Fine-Grained Analysis and Prevention of Invalid Privilege Transitions
First Claim
1. A computer-implemented method executed on a processor for analyzing operations of privilege changes, the method comprising:
- inputting a program;
performing source code analysis on the program by;
generating a privilege control flow graph (PCFG);
generating a privilege data flow graph (PDFG); and
generating a privilege call context graph (PCCG);
based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations; and
performing runtime inspection and anomaly prevention.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for analyzing operations of privilege changes is presented. The computer-implemented method includes inputting a program and performing source code analysis on the program by generating a privilege control flow graph (PCFG), generating a privilege data flow graph (PDFG), and generating a privilege call context graph (PCCG). The computer-implemented method further includes, based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations, and performing runtime inspection and anomaly prevention.
-
Citations
20 Claims
-
1. A computer-implemented method executed on a processor for analyzing operations of privilege changes, the method comprising:
-
inputting a program; performing source code analysis on the program by; generating a privilege control flow graph (PCFG); generating a privilege data flow graph (PDFG); and generating a privilege call context graph (PCCG); based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations; and performing runtime inspection and anomaly prevention. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for analyzing operations of privilege changes, the system comprising:
-
a memory; and a processor in communication with the memory, wherein the processor is configured to; input a program; perform source code analysis on the program by; generating a privilege control flow graph (PCFG); generating a privilege data flow graph (PDFG); and generating a privilege call context graph (PCCG); based on the source code analysis results, instrument the program to perform inspections on execution states at privilege change operations; and perform runtime inspection and anomaly prevention. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium comprising a computer-readable program for analyzing operations of privilege changes, wherein the computer-readable program when executed on a computer causes the computer to perform the steps of:
-
inputting a program; performing source code analysis on the program by; generating a privilege control flow graph (PCFG); generating a privilege data flow graph (PDFG); and generating a privilege call context graph (PCCG); based on the source code analysis results, instrumenting the program to perform inspections on execution states at privilege change operations; and performing runtime inspection and anomaly prevention. - View Dependent Claims (18, 19, 20)
-
Specification