Please download the dossier by clicking on the dossier button x
×

Hybrid analysis of vulnerable information flows

  • US 8,869,287 B2
  • Filed: 12/31/2012
  • Issued: 10/21/2014
  • Est. Priority Date: 12/31/2012
  • Status: Active Grant
First Claim
Patent Images

1. A system comprising:

  • a hardware processor programmed to initiate executable operations comprising;

    performing a black-box scan of an application;

    based on the black-box scan, recording a call-tree representation of a plurality of call stacks arising in the application due to test inputs provided during the black-box scans the call tree representation indicating paths between the plurality of call stacks;

    performing, for each of the paths in the call-tree representation that does not constitute a vulnerable information flow during the black-box scan, a static analysis, and by the static analysis determining at least one parameter value that, when abstracted, drives execution of the application, via the path in the call-tree representation that does not constitute a vulnerable information flow during the black-box scan, to flow to the at least one security sink; and

    generating a security report identifying at least one of the paths in the call-tree representation that does not constitute the vulnerable information flow during the black-box scan, but flows to the at least one security sink when the at least one parameter value is abstracted.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×