×

Detection of vulnerabilities in computer systems

  • US 8,844,043 B2
  • Filed: 05/08/2012
  • Issued: 09/23/2014
  • Est. Priority Date: 03/19/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method for detecting a presence of at least one vulnerability in a software application, the method comprising:

  • modifying instructions of the software application to instrument a method by;

    parsing binary instructions of the software application associated with the method as the binary instructions are being loaded from a storage device; and

    installing, by one or more processors, at least one monitor to the parsed binary instructions of the software application associated with the method before the parsed binary instructions of the software application are executed by the same one or more processors, wherein the at least one monitor is inserted at non-random locations within the binary instructions, and wherein the at least one monitor is adapted to generate an action snapshot of data or control flow pattern of the instrumented method whenever the instrumented method is invoked;

    storing the action snapshot of with other stored action snapshots generated by the at least one monitor during execution of the software application whenever the instrument method is invoked;

    analyzing, from within the same software application, the stored action snapshots;

    based on the analysis, detecting the presence of at least one vulnerability in the software application, each of the at least one vulnerability defined by a particular security rule to identify a vulnerable data or control flow pattern of the unparsed binary instructions, the vulnerable data or control flow pattern rendering the software application more likely to perform actions unintended by the software application when executed by the same one or more processors; and

    reporting the presence of the at least one vulnerability in the software application as detected based on the analysis of the stored action snapshots.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×