×

Detecting and localizing security vulnerabilities in client-server application

  • US 8,516,449 B2
  • Filed: 10/12/2010
  • Issued: 08/20/2013
  • Est. Priority Date: 07/14/2009
  • Status: Expired due to Fees
First Claim
Patent Images

1. A computer-implemented method for analyzing a set of two or more communicating applications comprising a plurality of code fragments, the computer-implemented method comprising:

  • dynamically executing or statically analyzing at least one ofa plurality of code fragments as part of a first application,and a plurality of code fragments as part of a second application,wherein the first application and the second application are communicating at least one of data and control with each other;

    recording a correlation between each code fragment in the plurality of code fragments in at least one of the first application and the second application that have been executed and at least one execution characteristic that the code fragments exhibited on execution, wherein said correlation indicates a likelihood that the code fragment contributed to the execution characteristic;

    performing with at least one of a static oracle and a dynamic oracle, an analysis of at least a portion of the code fragments that comprise the first application that have been executed wherein said analysis includes mapping validation faults observed in an output of the first or the second program to a subset of the plurality of code fragments that generated the faults observed in the output; and

    prioritizing the plurality of code fragments in at least one of the first application and the second application based on the mapping produced by the oracle, and based on the correlation between each code fragment in the plurality the code fragments that have been executed and the execution characteristic exhibited by the code fragments.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×