Detection of vulnerabilities in computer systems
First Claim
1. A method for detecting a presence of at least one vulnerability in an application, the method comprising:
- modifying instructions of the application to create an instrumented method while the application is running, wherein the instrumented method includes at least one software sensor adapted to generate an event indicator in response to the instrumented method of the application being invoked, and wherein the event indicator includes at least some data associated with the method instrumented for a particular event;
storing the event indicator with other stored event indicators generated by the at least one sensor during the execution of the application, wherein other stored event indicators were generated in response to corresponding instrumented methods being invoked;
analyzing the stored event indicators;
detecting a presence of at least one vulnerability in the application based on the analysis of the stored event indicators; and
reporting the presence of at least one vulnerability in the application as detected based on the analysis of the stored event indicators.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and apparatus, including computer program products, for detecting a presence of at least one vulnerability in an application. The method is provided that includes modifying instructions of the application to include at least one sensor that is configurable to generate an event indicator, wherein the event indicator includes at least some data associated with the event; storing the event indicator with other stored event indicators generated by the at least one sensor during the execution of the application; analyzing the stored event indicators; detecting a presence of at least one vulnerability in the application based on the analysis of the stored event indicators; and reporting the presence of at least one vulnerability.
-
Citations
22 Claims
-
1. A method for detecting a presence of at least one vulnerability in an application, the method comprising:
-
modifying instructions of the application to create an instrumented method while the application is running, wherein the instrumented method includes at least one software sensor adapted to generate an event indicator in response to the instrumented method of the application being invoked, and wherein the event indicator includes at least some data associated with the method instrumented for a particular event; storing the event indicator with other stored event indicators generated by the at least one sensor during the execution of the application, wherein other stored event indicators were generated in response to corresponding instrumented methods being invoked; analyzing the stored event indicators; detecting a presence of at least one vulnerability in the application based on the analysis of the stored event indicators; and reporting the presence of at least one vulnerability in the application as detected based on the analysis of the stored event indicators. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for detecting vulnerabilities in an application, the system comprising:
-
an instrumentation module structured and arranged to modify instructions of the application to create an instrumented method while the application is running, wherein the instrumented method includes at least one software sensor adapted to generate an event indicator in response to the instrumented method of the application being invoked, and wherein the event indicator includes at least some data associated with the method instrumented for a particular event; a tracking module structured and arranged to; store the event indicator with the other stored event indicators generated by the at least one sensor during the execution of the application, wherein other stored event indicators were generated in response to corresponding instrumented methods being invoked; analyze the stored event indicators, and detect a presence of at least one vulnerability in the application based on the analysis of the stored event indicators; and a reporting module structured and arranged to report the presence of at least one vulnerability in the application as detected based on the analysis of the stored event indicator. - View Dependent Claims (18, 19)
-
-
20. A non-transitory computer readable medium including stored executable instructions for detecting at least one vulnerability in an application executing on at least one processor, the medium comprising instructions for causing the processor to:
-
modify instructions of the application to create an instrumented method while the application is running, wherein the instrumented method includes at least one software sensor adapted to generate an event indicator in response to the instrumented method of the application being invoked, and wherein the event indicator includes at least some data associated with the method instrumented for a particular event; store the event indicator with other stored event indicators generated by the at least one sensor during the execution of the application, wherein other stored event indicators were generated in response to corresponding instrumented methods being invoked; analyze the stored event indicators; detect a presence of at least one vulnerability in the application based on the analysis of the stored event indicators; and report the presence of at least one vulnerability in the application as detected based on the analysis of the stored event indicators. - View Dependent Claims (21, 22)
-
Specification