Source code management method for malicious code detection

US 20060230289A1
Filed: 03/29/2005
Published: 10/12/2006
Est. Priority Date: 03/29/2005
Status: Active Grant

First Claim

Patent Images

1. A method in a data processing system for autonomically detecting malicious source code prior to executing a software product build, the method comprising:

responsive to receiving source code from a set of software developers in a collaborative development environment, moving the source code to a staging area;

determining whether the source code in the staging area contains malicious code; and

responsive to a determination that malicious code exists, removing the source code from the software product build.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for enhancing source code management by using existing virus detection methods in a library management system to detect potentially malicious code. With the mechanism of the present invention, malicious code that is introduced into a software product may be detected before the code is able to damage stored data and other software by preventing a product build with the destructive code. When source code is received at a code management library system from a set of software developers in a collaborative development environment, the source code is moved into a staging area. A determination is then made as to whether malicious code exists in the source code. If malicious code exists, the library system removes the source code from the software product build and notifies the system administrator of the presence of malicious code.

Citations

20 Claims

1. A method in a data processing system for autonomically detecting malicious source code prior to executing a software product build, the method comprising:
- responsive to receiving source code from a set of software developers in a collaborative development environment, moving the source code to a staging area;
  
  determining whether the source code in the staging area contains malicious code; and
  
  responsive to a determination that malicious code exists, removing the source code from the software product build.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - responsive to the determination that malicious code exists, notifying a system administrator of the malicious code.
  - 3. The method of claim 1, further comprising:
    - responsive to a determination that malicious code does not exist, continuing the software product build of the source code.
  - 4. The method of claim 1, wherein removing the source code from the software product build includes placing the source code in quarantine.
  - 5. The method of claim 1, wherein the determining step includes one of malicious code pattern matching and malicious code pattern identification.
  - 6. The method of claim 1, wherein the determining step is performed when one of a network access to a hard-coded host, a file system access to a sensitive file, and a file system access to a system file occurs.
  - 7. The method of claim 6, wherein malicious code pattern matching is used to compare the source code against pre-set patterns of malicious code.

8. A code management library system for autonomically detecting malicious source code prior to executing a software product build, comprising:
- a staging area, wherein the source code holds the source code received from a set of software developers in a collaborative development environment;
  
  a build machine for performing the software product build; and
  
  a detection engine, wherein the detection engine determines whether the source code in the staging area contains malicious code and removes the source code from the software product build in response to determining that malicious code exists.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The code management library system of claim 8, wherein the detection engine further notifies a system administrator of the malicious code in response to determining that malicious code exists.
  - 10. The code management library system of claim 8, further comprising:
    - wherein the detection engine sends the source code to the build machine to execute the software product build in response to determining that malicious code does not exist.
  - 11. The code management library system of claim 8, wherein removing the source code from the software product build includes placing the source code in quarantine.
  - 12. The code management library system of claim 8, wherein the detection engine determines whether malicious code exists in the source code using one of malicious code pattern matching and malicious code pattern identification.
  - 13. The code management library system of claim 8, wherein the detection engine determines malicious code exists in the source code when one of a network access to a hard-coded host, a file system access to a sensitive file, and a file system access to a system file occurs.
  - 14. The code management library system of claim 12, wherein malicious code pattern matching is used to compare the source code against pre-set patterns of malicious code.

15. A computer program product in a computer readable medium for autonomically detecting malicious source code prior to executing a software product build, comprising:
- first instructions for moving source code to a staging area in response to receiving the source code from a set of software developers in a collaborative development environment;
  
  second instructions for determining whether the source code in the staging area contains malicious code; and
  
  third instructions for removing the source code from the software product build in response to a determination that malicious code exists.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product of claim 15, further comprising:
    - fourth instructions for notifying a system administrator of the malicious code in response to determining that malicious code exists.
  - 17. The computer program product of claim 15, further comprising:
    - fourth instructions continuing the software product build of the source code in response to determining that malicious code does not exist.
  - 18. The computer program product of claim 15, wherein the third instructions for removing the source code from the software product build includes placing the source code in quarantine.
  - 19. The computer program product of claim 15, wherein the second instructions for determining whether the source code in the staging area contains malicious code is performed using one of malicious code pattern matching and malicious code pattern identification.
  - 20. The computer program product of claim 15, wherein the second instructions for determining whether the source code in the staging area contains malicious code is performed when one of a network access to a hard-coded host, a file system access to a sensitive file, and a file system access to a system file occurs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines SA (International Business Machines Corporation)
Inventors
Fox, James Edward, Magee, Lisa Hayes, Magee, Erich Shannon

Granted Patent

US 7,725,735 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/188
CPC Class Codes

G06F 21/563 by source code analysis

Source code management method for malicious code detection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Source code management method for malicious code detection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links