Fine-Grained Analysis and Prevention of Invalid Privilege Transitions

US 20180052998A1
Filed: 06/15/2017
Published: 02/22/2018
Est. Priority Date: 08/16/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method executed on a processor for analyzing operations of privilege changes, the method comprising:

inputting a program;

performing source code analysis on the program by;

generating a privilege control flow graph (PCFG);

generating a privilege data flow graph (PDFG); and

generating a privilege call context graph (PCCG);

based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations; and

performing runtime inspection and anomaly prevention.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for analyzing operations of privilege changes is presented. The computer-implemented method includes inputting a program and performing source code analysis on the program by generating a privilege control flow graph (PCFG), generating a privilege data flow graph (PDFG), and generating a privilege call context graph (PCCG). The computer-implemented method further includes, based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations, and performing runtime inspection and anomaly prevention.

Citations

20 Claims

1. A computer-implemented method executed on a processor for analyzing operations of privilege changes, the method comprising:
- inputting a program;
  
  performing source code analysis on the program by;
  
  generating a privilege control flow graph (PCFG);
  
  generating a privilege data flow graph (PDFG); and
  
  generating a privilege call context graph (PCCG);
  
  based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations; and
  
  performing runtime inspection and anomaly prevention.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the privilege control flow graph provides code locations of the privilege change operations.
  - 3. The method of claim 2, wherein the privilege data flow graph provides data flow of parameters of the privilege change operations.
  - 4. The method of claim 3, wherein the privilege call context graph provides possible call stacks when the privilege change operations are invoked.
  - 5. The method of claim 4, wherein the runtime inspection determines whether the privilege change operations are invoked from places obtained from static analysis.
  - 6. The method of claim 5, wherein the runtime inspection determines whether the parameters of the privilege change operations are consistent with data obtained in the static analysis.
  - 7. The method of claim 6, wherein the runtime inspection determines whether the call stacks at the privilege change operations are consistent with possible call stacks obtained from the static analysis.
  - 8. The method of claim 1, wherein the runtime inspection includes privilege change inspection and prevention logic (PIPL) for comparing the PCFG, PDFG, and PCCG graphs with runtime function call information.

9. A system for analyzing operations of privilege changes, the system comprising:
- a memory; and
  
  a processor in communication with the memory, wherein the processor is configured to;
  
  input a program;
  
  perform source code analysis on the program by;
  
  generating a privilege control flow graph (PCFG);
  
  generating a privilege data flow graph (PDFG); and
  
  generating a privilege call context graph (PCCG);
  
  based on the source code analysis results, instrument the program to perform inspections on execution states at privilege change operations; and
  
  perform runtime inspection and anomaly prevention.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the privilege control flow graph provides code locations of the privilege change operations.
  - 11. The system of claim 10, wherein the privilege data flow graph provides data flow of parameters of the privilege change operations.
  - 12. The system of claim 11, wherein the privilege call context graph provides possible call stacks when the privilege change operations are invoked.
  - 13. The system of claim 12, wherein the runtime inspection determines whether the privilege change operations are invoked from places obtained from static analysis.
  - 14. The system of claim 13, wherein the runtime inspection determines whether the parameters of the privilege change operations are consistent with data obtained in the static analysis.
  - 15. The system of claim 14, wherein the runtime inspection determines whether the call stacks at the privilege change operations are consistent with possible call stacks obtained from the static analysis.
  - 16. The system of claim 9, wherein the runtime inspection includes privilege change inspection and prevention logic (PIPL) for comparing the PCFG, PDFG, and PCCG graphs with runtime function call information.

17. A non-transitory computer-readable storage medium comprising a computer-readable program for analyzing operations of privilege changes, wherein the computer-readable program when executed on a computer causes the computer to perform the steps of:
- inputting a program;
  
  performing source code analysis on the program by;
  
  generating a privilege control flow graph (PCFG);
  
  generating a privilege data flow graph (PDFG); and
  
  generating a privilege call context graph (PCCG);
  
  based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations; and
  
  performing runtime inspection and anomaly prevention.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory computer-readable storage medium of claim 17,wherein the privilege control flow graph provides code locations of the privilege change operations;
    - wherein the privilege data flow graph provides data flow of parameters of the privilege change operations; and
      
      wherein the privilege call context graph provides possible call stacks when the privilege change operations are invoked.
  - 19. The non-transitory computer-readable storage medium of claim 18,wherein the runtime inspection determines whether the privilege change operations are invoked from places obtained from static analysis;
    - wherein the runtime inspection determines whether the parameters of the privilege change operations are consistent with data obtained in the static analysis; and
      
      wherein the runtime inspection determines whether the call stacks at the privilege change operations are consistent with possible call stacks obtained from the static analysis.
  - 20. The non-transitory computer-readable storage medium of claim 17, wherein the runtime inspection includes privilege change inspection and prevention logic (PIPL) for comparing the PCFG, PDFG, and PCCG graphs with runtime function call information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Laboratories America Inc (NEC Corporation)
Inventors
Rhee, Junghwan, Jeon, Yuseok, Li, Zhichun, Jee, Kangkook, Wu, Zhenyu, Jiang, Guofei

Granted Patent

US 10,402,564 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 21/563   by source code analysis

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/6218   to a system of files or obj...

G06F 2221/034   Test or assess a computer o...

G06F 2221/2141   Access rights, e.g. capabil...

Fine-Grained Analysis and Prevention of Invalid Privilege Transitions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Fine-Grained Analysis and Prevention of Invalid Privilege Transitions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links