APPARATUS FOR AUTOMATICALLY INSPECTING SECURITY OF APPLICATIONS AND METHOD THEREOF

US 20130117855A1
Filed: 08/31/2012
Published: 05/09/2013
Est. Priority Date: 11/09/2011
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus for automatically inspecting security of mobile applications, the apparatus comprising:

a static analyzer configured to perform a static analysis by reversing an execution file of the mobile application;

an automatic execution processor configured to generate an automatic execution script used to automatically execute the execution file and execute the automatic execution script automatically to generate a log; and

a dynamic analyzer configured to analyze whether a pattern of malicious codes was executed in the execution file using the result of the static analysis and the log resulted from the automatic execution.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus automatically inspects security of mobile applications. The apparatus includes a static analyzer to perform a static analysis by reversing an execution file of the mobile application, and an automatic execution processor to generate an automatic execution script used to automatically execute the execution file and execute the automatic execution script automatically to generate a log. The apparatus further includes a dynamic analyzer to analyze whether a pattern of malicious codes was executed in the execution file using the result of the static analysis and the log resulted from the automatic execution.

225 Citations

13 Claims

1. An apparatus for automatically inspecting security of mobile applications, the apparatus comprising:
- a static analyzer configured to perform a static analysis by reversing an execution file of the mobile application;
  
  an automatic execution processor configured to generate an automatic execution script used to automatically execute the execution file and execute the automatic execution script automatically to generate a log; and
  
  a dynamic analyzer configured to analyze whether a pattern of malicious codes was executed in the execution file using the result of the static analysis and the log resulted from the automatic execution.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus of claim 1, wherein the static analyzer performs a structural analysis, a permission analysis, and control and data stream analysis of the execution file by the reversing.
  - 3. The apparatus of claim 1, wherein the static analyzer automates a process of the static analysis by making a detailed description for a class and a method of the execution file.
  - 4. The apparatus of claim 1, wherein the automatic execution processor generates a test case automatically using information generated by the static analysis, and generates the automatic execution script on the basis of the test case.
  - 5. The apparatus of claim 1, wherein the dynamic analyzer analyzes control stream, data stream and permission for the execution file using the result of the static analysis and the log resulted from the automatic execution, thereby drawing a log analysis result, and analyzes the drawn log analysis result in each category and each level, thereby analyzing whether the pattern of malicious codes was executed in the execution file.
  - 6. The apparatus of claim 5, wherein the log analysis in each category is performed for networks, peripheral devices or Internet accesses in which the execution file is used.
  - 7. The apparatus of claim 5, wherein the log analysis in each level is performed for the system or application levels in which the execution file is executed.

8. A method for automatically inspecting security of mobile applications, the method comprising:
- performing a static analysis by reversing an execution file of the mobile application to be analyzed;
  
  generating a script to automatically execute the execution file;
  
  executing the script automatically to generate a log; and
  
  analyzing whether a pattern of malicious codes was executed in the execution file using the result of the static analysis and the log resulted from the automatic execution.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, wherein said performing the static analysis comprises:
    - analyzing a structure of the execution file by the reversing;
      
      analyzing whether a permission defined in the execution file is appropriate; and
      
      analyzing control and data stream of the execution file.
  - 10. The method of claim 8, wherein said generating the log comprises:
    - generating a test case automatically using information generated by the static analysis;
      
      generating a script to automatically execute the execution file on the basis of the test case; and
      
      generating a log by automatically executing the script.
  - 11. The method of claim 8, wherein said analyzing whether a pattern of malicious codes was executed in the execution file comprises:
    - performing analyses of control streams, data streams and permissions for the execution file using the result of the static analysis and the log resulted from the automatic execution, thereby drawing a log analysis result; and
      
      analyzing whether the pattern of malicious codes was executed in the execution file by analyzing the drawn log analysis result in each category and each level.
  - 12. The method of claim 11, wherein the log analysis in each category is performed for networks, peripheral devices or Internet accesses in which the execution file is used.
  - 13. The method of claim 11, wherein the log analysis in each level is performed for systems or application files in which the execution file is executed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
Kim, Sin Hyo, Cho, Hyunsook, Han, Seung Wan, Moon, Jong Sik

Application Number

US13/602,026
Publication Number

US 20130117855A1
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/563   by source code analysis

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/033   Test or assess software

APPARATUS FOR AUTOMATICALLY INSPECTING SECURITY OF APPLICATIONS AND METHOD THEREOF

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

225 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

APPARATUS FOR AUTOMATICALLY INSPECTING SECURITY OF APPLICATIONS AND METHOD THEREOF

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

225 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links