SYSTEMS AND METHODS FOR AUTOMATED DETECTION OF APPLICATION VULNERABILITIES
First Claim
Patent Images
1. A non-transitory computer-readable medium embodying at least one program executable in a computing device, comprising:
- code that obtains a plurality of mobile applications from a source entity;
code that identifies an entry point corresponding to a potential vulnerability in the mobile applications;
code that generates a simulated user input for an element of a user interface associated with the entry point based at least in part on an input type associated with the element of the user interface;
code that installs and initiates execution of each of the mobile applications in a plurality of emulated mobile computing devices;
code that provides the simulated user input to each of the mobile applications in response to determining that a state of each of the mobile applications corresponds to the entry point; and
code that determines that a communication interception obtained from a proxy corresponds to one of the mobile applications in response to obtaining the communication interception from the proxy.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are systems and methods for performing automatic, large-scale analysis mobile applications to determine and analyze application vulnerability. The disclosed systems and methods include identifying potentially vulnerable applications, identifying the application entry points that lead to vulnerable behavior, and generating smart input for text fields. Thus, a fully automated framework is implemented to run in parallel on multiple emulators, while collecting vital information.
-
Citations
20 Claims
-
1. A non-transitory computer-readable medium embodying at least one program executable in a computing device, comprising:
-
code that obtains a plurality of mobile applications from a source entity; code that identifies an entry point corresponding to a potential vulnerability in the mobile applications; code that generates a simulated user input for an element of a user interface associated with the entry point based at least in part on an input type associated with the element of the user interface; code that installs and initiates execution of each of the mobile applications in a plurality of emulated mobile computing devices; code that provides the simulated user input to each of the mobile applications in response to determining that a state of each of the mobile applications corresponds to the entry point; and code that determines that a communication interception obtained from a proxy corresponds to one of the mobile applications in response to obtaining the communication interception from the proxy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
-
at least one computing device; and an application vulnerability service executable in the at least one computing device, the application vulnerability service comprising; logic that identifies a plurality of mobile applications that are associated with a potential vulnerability; logic that installs and initiates execution of the mobile applications in a plurality of emulated mobile computing devices; logic that provides a simulated user input for an element of a user interface associated with an entry point for each of the mobile applications, the simulated user input configured to test the potential vulnerability of each of the mobile applications; and logic that determines whether at least one of the mobile applications is vulnerable in response to analyzing network traffic data associated with the entry point and the mobile applications. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
identifying, by at least one computing device, a plurality of applications that are associated with a potential vulnerability; installing and initiating execution of the applications, by the at least one computing device, in a plurality of emulated mobile computing devices; providing, by the at least one computing device, a simulated user input for an element of a user interface associated with an entry point for each of the applications; and logic that determines whether at least one of the applications is vulnerable in response to processing network traffic data associated with the entry point of each of the applications. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification