AUTOMATIC DATA PATCH GENERATION FOR UNKNOWN VULNERABILITIES
First Claim
Patent Images
1. A system implemented on a machine that effectuates and facilitates data patch generation for vulnerabilities with informed probing, comprising:
- a detector that receives or obtains a data stream containing exploits from an interface, the detector constructs a probe and determines whether the probe takes advantage of the vulnerabilities, and based at least in part on the determination the detector dynamically generates the data patch for the vulnerabilities.
2 Assignments
0 Petitions
Accused Products
Abstract
The claimed subject matter provides a system and/or method that generates data patches for vulnerabilities. The system can include devices and components that examine exploits received or obtained from data streams, constructs probes and determines whether the probes take advantage of vulnerabilities. Based at least in part on such determinations data patches are dynamically generated to remedy the hitherto vulnerabilities.
-
Citations
20 Claims
-
1. A system implemented on a machine that effectuates and facilitates data patch generation for vulnerabilities with informed probing, comprising:
a detector that receives or obtains a data stream containing exploits from an interface, the detector constructs a probe and determines whether the probe takes advantage of the vulnerabilities, and based at least in part on the determination the detector dynamically generates the data patch for the vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
19. A method implemented on a machine that effectuates and facilitates data patch generation for vulnerabilities, comprising:
-
detecting an exploit received from a crash dump or honeyfarm; creating a probe based on the exploit; ascertaining whether the probe makes evident the vulnerabilities; and automatically generating the data patch for the vulnerabilities.
-
-
20. A system that generates vulnerability signatures for vulnerabilities, comprising:
-
means for creating a probe based on a received attack instance; means for predicting whether the probe uncovers the vulnerabilities; and means for dynamically creating data patches that cure the vulnerabilities.
-
Specification