |
20110145785 | Automatic Optimization of String Allocations in a Computer Program - Access is obtained to an input object-oriented computer program. In the input object-oriented computer program, semantically equivalent objects are identified, which exist in different memory locations. If at least one of: a number of occurrences for the semantically equivalent objects exceeds a first threshold value, the threshold value being at least two; and a number of equality tests on the semantically equivalent objects exceeds a second threshold value, then a further step includes identifying an application program interface to reduce the semantically equivalent objects to a single object in a single memory location. | 06-16-2011 |
20110277037 | Enforcement Of Data Privacy To Maintain Obfuscation Of Certain Data - A computer-readable medium is disclosed that tangibly embodies a program of machine-readable instructions executable by a digital processing apparatus to perform operations including determining whether data to be released from a database is associated with one or more confidential mappings between sets of data in the database. The operations also include, in response to the data being associated with the one or more confidential mappings, determining whether release of the data meets one or more predetermined anonymity requirements of an anonymity policy. Methods and apparatus are also disclosed. | 11-10-2011 |
20110321016 | INJECTION CONTEXT BASED STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS - Embodiments of the invention generally relate to injection context based static analysis of computer software applications. Embodiments of the invention may include selecting a sink within a computer software application, tracing a character output stream leading to the sink within the computer software application, determining an injection context of the character output stream at the sink, where the injection context is predefined in association with a state of the character output stream at the sink, identifying any actions that have been predefined in association with the identified injection context, and providing a report of the actions. | 12-29-2011 |
20120023486 | Verification of Information-Flow Downgraders - A method includes determining grammar for output of an information-flow downgrader in a software program. The software program directs the output of the information-flow downgrader to a sink. The method includes determining whether the grammar of the output conforms to one or more predetermined specifications of the sink. The method includes, in response to a determination the grammar of the output conforms to the one or more predetermined specifications of the sink, determining the information-flow downgrader is verified for the sink, wherein determining grammar, determining whether the grammar, and determining the information-flow downgrader are performed via static analysis of the software program. Apparatus and computer program products are also disclosed. An apparatus includes a user interface providing a result of whether or not output of an information-flow downgrader in the software program conforms to one or more predetermined specifications of a sink in the software program. | 01-26-2012 |
20120023553 | Static Analysis For Verification Of Software Program Access To Secure Resources For Computer Systems - A method includes, using a static analysis, analyzing a software program to determine whether the software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. The method also includes, in response to an access by the software program to the secure resource without verification that the secure resource can be accessed by the software program, outputting a result indicative of the analyzing. Computer program products and apparatus are also disclosed. An apparatus is disclosed that includes a user interface providing a security report to a user, the security report indicating a result of an analysis of whether or not a software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. | 01-26-2012 |
20120084755 | CONFIDENCE-BASED STATIC ANALYSIS - Systems, methods and program products are provided for confidence-based static analysis, including initiating a static analysis of computer software, associating a confidence value with a first element of the static analysis, determining a current state of the static analysis, calculating an adjusted confidence value in accordance with a confidence adjustment function as applied to the current state and the confidence value associated with the first element, associating the adjusted confidence value with a second element of the static analysis resulting from a transition from the first element, and eliminating the second element from the static analysis if the adjusted confidence value meets elimination criteria. | 04-05-2012 |
20120089962 | Unchanged Object Management - A method includes, using a static analysis performed on code, analyzing the code to determine a set of unchanged objects and modifying the code to exercise a singleton-pattern technique for one or more members of the set of unchanged objects. The method also includes outputting the modified code. Apparatus and program products are also disclosed. Another method includes accessing code from a client, and in response to any of the code being source code, compiling the source code into object code until all the code from the client comprises object code. The method further includes, using a static analysis performed on the object code, analyzing the object code to determine a set of unchanged objects and modifying the object code to exercise a singleton-pattern technique for one or more members of the set of unchanged objects. The method additionally includes returning the modified object code to the client. | 04-12-2012 |
20120102471 | GENERATING SPECIFICATIONS OF CLIENT-SERVER APPLICATIONS FOR STATIC ANALYSIS - Systems and methods are provided for creating a data structure associated with a software application that is based on at least one framework. According to the method, source code and at least one configuration file of the software application is analyzed by at least one framework-specific processor so as to determine entry point information indicating entry points in the source code, request attribute access information indicating where attributes attached to a request data structure are read and written, and forward information indicating forwards performed by the software application. A data structure for a static analysis engine is created based on this information. The data structure includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework. | 04-26-2012 |
20120102474 | STATIC ANALYSIS OF CLIENT-SERVER APPLICATIONS USING FRAMEWORK INDEPENDENT SPECIFICATIONS - Systems and methods are provided for statically analyzing a software application that is based on at least one framework. According to the method, source code of the software application and a specification associated with the software application are analyzed. The specification includes a list of synthetic methods that model framework-related behavior of the software application, and a list of entry points indicating the synthetic methods and/or application methods of the software application that can be invoked by the framework. Based on the source code and the specification, intermediate representations for the source code and the synthetic methods are generated. Based on the intermediate representations and the specification, call graphs are generated to model which application methods of the software application invoke synthetic methods or other application methods of the software application. The software application is statically analyzed based on the call graphs and the intermediate representations so as to generate analysis results for the software application. | 04-26-2012 |
20120110551 | SIMULATING BLACK BOX TEST RESULTS USING INFORMATION FROM WHITE BOX TESTING - Systems, methods are program products for simulating black box test results using information obtained from white box testing, including analyzing computer software (e.g., an application) to identify a potential vulnerability within the computer software application and a plurality of milestones associated with the potential vulnerability, where each of the milestones indicates a location within the computer software application, tracing a path from a first one of the milestones to an entry point into the computer software application, identifying an input to the entry point that would result in a control flow from the entry point and through each of the milestones, describing the potential vulnerability in a description indicating the entry point and the input, and presenting the description via a computer-controlled output medium. | 05-03-2012 |
20120131668 | Policy-Driven Detection And Verification Of Methods Such As Sanitizers And Validators - A method includes performing a static analysis on a program having sources and sinks to track string flow from the sources to the sinks. The static analysis includes, for string variables in the program that begin at sources, computing grammar of all possible string values for each of the string variables and, for methods in the program operating on any of the string variables, computing grammar of string variables returned by the methods. The static analysis also includes, in response to one of the string variables reaching a sink that performs a security-sensitive operation, comparing current grammar of the one string variable with a policy corresponding to the security-sensitive operation, and performing a reporting operation based on the comparing. Apparatus and computer program products are also disclosed. | 05-24-2012 |
20120131670 | Global Variable Security Analysis - A method includes determining selected global variables in a program for which flow of the selected global variables through the program is to be tracked. The selected global variables are less than all the global variables in the program. The method includes using a static analysis performed on the program, tracking flow through the program for the selected global variables. In response to one or more of the selected global variables being used in security-sensitive operations in the flow, use is analyzed of each one of the selected global variables in a corresponding security-sensitive operation. In response to a determination the use may be a potential security violation, the potential security violation is reported. Apparatus and computer program products are also disclosed. | 05-24-2012 |
20120144491 | Answering Security Queries Statically Based On Dynamically-Determined Information - A method includes analyzing execution of a software program, the software program having sources returning values, sinks that perform security-sensitive operations on those returned values or modified versions of the returned values, and flows of the returned values to the sinks, the analyzing determining a first set of methods having access to a value returned from a selected one of the sources. A static analysis is performed on the software program, the static analysis using the first set of methods to determine a second set of methods having calling relationships with the selected source, the static analysis determining whether the returned value from the selected source can flow through a flow to a sink that performs a security-sensitive operation without the flow to the sink being endorsed, and in response, indicating a security violation. Apparatus and computer program products are also disclosed. | 06-07-2012 |
20120151454 | GENERATING INPUTS FOR CLIENT-SERVER PROGRAMS FOR FAULT DETECTION AND LOCALIZATION - The present invention provides a system, computer program product, and a computer implemented method for analyzing a set of two or more communicating applications. The method begins with receiving a first second application that communicates with each other during execution. Next, an initial input for executing the first application and the second application is received. The initial input is added to a set of inputs. An iterative execution loop is performed at least once. The loop begins with selecting inputs out of the set of inputs for execution. Next, using the selected inputs, the first and/or the second application is executed while information regarding the execution and information communicated to the other application are recorded. A set of one or more new application inputs for either applications is generated based the second application recorded information and the first application information. These new inputs are added to the set of inputs. | 06-14-2012 |
20120159619 | Formal Analysis of the Quality and Conformance of Information Flow Downgraders - Mechanisms for evaluating downgrader code in application code with regard to one or more security guidelines are provided. Downgrader code in application code is identified, where the downgrader code is a portion of code in the application code that operates on an information flow of the application code to ensure confidentiality of information input to the downgrader code, in the output of the downgrader code. Processes of the downgrader code are evaluated against security guidelines to determine if the processes violate the security guidelines. A notification is generated in response to the evaluation indicating that the processes of the downgrader code violate the security guidelines. The notification is output to a computing device for consideration. | 06-21-2012 |
20120174229 | Runtime Enforcement Of Security Checks - A method is disclosed that includes tracking untrusted inputs through an executing program into a sink, the tracking including maintaining context of the sink as strings based on the untrusted inputs flow into the sink. The method also includes, while tracking, in response to a string based on an untrusted input being about to flow into the sink and a determination the string could lead to an attack if the string flows into a current context of the sink, endorsing the string using an endorser selected based at least on the current context of the sink, and providing the endorsed string to the sink. Computer program products and apparatus are also disclosed. | 07-05-2012 |
20120192161 | DISTRIBUTED STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS - A method for distributed static analysis of computer software applications, includes: statically analyzing instructions of a computer software application; identifying at least one entry point in the computer software application; assigning a primary agent to statically analyze the computer software application from the entry point; assigning a secondary agent to statically analyze a call site encountered by the primary agent and produce a static analysis summary of the call site; and presenting results of any of the static analyses via a computer-controlled output device. | 07-26-2012 |
20120198557 | DETERMINING THE VULNERABILITY OF COMPUTER SOFTWARE APPLICATIONS TO PRIVILEGE-ESCALATION ATTACKS - Determining the vulnerability of computer software applications to privilege-escalation attacks, such as where an instruction classifier is configured to be used for identifying a candidate access-restricted area of the instructions of a computer software application, and a static analyzer is configured to statically analyze the candidate access-restricted area to determine if there is a conditional instruction that controls execution flow into the candidate access-restricted area, perform static analysis to determine if the conditional instruction is dependent on a data source within the computer software application, and designate the candidate access-restricted area as vulnerable to privilege-escalation attacks absent either of the conditional instruction and the date source. | 08-02-2012 |
20120215757 | WEB CRAWLING USING STATIC ANALYSIS - A crawler including a document retriever configured to retrieve a first computer-based document, a link identifier configured to identify an actual string within the computer-based document as being a hyperlink-type string, and a static analyzer configured to perform static analysis of an operation on a variable within the first computer-based document to identify a possible string value of the variable as being a hyperlink-type string, where any of the strings indicate a location of at least a second computer-based document. | 08-23-2012 |
20120216177 | Generating Sound and Minimal Security Reports Based on Static Analysis of a Program - A method is disclosed that includes, using a static analysis, analyzing a software program to determine a number of paths from sources accepting information to sinks using that information or a modified version of that information and to determine multiple paths from the number of paths. The determined multiple paths have a same transition from an application portion of the software program to a library portion of the software program and require a same downgrading action to address a vulnerability associated with source-sink pairs in the multiple paths. The analyzing includes determining the multiple paths using a path-sensitive analysis. The method includes, for the determined multiple paths, grouping the determined multiple paths into a single representative indication of the determined multiple paths. The method includes outputting the single representative indication. Computer program products and apparatus are also disclosed. | 08-23-2012 |
20120254839 | SIMULATING BLACK BOX TEST RESULTS USING INFORMATION FROM WHITE BOX TESTING - Systems, methods are program products for simulating black box test results using information obtained from white box testing, including analyzing computer software (e.g., an application) to identify a potential vulnerability within the computer software application and a plurality of milestones associated with the potential vulnerability, where each of the milestones indicates a location within the computer software application, tracing a path from a first one of the milestones to an entry point into the computer software application, identifying an input to the entry point that would result in a control flow from the entry point and through each of the milestones, describing the potential vulnerability in a description indicating the entry point and the input, and presenting the description via a computer-controlled output medium. | 10-04-2012 |
20120266247 | Automatic Inference Of Whitelist-Based Validation As Part Of Static Analysis For Security - A method includes performing taint analysis of a computer program and determining an original set of paths from sources to sinks. Each path corresponds to a vulnerability. The method includes determining for each variable whose type is a collection and is accessed in one of the paths in the original set of paths whether the variable points to a concrete value whose internal state is not tainted according to the taint analysis. The method further includes, for each of the variables whose type is a collection found not to be tainted according to the taint analysis, determining all points in the computer program where a membership check against the collection is performed. The method also includes, for each of the points, determining corresponding paths and removing those paths from the original set of paths to create a reduced set of paths. Apparatus and computer readable program products are also disclosed. | 10-18-2012 |
20120272322 | DETERMINING THE VULNERABILITY OF COMPUTER SOFTWARE APPLICATIONS TO PRIVILEGE-ESCALATION ATTACKS - Determining the vulnerability of computer software applications to privilege-escalation attacks, such as where an instruction classifier is configured to be used for identifying a candidate access-restricted area of the instructions of a computer software application, and a static analyzer is configured to statically analyze the candidate access-restricted area to determine if there is a conditional instruction that controls execution flow into the candidate access-restricted area, perform static analysis to determine if the conditional instruction is dependent on a data source within the computer software application, and designate the candidate access-restricted area as vulnerable to privilege-escalation attacks absent either of the conditional instruction and the date source. | 10-25-2012 |
20120297372 | Static Analysis Of Validator Routines - A method includes accessing a validator routine having an input string and one or more return points, each return point returning a return value having two possible values; finding the return points in the validator routine; for each of the return points, performing a backwards traversal from a return point through a code section and determining constraints on the input string based at least on one or both of the two possible return values for the return point; using the determined constraints for the input string, determining whether all of the return values returned from the one or more return points meet validation constraints; and outputting one or more indications of whether all of the returned values returned from the return points meet the validation constraints for the one or both of the two possible return values. Apparatus and computer program products are also disclosed. | 11-22-2012 |
20120317143 | STRING ANALYSIS BASED ON THREE-VALUED LOGIC - Performing string analysis based on three-valued logic by including expressing a property of a string in a computer software application as a three-valued logic shape predicate, performing a three-valued logic shape analysis using the shape predicate to reach a fixpoint solution, and evaluating the fixpoint solution to determine a three-valued logic value of the property. | 12-13-2012 |
20120331445 | Unchanged Object Management - Apparatus and program products are disclosed. Using a static analysis performed on code, the code is analyzed to determine a set of unchanged objects and modifying the code to exercise a singleton-pattern technique for one or more members of the set of unchanged objects. The modified code is output. Another technique includes accessing code from a client, and in response to any of the code being source code, compiling the source code into object code until all the code from the client comprises object code. Using a static analysis performed on the object code, the object code is analyzed to determine a set of unchanged objects and the object code is modified to exercise a singleton-pattern technique for one or more members of the set of unchanged objects. The modified object code is returned to the client. | 12-27-2012 |
20120331547 | Static Analysis For Verification Of Software Program Access To Secure Resources For Computer Systems - Computer program products and apparatus are disclosed. Using a static analysis, a software program is analyzed to determine whether the software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. In response to an access by the software program to the secure resource without verification that the secure resource can be accessed by the software program, a result is output indicative of the analyzing. An apparatus is disclosed that includes a user interface providing a security report to a user, the security report indicating a result of an analysis of whether or not a software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. | 12-27-2012 |
20130031622 | STATIC ANALYSIS FOR VERIFICATION OF SOFTWARE PROGRAM ACCESS TO SECURE RESOURCES FOR COMPUTER SYSTEMS - Computer program products and apparatus are disclosed. Using a static analysis, a software program is analyzed to determine whether the software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. In response to an access by the software program to the secure resource without verification that the secure resource can be accessed by the software program, a result is output indicative of the analyzing. An apparatus is disclosed that includes a user interface providing a security report to a user, the security report indicating a result of an analysis of whether or not a software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. | 01-31-2013 |
20130086686 | Automated Detection of Flaws and Incompatibility Problems in Information Flow Downgraders - Mechanisms for evaluating downgrader code in application code with regard to a target deployment environment. Downgrader code in the application code is identified. Based on an input string, an output string that the downgrader code outputs in response to receiving the input string is identified. One or more sets of illegal string patterns are retrieved. Each of the one or more sets of illegal string patterns is associated with a corresponding deployment environment. The illegal string patterns are string patterns that a downgrader identifies in the information flow for security purposes. A determination is made as to whether the downgrader code is compatible with the target deployment environment based on the one or more sets of illegal string patterns and the output string. An output indicative of the results of the determining is generated. | 04-04-2013 |
20130133043 | AUTHENTICATION IN VIRTUAL PRIVATE NETWORKS - Systems and methods are provided for controlling access to a network. An access request is received from a client application running on a computing device for accessing a remote network. The access request is received over a secure virtual private network connection (VPN) connection established by a user-mode VPN client running in non-privileged user space of the computing device. The access request includes contextual information for use in authenticating a user to access a remote network, wherein the contextual information includes contextual information about the client application requesting access to the remote network. An authentication process is performed using the contextual information to authenticate the user, and a secure VPN connection is established between the client application and the remote network, if the user is authenticated. | 05-23-2013 |
20130145215 | ELIMINATING FALSE-POSITIVE REPORTS RESULTING FROM STATIC ANALYSIS OF COMPUTER SOFTWARE - A system for eliminating false-positive reports resulting from static analysis of computer software is provided herein. The system includes the following components executed by a processor: a modeler configured to model a computer code into a model that defines sources, sinks, and flows; a static analyzer configured to apply static analysis to the code or the model, to yield reports indicative of at least one issue relating to one or more of the flows; a preconditions generator configured to generate preconditions for eliminating false-positive issues in the reports, based on the model and user-provided input; and a preconditions checker configured to apply the generated preconditions to the reports for eliminating false-positive issues in the reports. | 06-06-2013 |
20130179978 | Automated Detection of Flaws and Incompatibility Problems in Information Flow Downgraders - Mechanisms for evaluating downgrader code in application code with regard to a target deployment environment. Downgrader code in the application code is identified. Based on an input string, an output string that the downgrader code outputs in response to receiving the input string is identified. One or more sets of illegal string patterns are retrieved. Each of the one or more sets of illegal string patterns is associated with a corresponding deployment environment. The illegal string patterns are string patterns that a downgrader identifies in the information flow for security purposes. A determination is made as to whether the downgrader code is compatible with the target deployment environment based on the one or more sets of illegal string patterns and the output string. An output indicative of the results of the determining is generated. | 07-11-2013 |
20130179979 | DETECTING SECURITY VULNERABILITIES IN WEB APPLICATIONS - Method to detect security vulnerabilities includes: interacting with a web application during its execution to identify a web page exposed by the web application; statically analyzing the web page to identify a parameter within the web page that is constrained by a client-side validation measure and that is to be sent to the web application; determining a server-side validation measure to be applied to the parameter in view of the constraint placed upon the parameter by the client-side validation measure; statically analyzing the web application to identify a location within the web application where the parameter is input into the web application; determining whether the parameter is constrained by the server-side validation measure prior to the parameter being used in a security-sensitive operation; and identifying the parameter as a security vulnerability. | 07-11-2013 |
20130191691 | IMPORTANCE-BASED CALL GRAPH CONSTRUCTION - Call graph construction systems that utilize computer hardware are presented including: a processor a candidate pool configured for representing a number of calls originating from a root node of a computer software application; an importance value assigner configured for assigning an importance value for any of the number of calls represented in the candidate pool; a candidate selector configured for selecting from the number of calls represented in the candidate pool for inclusion in a call graph based on a sufficient importance value; and an importance value adjuster configured for adjusting the importance value of any call represented in the call graph. | 07-25-2013 |
20130205391 | Formal Analysis of the Quality and Conformance of Information Flow Downgraders - Mechanisms for evaluating downgrader code in application code with regard to one or more security guidelines are provided. Downgrader code in application code is identified, where the downgrader code is a portion of code in the application code that operates on an information flow of the application code to ensure confidentiality of information input to the downgrader code, in the output of the downgrader code. Processes of the downgrader code are evaluated against security guidelines to determine if the processes violate the security guidelines. A notification is generated in response to the evaluation indicating that the processes of the downgrader code violate the security guidelines. The notification is output to a computing device for consideration. | 08-08-2013 |
20130239097 | DISTRIBUTED STATIC ANALYSIS OF COMPUTER SOFTWARE APPLICATIONS - A method for distributed static analysis of computer software applications, includes: statically analyzing instructions of a computer software application; identifying at least one entry point in the computer software application; assigning a primary agent to statically analyze the computer software application from the entry point; assigning a secondary agent to statically analyze a call site encountered by the primary agent and produce a static analysis summary of the call site; and presenting results of any of the static analyses via a computer-controlled output device. | 09-12-2013 |
20130262617 | AUTOMATIC AND TRANSPARENT APPLICATION LOGGING - Automatic application logging, in one aspect, may receive a directive for logging data associated with an application. One or more runtime objects of an instance of the application running on a processor may be modified according to the directive to collect the data. The data may be collected via the modified one or more runtime objects. | 10-03-2013 |
20130290786 | AUTOMATED TESTING OF APPLICATIONS WITH SCRIPTING CODE - A novel system, computer program product, and method are disclosed for feedback-directed automated test generation for programs, such as JavaScript, in which execution is monitored to collect information that directs the test generator towards inputs that yield increased coverage. Several instantiations of the framework are implemented, corresponding to variations on feedback-directed random testing, in a tool called Artemis. | 10-31-2013 |
20130290937 | EFFICIENT EXTRACTION OF SOFTWARE DEPENDENCIES FROM PROGRAM CODE - Calls to stop functions are identified in a computer program file. The stop functions are functions that interact with external resources. Parameters of the calls to the stop functions that are references to the external resources are identified. An analysis is performed over the computer program file to find out possible values of the parameters of the calls. | 10-31-2013 |
20130332990 | Enforcement Of Data Privacy To Maintain Obfuscation Of Certain Data - A computer-readable medium is disclosed that tangibly embodies a program of machine-readable instructions executable by a digital processing apparatus to perform operations including determining whether data to be released from a database is associated with one or more confidential mappings between sets of data in the database. The operations also include, in response to the data being associated with the one or more confidential mappings, determining whether release of the data meets one or more predetermined anonymity requirements of an anonymity policy. Methods and apparatus are also disclosed. | 12-12-2013 |
20140052997 | SECURITY MODEL FOR ACTOR-BASED LANGUAGES AND APPARATUS, METHODS, AND COMPUTER PROGRAMMING PRODUCTS USING SAME - An application includes: a programming model including a service provider, first components, second components, and sinks communicating via messages. Each of the second components is assigned a unique capability. A given one of the first components routes a message from the given first component to second component(s) and then to a sink. Each of the second component(s) sends the message to the service provider. The service provider creates a token corresponding at least to a received message and a unique capability assigned to an associated one of the second component(s) and sends the token to the associated one of the second component(s). The selected sink receives the message and a token corresponding to each of the second component(s), verifies each received token, and either accepts the message if each of the received tokens is verified or ignores the message if at least one of the received tokens is not verified. | 02-20-2014 |
20140052998 | SECURITY MODEL FOR ACTOR-BASED LANGUAGES AND APPARATUS, METHODS, AND COMPUTER PROGRAMMING PRODUCTS USING SAME - An application includes: a programming model including a service provider, first components, second components, and sinks communicating via messages. Each of the second components is assigned a unique capability. A given one of the first components routes a message from the given first component to second component(s) and then to a sink. Each of the second component(s) sends the message to the service provider. The service provider creates a token corresponding at least to a received message and a unique capability assigned to an associated one of the second component(s) and sends the token to the associated one of the second component(s). The selected sink receives the message and a token corresponding to each of the second component(s), verifies each received token, and either accepts the message if each of the received tokens is verified or ignores the message if at least one of the received tokens is not verified. | 02-20-2014 |
20140053028 | ANOMALY DETECTION AT THE LEVEL OF RUN TIME DATA STRUCTURES - A useful embodiment of the invention is directed to a method associated with a computer program comprising one or more basic blocks, wherein the program defines and uses multiple data structures, such as the list of all customers of a bank along with their account information. The method includes identifying one or more invariants, wherein each invariant is associated with one of the data structures. The method further includes determining at specified times whether an invariant has been violated. Responsive to detecting a violation of one of the invariants, the detected violation is flagged as an anomaly. | 02-20-2014 |
20140053029 | ANOMALY DETECTION AT THE LEVEL OF RUN TIME DATA STRUCTURES - A useful embodiment of the invention is directed to a method associated with a computer program comprising one or more basic blocks, wherein the program defines and uses multiple data structures, such as the list of all customers of a bank along with their account information. The method includes identifying one or more invariants, wherein each invariant is associated with one of the data structures. The method further includes determining at specified times whether an invariant has been violated. Responsive to detecting a violation of one of the invariants, the detected violation is flagged as an anomaly. | 02-20-2014 |
20140053130 | DETERMINING CORRECTNESS CONDITIONS FOR USE IN STATIC ANALYSIS - An embodiment comprising a method is associated with static analysis of a program, which detects violations of conditions of the program correctness specification. The method includes selectively encoding the program and adding one or more correctness conditions to the encoded program, wherein the added conditions comprise a set of assumptions that render the program correct with respect to one or more properties pertaining to detected violations. The set of assumptions are reported to a program user, together with a request to the user to verify the validity of each assumption of the set. | 02-20-2014 |
20140053136 | DETERMINING CORRECTNESS CONDITIONS FOR USE IN STATIC ANALYSIS - An embodiment comprising a method is associated with static analysis of a program, which detects violations of conditions of the program correctness specification. The method includes selectively encoding the program and adding one or more correctness conditions to the encoded program, wherein the added conditions comprise a set of assumptions that render the program correct with respect to one or more properties pertaining to detected violations. The set of assumptions are reported to a program user, together with a request to the user to verify the validity of each assumption of the set. | 02-20-2014 |
20140053140 | STATIC ANALYSIS OF VALIDATOR ROUTINES - A method includes accessing a validator routine having an input string and one or more return points, each return point returning a return value having two possible values; finding the return points in the validator routine; for each of the return points, performing a backwards traversal from a return point through a code section and determining constraints on the input string based at least on one or both of the two possible return values for the return point; using the determined constraints for the input string, determining whether all of the return values returned from the one or more return points meet validation constraints; and outputting one or more indications of whether all of the returned values returned from the return points meet the validation constraints for the one or both of the two possible return values. Apparatus and computer program products are also disclosed. | 02-20-2014 |
20140075561 | STATIC SECURITY ANALYSIS USING A HYBRID REPRESENTATION OF STRING VALUES - Methods for creating a hybrid string representations include receiving string information as input; parsing the string information to produce one or more string components; determining string components that may be represented concretely by comparing the one or more components to a set of known concretizations; abstracting all string components that could not be represented concretely; and creating a hybrid string representation that includes at least one concrete string component and at least one abstracted string component. | 03-13-2014 |
20140075562 | STATIC SECURITY ANALYSIS USING A HYBRID REPRESENTATION OF STRING VALUES - Systems for constructing hybrid string representations include a string parser configured to parse received string information to produce one or more string components, a database configured to store a set of known concretizations, and a processor configured to compare the one or more string components to the set of known concretizations to determine string components that may be represented concretely, to abstract all string components that could not be represented concretely, and to create a hybrid string representation that includes at least one concrete string component and at least one abstracted string component. | 03-13-2014 |
20140082734 | CERTIFYING SERVER SIDE WEB APPLICATIONS AGAINST SECURITY VULNERABILITIES - Methods for server security verification include acquiring a public key associated with a received report that includes an indication regarding the presence of a vulnerability for each vulnerability, the report having been generated at a server; decrypting the received report using the public key; determining a level of server-side security based on the decrypted report using a processor; and reconfiguring a browser at the client responsive to the determined level of server-side security. | 03-20-2014 |
20140082736 | CERTIFYING SERVER SIDE WEB APPLICATIONS AGAINST SECURITY VULNERABILITIES - Systems for server security verification include a report validation module configured to acquire a public key associated with a received report, where the received report was generated at a server, to decrypt the received report using the public key, and to determine a level of server-side security based on the decrypted report; and a processor configured to reconfigure a browser responsive to the determined level of server-side security. | 03-20-2014 |
20140090064 | TRAINING CLASSIFIERS FOR PROGRAM ANALYSIS - Methods for training a static security analysis classifier include running an initial security analysis on a training codebase to generate a set of vulnerabilities associated with the training codebase; analyzing the program with a feature set that limits a number of detected vulnerabilities to generate a limited set of vulnerabilities associated with the feature set; comparing the limited set of vulnerabilities to a known vulnerability distribution to generate an accuracy score; and iterating the steps of analyzing and comparing using different feature sets to find a feature set having a highest accuracy score. | 03-27-2014 |
20140090069 | TRAINING CLASSIFIERS FOR PROGRAM ANALYSIS - Classifier training modules and systems are shown that include a memory configured to store a known vulnerability distribution and an initial feature set; and a processor configured to run an initial security analysis on a training codebase to generate a set of vulnerabilities associated with the training codebase, to analyze the program with the feature set to limit a number of detected vulnerabilities to generate a limited set of vulnerabilities associated with the feature set, to compare the limited set of vulnerabilities to the known vulnerability distribution to generate an accuracy score, and to iteratively refine the analysis by updating the feature set to find a feature set having a highest accuracy score. | 03-27-2014 |
20140115563 | DIFFERENTIAL STATIC PROGRAM ANALYSIS - Systems for program analysis include a high-level scanning tool configured to perform a high-level analysis on a program using a processor to generate one or more high-level findings; one or more low-level scanning tools, each configured to perform a low-level analysis on the program using a processor to generate a low-level finding; and a mapping module configured to map the one or more low-level findings to the high-level findings to generate a concise combination report that categorizes each finding according to the highest-level analysis that produces the finding. | 04-24-2014 |
20140115564 | DIFFERENTIAL STATIC PROGRAM ANALYSIS - Methods for program analysis include performing a high-level analysis on a program using a processor to generate one or more high-level findings; performing one or more low-level analyses on the program using a processor to generate one or more low-level findings; mapping the one or more low-level findings to the high-level findings to generate a concise combination report that categorizes each finding according to the highest-level analysis that produces the finding. | 04-24-2014 |
20140130015 | Hybrid Program Analysis - A hybrid program analysis method includes initiating a static program analysis of an application, generating, by a static program analyzer, a query to a dynamic program analyzer upon determining a code construct of the application requiring dynamic analysis, resolving, by the dynamic program analyzer, the query into a set of arguments with which to invoke the code construct of the application, generating, by the dynamic program analyzer, the set of arguments, invoking, by the dynamic program analyzer, the code construct of the application using set of arguments, answering, by the dynamic program analyzer, the query, and continuing the static program analysis of the application. | 05-08-2014 |
20140130019 | Hybrid Program Analysis - A hybrid program analysis method includes initiating a static program analysis of an application, generating, by a static program analyzer, a query to a dynamic program analyzer upon determining a code construct of the application requiring dynamic analysis, resolving, by the dynamic program analyzer, the query into a set of arguments with which to invoke the code construct of the application, generating, by the dynamic program analyzer, the set of arguments, invoking, by the dynamic program analyzer, the code construct of the application using set of arguments, answering, by the dynamic program analyzer, the query, and continuing the static program analysis of the application. | 05-08-2014 |
20140136945 | Automatically Rendering Web Or Hybrid Applications Natively - An embodiment includes causing elements to be recognized that correspond to one or more browser-supported programming languages in an application. The recognized elements are those elements that can be converted to native user interface elements in the operating system and rendered on a display of a computing device. The elements in the one or more browser-supported programming languages are converted to native user interface elements. The native user interface elements are caused to be rendered on the display of the computing device. Methods, apparatus, software, and computer program products are disclosed. | 05-15-2014 |
20140136954 | Automatically Rendering Web or Hybrid Applications Natively - An embodiment includes causing elements to be recognized that correspond to one or more browser-supported programming languages in an application. The recognized elements are those elements that can be converted to native user interface elements in the operating system and rendered on a display of a computing device. The elements in the one or more browser-supported programming languages are converted to native user interface elements. The native user interface elements are caused to be rendered on the display of the computing device. Apparatus and computer program products are disclosed. | 05-15-2014 |
20140137203 | AUTOMATICALLY GENERATING CHALLENGE QUESTIONS INFERRED FROM USER HISTORY DATA FOR USER AUTHENTICATION - User authentication is provided. At least one of a social network and a business network of each user in a plurality of users is accessed. User history data of each user in the plurality of users is monitored in the at least one of the social network and the business network. Challenge questions requiring a user response are generated based on monitoring the user history data of the users. The user response to a generated challenge question is evaluated. A set of events is triggered based on evaluating the user response. | 05-15-2014 |
20140137219 | AUTOMATICALLY GENERATING CHALLENGE QUESTIONS INFERRED FROM USER HISTORY DATA FOR USER AUTHENTICATION - User authentication is provided. At least one of a social network and a business network of each user in a plurality of users is accessed. User history data of each user in the plurality of users is monitored in the at least one of the social network and the business network. Challenge questions requiring a user response are generated based on monitoring the user history data of the users. The user response to a generated challenge question is evaluated. A set of events is triggered based on evaluating the user response. | 05-15-2014 |
20140137239 | Application-Level Anomaly Detection - An example includes intercepting one or more activities performed by an application on a computing device. The intercepting uses an instrumentation layer separating the application from an operating system on the computing device. The one or more activities are compared with one or more anomaly detection policies in a policy configuration file to detect or not detect presence of one or more anomalies. In response to the comparison detecting presence of one or more anomalies, indication(s) of the one or more anomalies are stored. Another example includes receiving indication(s) of anomaly(ies) experienced by an application on computing device(s) and analyzing the indication(s) of the anomaly(ies) to determine whether corrective action(s) should be issued. Responsive to a determination corrective action(s) should be issued based on the analyzing, the corrective action(s) are issued to the computing device(s). Methods, program products, and apparatus are disclosed. | 05-15-2014 |
20140137246 | Application-Level Anomaly Detection - An example includes intercepting one or more activities performed by an application on a computing device. The intercepting uses an instrumentation layer separating the application from an operating system on the computing device. The one or more activities are compared with one or more anomaly detection policies in a policy configuration file to detect or not detect presence of one or more anomalies. In response to the comparison detecting presence of one or more anomalies, indication(s) of the one or more anomalies are stored. Another example includes receiving indication(s) of anomaly(ies) experienced by an application on computing device(s) and analyzing the indication(s) of the anomaly(ies) to determine whether corrective action(s) should be issued. Responsive to a determination corrective action(s) should be issued based on the analyzing, the corrective action(s) are issued to the computing device(s). Methods, program products, and apparatus are disclosed. | 05-15-2014 |
20140143880 | Global Variable Security Analysis - A method includes determining selected global variables in a program for which flow of the selected global variables through the program is to be tracked. The selected global variables are less than all the global variables in the program. The method includes using a static analysis performed on the program, tracking flow through the program for the selected global variables. In response to one or more of the selected global variables being used in security-sensitive operations in the flow, use is analyzed of each one of the selected global variables in a corresponding security-sensitive operation. In response to a determination the use may be a potential security violation, the potential security violation is reported. Apparatus and computer program products are also disclosed. | 05-22-2014 |
20140157419 | DISCOVERY OF APPLICATION VULNERABILITIES INVOLVING MULTIPLE EXECUTION FLOWS - Methods and systems for security analysis of an application are disclosed. In accordance with one method, a flow-insensitive analysis is conducted on the application to obtain a set of potential vulnerabilities in the application. For each of the potential vulnerabilities, a relevant set of control flows that include the respective vulnerability is determined. Further, for each relevant set of control flows, a flow-sensitive analysis of at least one of the control flows in the corresponding relevant set is performed by a hardware processor to assess the validity of the respective vulnerability. | 06-05-2014 |
20140157420 | DISCOVERY OF APPLICATION VULNERABILITIES INVOLVING MULTIPLE EXECUTION FLOWS - Methods and systems for security analysis of an application are disclosed. One system includes a flow-insensitive analyzer, a control flow assessment module and a flow-sensitive analyzer. The flow-insensitive analyzer is configured to conduct a flow-insensitive analysis on the application to obtain a set of potential vulnerabilities in the application. In addition, the control flow assessment module is configured to determine, for each of the potential vulnerabilities, a relevant set of control flows that include the respective vulnerability. Further, the flow-sensitive analyzer is configured to perform, by a hardware processor, for each relevant set of control flows, a flow-sensitive analysis of at least one of the control flows in the corresponding relevant set to assess the validity of the respective vulnerability. | 06-05-2014 |
20140181023 | Transparent Data Service Suitable For Modifying Data Storage Capabilities In Applications - A method includes monitoring, on a computing device, data events corresponding to manipulation of data by an application. The monitoring is performed by a data library service that is embedded in the application. The method includes, in response to the monitoring indicating first data on the computing device is modified by the application, synchronizing, by the computing device under control at least in part of the data library service, second data stored on one or more storage providers in a network with the first data modified by the application and stored on the computing device. Apparatus and computer program products are also disclosed. | 06-26-2014 |
20140181025 | Transparent Data Service Suitable For Modifying Data Storage Capabilities In Applications - A method includes monitoring, on a computing device, data events corresponding to manipulation of data by an application. The monitoring is performed by a data library service that is embedded in the application. The method includes, in response to the monitoring indicating first data on the computing device is modified by the application, synchronizing, by the computing device under control at least in part of the data library service, second data stored on one or more storage providers in a network with the first data modified by the application and stored on the computing device. Apparatus and computer program products are also disclosed. | 06-26-2014 |
20140189657 | Enhanced String Analysis That Improves Accuracy Of Static Analysis - A method includes determining, as part of a static analysis of a program, links between functions in the program and performing, as part of the static analysis, string analysis on strings used in the program to determine additional links between the functions in the program. The method further includes outputting, as part of the static analysis, indications of at least the links between the functions and the additional links between the functions. Apparatus, computer programs, and program products are also disclosed. | 07-03-2014 |
20140189785 | SOCIAL AND PROXIMITY BASED ACCESS CONTROL FOR MOBILE APPLICATIONS - Methods and systems for proximity-based access control include determining whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance; determining whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold with a processor; and activating a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device. | 07-03-2014 |
20140189786 | SOCIAL AND PROXIMITY BASED ACCESS CONTROL FOR MOBILE APPLICATIONS - Systems for proximity-based access control include a proximity module configured to determine whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance; a policy engine comprising a processor configured to determine whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold; and a security module configured to activate a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device. | 07-03-2014 |
20140208428 | MITIGATING SECURITY RISKS VIA CODE MOVEMENT - A method includes performing on a computing system a source-to-sink reachability analysis of code of an application. The reachability analysis is performed using a static analysis of the code and determines flows from sources of information to sinks that use the information. The method includes determining scopes for corresponding security sensitive operations using the determined flows, each of the security sensitive operations corresponding to statements in the code and one or more flows. A scope for a security sensitive operation includes a block of statements in the code that correspond to a set of one or more flows ending at a sink. The method includes, for each of one or more selected scopes, moving statements in a corresponding block of statements that are independent of a security sensitive operation in the block to code before or after the block. Apparatus and program products are also disclosed. | 07-24-2014 |
20140208430 | Mitigating Security Risks Via Code Movement - A method includes performing on a computing system a source-to-sink reachability analysis of code of an application. The reachability analysis is performed using a static analysis of the code and determines flows from sources of information to sinks that use the information. The method includes determining scopes for corresponding security sensitive operations using the determined flows, each of the security sensitive operations corresponding to statements in the code and one or more flows. A scope for a security sensitive operation includes a block of statements in the code that correspond to a set of one or more flows ending at a sink. The method includes, for each of one or more selected scopes, moving statements in a corresponding block of statements that are independent of a security sensitive operation in the block to code before or after the block. Apparatus and program products are also disclosed. | 07-24-2014 |
20140215343 | AUTOMATIC EXTRACTION, MODELING, AND CODE MAPPING OF APPLICATION USER INTERFACE DISPLAY SCREENS AND COMPONENTS - Managing user applications is provided. A visual model of user interface display screens of a user application is generated by mapping components displayed within the user interface display screens to screen position coordinates and by mapping the screen position coordinates corresponding to the components to original source code of the user application. A runtime policy for each component in a selected set of components within the user interface display screens of the user application is generated based on user interaction with the generated visual model of the user interface display screens. The generated runtime policy for each component in the selected set of components is sent to a client device via a network. Activity of each component in the selected set of components in the client device is tracked using data that is tracked and logged on the client device based the generated runtime policy for each selected component. | 07-31-2014 |
20140215344 | AUTOMATIC EXTRACTION, MODELING, AND CODE MAPPING OF APPLICATION USER INTERFACE DISPLAY SCREENS AND COMPONENTS - Managing user applications is provided. A visual model of user interface display screens of a user application is generated by mapping components displayed within the user interface display screens to screen position coordinates and by mapping the screen position coordinates corresponding to the components to original source code of the user application. A runtime policy for each component in a selected set of components within the user interface display screens of the user application is generated based on user interaction with the generated visual model of the user interface display screens. The generated runtime policy for each component in the selected set of components is sent to a client device via a network. Activity of each component in the selected set of components in the client device is tracked using data that is tracked and logged on the client device based the generated runtime policy for each selected component. | 07-31-2014 |
20140222994 | TRANSPARENTLY TRACKING PROVENANCE INFORMATION IN DISTRIBUTED DATA SYSTEMS - Methods and systems for enabling an application to track provenance information include analyzing an application binary to discover injection points for provenance tracking code; overwriting instructions in the application binary at the injection points to create an instrumented application, where the overwritten instructions link the application binary to one or more instrumented libraries that invoke a provenance layer to track data operations; and deploying the instrumented application on a client device. | 08-07-2014 |
20140223000 | TRANSPARENTLY TRACKING PROVENANCE INFORMATION IN DISTRIBUTED DATA SYSTEMS - Systems for enabling an application to track provenance include an application analysis module configured to analyze an application binary to discover injection points for provenance tracking code; and an instruction alteration module configured to overwrite instructions in the application binary at the injection points to create an instrumented application. The overwritten instructions link the application binary to one or more instrumented libraries that invoke a provenance layer to track data operations. | 08-07-2014 |
20140237602 | AUTOMATIC CORRECTION OF SECURITY DOWNGRADERS - Methods and systems for automatic correction of security downgraders includes performing a security analysis that disregards existing user-provided downgraders to detect flows that are vulnerable; locating candidate downgraders on the flows; determining whether each of the candidate downgraders protects against all vulnerabilities associated with each downgrader's respective flow; and transforming candidate downgraders that do not protect against all of the associated vulnerabilities, such that the transformed downgraders do protect against all of the associated vulnerabilities. | 08-21-2014 |
20140237603 | RULE MATCHING IN THE PRESENCE OF LANGUAGES WITH NO TYPES OR AS AN ADJUNCT TO CURRENT ANALYSES FOR SECURITY VULNERABILITY ANALYSIS - A method includes reading by a computing system a rule file including one or more rules having specified paths to methods, each method corresponding to one of a sink, source, or sanitizer. The method includes matching by the computing system the methods to corresponding ones of sinks, sources, or sanitizers determined through a static analysis of an application. The static analysis determines at least flows from sources of information to sinks that use the information. The method includes performing by the computing system, using the sinks, sources, and sanitizers found by the matching, a taint analysis to determine at least tainted flows from sources to sinks, wherein the tainted flows are flows passing information to sinks without the information being endorsed by a sanitizer. Apparatus and program products are also disclosed. | 08-21-2014 |
20140237604 | Rule Matching In The Presence Of Languages With No Types Or As An Adjunct To Current Analyses For Security Vulnerability Analysis - A method includes reading by a computing system a rule file including one or more rules having specified paths to methods, each method corresponding to one of a sink, source, or sanitizer. The method includes matching by the computing system the methods to corresponding ones of sinks, sources, or sanitizers determined through a static analysis of an application. The static analysis determines at least flows from sources of information to sinks that use the information. The method includes performing by the computing system, using the sinks, sources, and sanitizers found by the matching, a taint analysis to determine at least tainted flows from sources to sinks, wherein the tainted flows are flows passing information to sinks without the information being endorsed by a sanitizer. Apparatus and program products are also disclosed. | 08-21-2014 |
20140237605 | AUTOMATIC CORRECTION OF SECURITY DOWNGRADERS - Systems for automatic correction of security downgraders include a security analysis module configured to perform a security analysis that disregards existing user-provided downgraders to detect flows that are vulnerable; and an enhancer module configured to locate candidate downgraders on the flows, to determine whether each of the candidate downgraders protects against all vulnerabilities associated with each downgrader's respective flow, and to transform candidate downgraders that do not protect against all of the associated vulnerabilities such that the transformed downgraders do protect against all of the associated vulnerabilities. | 08-21-2014 |
20140258992 | Scalable and Precise String Analysis Using Index-Sensitive Static String Abstractions - A disclosed method includes accessing one or more seeding specifications and a program including computer-readable code and applying the one or more seeding specifications to the program to identify for analysis seeds including strings for corresponding identified string variables. The method includes tracking flows emanating from the identified seeds. The tracking includes computing an integral offset into a tracked string variable for any statements causing such a computation. The tracking also includes providing a string representation based on the computed integral offset, wherein the provided string representation comprises a value of the integral offset and an indication of the corresponding tracked string variable. The tracking further includes modeling string manipulations of the tracked string variables using the string representations. Apparatus and program products are also disclosed. | 09-11-2014 |
20140259174 | Scalable And Precise String Analysis Using Index-Sensitive Static String Abstractions - A disclosed method includes accessing one or more seeding specifications and a program including computer-readable code and applying the one or more seeding specifications to the program to identify for analysis seeds including strings for corresponding identified string variables. The method includes tracking flows emanating from the identified seeds. The tracking includes computing an integral offset into a tracked string variable for any statements causing such a computation. The tracking also includes providing a string representation based on the computed integral offset, wherein the provided string representation comprises a value of the integral offset and an indication of the corresponding tracked string variable. The tracking further includes modeling string manipulations of the tracked string variables using the string representations. Apparatus and program products are also disclosed. | 09-11-2014 |
20140298476 | SYSTEM, METHOD, APPARATUS AND COMPUTER PROGRAMS FOR SECURELY USING PUBLIC SERVICES FOR PRIVATE OR ENTERPRISE PURPOSES - A method, system, apparatus and computer programs are disclosed to process content for an enterprise. The method includes reviewing, using at least one enterprise policy, content that is to be sent through a data communications network to a public service to determine if the content comprises secure data and, in response to identifying secure data, modifying the content to be sent to the public service such that a presence of secure data will be visually imperceptible when the content is rendered at the public service. The step of modifying can include steganographically embedding the secure data or a link to the secure data in a container such as image data. | 10-02-2014 |
20140298477 | SYSTEM, METHOD, APPARATUS AND COMPUTER PROGRAMS FOR SECURELY USING PUBLIC SERVICES FOR PRIVATE OR ENTERPRISE PURPOSES - A method, system, apparatus and computer programs are disclosed to process content for an enterprise. The method includes reviewing, using at least one enterprise policy, content that is to be sent through a data communications network to a public service to determine if the content comprises secure data and, in response to identifying secure data, modifying the content to be sent to the public service such that a presence of secure data will be visually imperceptible when the content is rendered at the public service. The step of modifying can include steganographically embedding the secure data or a link to the secure data in a container such as image data. | 10-02-2014 |
20140317747 | Partitioning of Program Analyses into Sub-Analyses Using Dynamic Hints - An exemplary method includes performing a first static analysis to locate elements within a program and instrumenting the program to enable a subsequent dynamic analysis based on the located elements. The method includes executing the instrumented program and performing during execution analysis to determine individual sets of statements in the program affected by a corresponding element. The method includes partitioning the sets of statements into partitions based on one or more considerations, each partition including one or more of the elements. The method includes performing a second static analysis on the partitions of the program to produce results and outputting the results. The method may be performed for, e.g., security (e.g., taint) analysis, buffer overflow analysis, and typestate analysis. Apparatus and program products are also disclosed. | 10-23-2014 |
20140317748 | Partitioning of Program Analyses into Sub-Analyses Using Dynamic Hints - An exemplary apparatus and computer program product are disclosed which employ a method that includes performing a first static analysis to locate elements within a program and instrumenting the program to enable a subsequent dynamic analysis based on the located elements. The method includes executing the instrumented program and performing during execution analysis to determine individual sets of statements in the program affected by a corresponding element. The method includes partitioning the sets of statements into partitions based on one or more considerations, each partition including one or more of the elements. The method includes performing a second static analysis on the partitions of the program to produce results and outputting the results. The method may be performed for, e.g., security (e.g., taint) analysis, buffer overflow analysis, and typestate analysis. | 10-23-2014 |
20140344938 | Progressive Static Security Analysis - A disclosed method includes determining modifications have been made to a program and deriving data flow seeds that are affected by the modifications. The method includes selecting one of the data flow seeds that are affected by the modifications or data flow seeds that are not affected by the modifications but that are part of flows that are affected by the modifications and performing a security analysis on the program. The security analysis includes tracking flows emanating from the selected data flow seeds to sinks terminating the flows. The method includes outputting results of the security analysis. The results comprise one or more indications of security status for one or more of the flows emanating from the selected data flow seeds. At least the deriving, selecting, and performing are performed using a static analysis of the program. Apparatus and program products are also disclosed. | 11-20-2014 |
20140344939 | Progressive Static Security Analysis - A disclosed method includes determining modifications have been made to a program and deriving data flow seeds that are affected by the modifications. The method includes selecting one of the data flow seeds that are affected by the modifications or data flow seeds that are not affected by the modifications but that are part of flows that are affected by the modifications and performing a security analysis on the program. The security analysis includes tracking flows emanating from the selected data flow seeds to sinks terminating the flows. The method includes outputting results of the security analysis. The results comprise one or more indications of security status for one or more of the flows emanating from the selected data flow seeds. At least the deriving, selecting, and performing are performed using a static analysis of the program. Apparatus and program products are also disclosed. | 11-20-2014 |
20140349571 | Method, Apparatus and Computer Program Product Providing Performance and Energy Optimization for Mobile Computing - A mobile device includes a computer-readable medium storing computer program instructions, a data processor to execute the instructions, and communication circuitry configured for local area wireless connectivity with neighboring mobile devices and for wireless connectivity to a remote server from which at least a portion of a data set is downloaded. Execution of the computer program instructions results in estimating a cost to perform a computation task on the data set. If the estimated cost is greater than a threshold cost, an ad-hoc wireless network is formed with at least one other mobile device and the mobile device downloads a portion of the data set assigned to the mobile device. The mobile device then performs a computation task on the downloaded portion of the data set and wirelessly transfers a result of the computation task to the at least one other mobile device of the ad-hoc wireless network. | 11-27-2014 |
20140351310 | METHOD, APPARATUS AND COMPUTER PROGRAM PRODUCT PROVIDING PERFORMANCE AND ENERGY OPTIMIZATION FOR MOBILE COMPUTING - A method to share a computation task amongst a plurality of devices including at least one mobile device. The method includes estimating a cost to perform a computation task on a data set. If the estimated cost is greater than a threshold cost, the method further includes forming an ad-hoc wireless network comprised of a plurality of devices; downloading a portion of the data set to individual ones of the devices; performing a computation task by each device on the downloaded portion of the data set; and wirelessly transferring a result of the computation task from each device to all other devices of the network. The method can be performed by execution of an application program stored in mobile devices configured for local area wireless connectivity with neighboring mobile devices and for wireless connectivity to a remote server from which the portion of the data set is downloaded. | 11-27-2014 |
20140373157 | After-the-Fact Configuration of Static Analysis Tools Able to Reduce User Burden - A method includes mapping, based on a first mapping from possible security findings to possible configuration-related sources of imprecision, actual security findings from a static analysis of a program to corresponding configuration-related sources of imprecision, the mapping of the actual security findings creating a second mapping. A user is requested to configure selected ones of the configuration-related sources of imprecision from the second mapping. Responsive to a user updating configuration corresponding to the selected ones of the configuration-related sources of imprecision, security analysis results are updated for the static analysis of the program at least by determining whether one or more security findings from the security analysis results are no longer considered to be vulnerable based on the updated configuration by the user. The updated security analysis results are output. Apparatus and program products are also disclosed. | 12-18-2014 |
20140373159 | After-The-Fact Configuration Of Static Analysis Tools Able To Reduce User Burden - A method includes mapping, based on a first mapping from possible security findings to possible configuration-related sources of imprecision, actual security findings from a static analysis of a program to corresponding configuration-related sources of imprecision, the mapping of the actual security findings creating a second mapping. A user is requested to configure selected ones of the configuration-related sources of imprecision from the second mapping. Responsive to a user updating configuration corresponding to the selected ones of the configuration-related sources of imprecision, security analysis results are updated for the static analysis of the program at least by determining whether one or more security findings from the security analysis results are no longer considered to be vulnerable based on the updated configuration by the user. The updated security analysis results are output. Apparatus and program products are also disclosed. | 12-18-2014 |
20150046909 | System, Method, and Apparatus for Automatic Recording and Replaying of Application Executions - A method comprises receiving data pertaining to a recorded interaction between a test device operating system and an application on a test device, the recorded interaction being based on a user input; compiling the data pertaining to the recorded interaction in a script compiler, the data comprising human-readable action-description language; sending the compiled data comprising human-readable action-description language from the script compiler of the server to a developer device; receiving modified data from the developer device; and sending the modified data from the developer device to the test device. | 02-12-2015 |
20150052503 | Automatically Capturing User Interactions And Evaluating User Interfaces In Software Programs Using Field Testing - A method includes analyzing, on a first computing device, data from second computing device(s) of user interaction with a user interface of an application previously executed on the second computing device(s). The data corresponds to events caused by the user interaction with the user interface of the application. The first computing device generates representation(s) of the analyzed data and outputs the representation(s) of the user interaction. Another method includes capturing and logging, by a computing device, events caused by user interaction with a user interface of an application when the application is executed on the computing device. In response to a trigger, data comprising the captured and logged events is sent toward another computing device. Another method includes instrumenting a measurement library into an application to create an instrumented version of the application, and sending the instrumented application to computing device(s). Methods, apparatus, software, and computer program products are disclosed. | 02-19-2015 |
20150067653 | AUTOMATIC GENERATION OF ANALYSIS-EQUIVALENT APPLICATION CONSTRUCTS - A computer program to be subjected to static analysis includes at least one framework, in turn including high-level code and at least one configuration file. A specification which describes run-time behavior of the program, including run-time behavior of the at least one framework including the high-level code and the at least one configuration file, is created from the computer program. Based on the specification, synthetic high-level code which accurately simulates the run-time behavior of the at least one framework including the high-level code and the at least one configuration file, without framework usage, is created. Static analysis of the computer program is carried out based on the synthetic high-level code. | 03-05-2015 |
20150067660 | BUILDING REUSABLE FUNCTION SUMMARIES FOR FREQUENTLY VISITED METHODS TO OPTIMIZE DATA-FLOW ANALYSIS - A method includes inspecting function summaries generated during a static analysis of a program and identifying a set of function summaries for a same method that have structural similarities. The method includes replacing the set of structurally similar summaries with a coarse summary. The method further includes using the coarse summary in subsequent static analysis operations. Apparatus and program products are also disclosed. | 03-05-2015 |
20150067664 | SYSTEM, METHOD AND APPARATUS FOR TRANSPARENTLY ENABLING SOFTWARE APPLICATIONS WITH ADAPTIVE USER INTERFACES - A method includes receiving, by a library instrumented into an application executable by a computing device, a message indicating modification(s) that should be performed to user interface component(s) able to be rendered by the application on a display of the computing device. The user interface component(s) are modified to create modified user interface component(s). The modified user interface component(s) are caused to be rendered on the display. Another method includes accessing a description of user interface component(s) for an application executable on a computing device, wherein the user interface component(s) are able to be rendered by the application on a display of the computing device. A developer is allowed to modify information concerning the user interface component(s). Message(s) are formed to allow modification(s) and corresponding user interface component(s) to be determined and the message(s) are sent to computing device(s) having the application. Apparatus, software, and computer program products are disclosed. | 03-05-2015 |
20150067834 | Building Reusable Function Summaries for Frequently Visited Methods to Optimize Data-Flow Analysis - A method includes inspecting function summaries generated during a static analysis of a program and identifying a set of function summaries for a same method that have structural similarities. The method includes replacing the set of structurally similar summaries with a coarse summary. The method further includes using the coarse summary in subsequent static analysis operations. Apparatus and program products are also disclosed. | 03-05-2015 |
20150089637 | System, Method and Apparatus for Simultaneous Definition and Enforcement of Access-control and Integrity Policies - Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions. | 03-26-2015 |