Fine-grained analysis and prevention of invalid privilege transitions
First Claim
Patent Images
1. A computer-implemented method executed on a processor for analyzing operations of privilege changes, the method comprising:
- inputting source code of a program from a computing device;
performing, via the processor, source code analysis on the program by;
generating a privilege control flow graph (PCFG);
generating a privilege data flow graph (PDFG) defined as a graph where a node is a privilege state of the program and an edge is a transition between source and destination privilege states, the edge having properties regarding parameters for privilege change operations, metadata of the parameters including three properties, the first property indicating whether a parameter of the parameters is a constant or a variable, the second property shows possible values either as a list of values or a range of values with start and end values, and the third property represents a list of source code locations which define and manipulate the values; and
generating a privilege call context graph (PCCG);
based on the source code analysis results, instrumenting the source code of the program to insert an inspection code to check for proper transitions of privileges and to prevent potential invalid privilege transitions;
rebuilding the program by employing revised code including information from the PCFG, the PDFG, and the PCCG;
at runtime inspection, deploying the rebuilt program to the computing device to perform runtime inspection to determine potential abnormal usages of the privilege change operations.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for analyzing operations of privilege changes is presented. The computer-implemented method includes inputting a program and performing source code analysis on the program by generating a privilege control flow graph (PCFG), generating a privilege data flow graph (PDFG), and generating a privilege call context graph (PCCG). The computer-implemented method further includes, based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations, and performing runtime inspection and anomaly prevention.
10 Citations
20 Claims
-
1. A computer-implemented method executed on a processor for analyzing operations of privilege changes, the method comprising:
-
inputting source code of a program from a computing device; performing, via the processor, source code analysis on the program by; generating a privilege control flow graph (PCFG); generating a privilege data flow graph (PDFG) defined as a graph where a node is a privilege state of the program and an edge is a transition between source and destination privilege states, the edge having properties regarding parameters for privilege change operations, metadata of the parameters including three properties, the first property indicating whether a parameter of the parameters is a constant or a variable, the second property shows possible values either as a list of values or a range of values with start and end values, and the third property represents a list of source code locations which define and manipulate the values; and generating a privilege call context graph (PCCG); based on the source code analysis results, instrumenting the source code of the program to insert an inspection code to check for proper transitions of privileges and to prevent potential invalid privilege transitions; rebuilding the program by employing revised code including information from the PCFG, the PDFG, and the PCCG; at runtime inspection, deploying the rebuilt program to the computing device to perform runtime inspection to determine potential abnormal usages of the privilege change operations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for analyzing operations of privilege changes, the system comprising:
-
a memory; and a processor in communication with the memory, wherein the processor is configured to; input source code of a program from a computing device; perform, via the processor, source code analysis on the program by; generating a privilege control flow graph (PCFG); generating a privilege data flow graph (PDFG) defined as a graph where a node is a privilege state of the program and an edge is a transition between source and destination privilege states, the edge having properties regarding parameters for privilege change operations, metadata of the parameters including three properties, the first property indicating whether a parameter of the parameters is a constant or a variable, the second property shows possible values either as a list of values or a range of values with start and end values, and the third property represents a list of source code locations which define and manipulate the values; and generating a privilege call context graph (PCCG); based on the source code analysis results, instrument the source code of the program to insert an inspection code to check for proper transitions of privileges and to prevent potential invalid privilege transitions; rebuild the program by employing revised code including information from the PCFG, the PDFG, and the PCCG; at runtime inspection, deploy the rebuilt program to the computing device to perform runtime inspection to determine potential abnormal usages of the privilege change operations. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium comprising a computer-readable program for analyzing operations of privilege changes, wherein the computer-readable program when executed on a computer causes the computer to perform the steps of:
-
inputting source code of a program from a computing device; performing, via the processor, source code analysis on the program by; generating a privilege control flow graph (PCFG); generating a privilege data flow graph (PDFG) defined as a graph where a node is a privilege state of the program and an edge is a transition between source and destination privilege states, the edge having properties regarding parameters for privilege change operations, metadata of the parameters including three properties, the first property indicating whether a parameter of the parameters is a constant or a variable, the second property shows possible values either as a list of values or a range of values with start and end values, and the third property represents a list of source code locations which define and manipulate the values; and generating a privilege call context graph (PCCG); based on the source code analysis results, instrumenting the source code of the program to insert an inspection code to check for proper transitions of privileges and to prevent potential invalid privilege transitions; rebuilding the program by employing revised code including information from the PCFG, the PDFG, and the PCCG; at runtime inspection, deploying the rebuilt program to the computing device to perform runtime inspection to determine potential abnormal usages of the privilege change operations. - View Dependent Claims (18, 19, 20)
-
Specification