Framework for efficient security coverage of mobile software applications installed on mobile devices
First Claim
1. A system, comprising:
- a hardware platform that comprises resources, one of the resources including a system memory;
a virtual machine monitor (VMM) layer to partition and allocate resources of the hardware platform;
at least one run time test process that comprises a first run time test process that includes at least a first virtual machine and a first application instance under observation; and
a second virtual machine that includes one or more monitoring functions that monitor calls made by one of the first application instance or the first virtual machine directly to the hardware platform circumventing operations with a first operating system instance that is supporting the first virtual machine and the first application instance under observation.
7 Assignments
0 Petitions
Accused Products
Abstract
A method is described that includes generating a representation of an application that describes specific states of the application and specific state transitions of the application. The method also includes identifying a region of interest of the application based on rules and observations of the application'"'"'s execution. The method also includes determining specific stimuli that will cause one or more state transitions within the application to reach said region of interest. The method also includes enabling one or more monitors within the application'"'"'s run time environment and applying the stimuli within the application'"'"'s run time environment, where, the application'"'"'s run time environment is existing on a mobile device that the application is installed on. The method also includes generating monitoring information from said one or more monitors. The method also includes applying rules to the monitoring information to determine a next set of stimuli to be applied to the application in pursuit of determining whether the region of interest corresponds to improperly behaving code.
-
Citations
31 Claims
-
1. A system, comprising:
-
a hardware platform that comprises resources, one of the resources including a system memory; a virtual machine monitor (VMM) layer to partition and allocate resources of the hardware platform; at least one run time test process that comprises a first run time test process that includes at least a first virtual machine and a first application instance under observation; and a second virtual machine that includes one or more monitoring functions that monitor calls made by one of the first application instance or the first virtual machine directly to the hardware platform circumventing operations with a first operating system instance that is supporting the first virtual machine and the first application instance under observation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system, comprising:
-
a hardware platform that comprises resources, the resources including at least one processor supporting a plurality of processor threads; at least one run time test process that comprises (i) a first run time test process that includes at least a first virtual machine and a first application instance under observation; and a second virtual machine that includes one or more monitoring functions that monitor calls made by one of the first application instance or the first virtual machine directly to the hardware platform circumventing operations with a first operating system instance that is supporting the first virtual machine and the first application instance under observation. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A framework, comprising:
-
a central intelligence engine to control testing of one or more application instances; and a dynamic run time environment in communication with the central intelligence engine, the dynamic run time environment comprises a hardware platform that comprises resources, the resources including at least one processor; at least one run time test process that comprises a first run time test process that includes at least a first virtual machine and a first application instance; a second virtual machine that, upon execution by the at least one processor, includes one or more monitoring functions that monitor calls made by one of the first application instance or the first virtual machine directly to the hardware platform that attempts to circumvent operations with a first operating system instance associated with the first virtual machine and the first application instance under observation. - View Dependent Claims (30, 31)
-
Specification