Apparatus and method for analyzing and supplementing a program to provide security

US 8,347,392 B2
Filed: 08/25/2006
Issued: 01/01/2013
Est. Priority Date: 08/25/2005
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable storage medium, comprising executable instructions to:

perform an automated analysis of program instructions using a security module to analyze application output prior to the program instructions being invoked, wherein the automated analysis includes an automated analysis of injection vulnerabilities, an automated analysis of potential repetitive attacks including session ID guessing, credential guessing, click fraud and site probing, an automated analysis of sensitive information, and an automated analysis of specific HTTP attributes;

select and insert protective instructions into the program instructions based on the automated analysis of the injection vulnerabilities, wherein the protective instructions comprise a call that generates a security event during runtime; and

utilize a runtime security module to detect and respond to attacks by analyzing the generated security event during execution of the program instructions.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer readable storage medium has executable instructions to perform an automated analysis of program instructions. The automated analysis includes at least two analyses selected from an automated analysis of injection vulnerabilities, an automated analysis of potential repetitive attacks, an automated analysis of sensitive information, and an automated analysis of specific HTTP attributes. Protective instructions are inserted into the program instructions. The protective instructions are utilized to detect and respond to attacks during execution of the program instructions.

133 Citations

View as Search Results

17 Claims

1. A non-transitory computer readable storage medium, comprising executable instructions to:
- perform an automated analysis of program instructions using a security module to analyze application output prior to the program instructions being invoked, wherein the automated analysis includes an automated analysis of injection vulnerabilities, an automated analysis of potential repetitive attacks including session ID guessing, credential guessing, click fraud and site probing, an automated analysis of sensitive information, and an automated analysis of specific HTTP attributes;
  
  select and insert protective instructions into the program instructions based on the automated analysis of the injection vulnerabilities, wherein the protective instructions comprise a call that generates a security event during runtime; and
  
  utilize a runtime security module to detect and respond to attacks by analyzing the generated security event during execution of the program instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer readable storage medium of claim 1 wherein the automated analysis of injection vulnerabilities includes a separate automated analysis of SQL injection, command injection, resource injection, log forging and cross site scripting.
  - 3. The computer readable storage medium of claim 1 wherein sensitive information includes error mining, sensitive data extraction, and a privacy violation.
  - 4. The computer readable storage medium of claim 1 wherein specific HTTP attributes include session fixation, anonymous access, publicly available attack tools, and forceful browsing.
  - 5. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to log information.
  - 6. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to generate an alert.
  - 7. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to halt the processing of a request.
  - 8. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to defuse an attack.
  - 9. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to issue a challenge.
  - 10. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to slow down an application.
  - 11. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to shut down an application.
  - 12. The compute readable storage medium of claim 1, wherein the executable instructions include executable instructions to invoke a user-defined response.

13. A non-transitory computer readable storage medium, comprising executable instructions to:
- perform an automated analysis of program instructions using a security module to analyze application output prior to the program instructions being invoked, wherein the automated analysis includes a separate automated analysis of potential repetitive attacks including;
  
  session ID guessing,credential guessing,click fraud, andsite probing;
  
  select and insert protective instructions into the program instructions in response to and based on the automated analysis, wherein the protective instructions comprise a call that generates a security event during runtime; and
  
  utilize a runtime security module to invoke a runtime security module that operates to detect and respond to attacks by analyzing the generated security event during execution of the program instructions.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer readable storage medium of claim 13 wherein the automated analysis includes an automated analysis of injection vulnerabilities, an automated analysis of sensitive information, and an automated analysis of specific HTTP attributes.
  - 15. The computer readable storage medium of claim 14 wherein the automated analysis of injection vulnerabilities includes a separate automated analysis of SQL injection, command injection, resource injection, log forging and cross site scripting.
  - 16. The computer readable storage medium of claim 14 wherein sensitive information includes error mining, sensitive data extraction, and a privacy violation.
  - 17. The computer readable storage medium of claim 14 wherein specific HTTP attributes include session fixation, anonymous access, publicly available attack tools, and forceful browsing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus LLC (Open Text Corporation)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Chess, Brian, Do, Arthur, Thornton, Roger
Primary Examiner(s)
SIMITOSKI, MICHAEL J

Application Number

US11/510,135
Publication Number

US 20070074169A1
Time in Patent Office

2,321 Days
Field of Search

726/25, 717/126, 717/124, 717/131
US Class Current

726/25
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 21/563   by source code analysis

H04L 63/1433   Vulnerability analysis

H04L 63/1483   service impersonation, e.g....

H04L 67/02   based on web technology, e....

Apparatus and method for analyzing and supplementing a program to provide security

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

133 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for analyzing and supplementing a program to provide security

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

133 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links