Black-box testing of web applications with client-side code evaluation

US 9,032,528 B2
Filed: 06/28/2011
Issued: 05/12/2015
Est. Priority Date: 06/28/2011
Status: Active Grant

First Claim

Patent Images

1. A system for detecting security vulnerabilities in web applications, the system comprising:

at least one hardware processor, whereinthe at least one hardware processor includes a block-box tester, and a client-side evaluator,the black-box tester is configured tointeract with a web application at a computer server during its execution at the computer server, andidentify client-side instructions provided by the web application responsive to an interaction with the web application,the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server; and

the client-side evaluator is configured toevaluate the client-side instructions identified by the black-box tester, andidentify a security vulnerability associated with the client-side instructions.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Detecting security vulnerabilities in web applications by interacting with a web application at a computer server during its execution at the computer server, identifying client-side instructions provided by the web application responsive to an interaction with the web application, where the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server, evaluating the identified client-side instructions, and identifying a security vulnerability associated with the client-side instructions.

Citations

15 Claims

1. A system for detecting security vulnerabilities in web applications, the system comprising:
- at least one hardware processor, whereinthe at least one hardware processor includes a block-box tester, and a client-side evaluator,the black-box tester is configured tointeract with a web application at a computer server during its execution at the computer server, andidentify client-side instructions provided by the web application responsive to an interaction with the web application,the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server; and
  
  the client-side evaluator is configured toevaluate the client-side instructions identified by the black-box tester, andidentify a security vulnerability associated with the client-side instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1 wherethe black-box tester is configured to identify a security vulnerability associated with the web application.
  - 3. The system of claim 1 wherethe client-side evaluator is configured to perform static analysis of the client-side instructions identified by the black-box tester to identify the security vulnerability associated with the client-side instructions.
  - 4. The system of claim 1 wherethe client-side evaluator is configured to perform dynamic taint analysis on the client-side instructions to track taint propagation within the client-side instructions, thereby identifying the security vulnerability associated with the client-side instructions.
  - 5. The system of claim 4 wherethe client-side evaluator is configured to modify the client-side instructions identified by the black-box tester to store information indicating whether variables within the client-side instructions point to tainted objects, and wherethe client-side evaluator is configured to perform dynamic taint analysis on the modified client-side instructions to track taint propagation within the modified client-side instructions, thereby identifying the security vulnerability associated with the client-side instructions.
  - 6. The system of claim 4 wherethe client-side evaluator is configured to use a predefined security specification to determine which objects within the client-side instructions are tainted and how taint propagates from variable to variable within the client-side instructions.
  - 7. The system of claim 4 and further comprisingan interpreter configured to track any variable within the client-side instructions that directly points to a tainted object within the client-side instructions, wherethe client-side evaluator is configured to perform dynamic taint analysis on the client-side instructions by calling the interpreter to track taint propagation within the client-side instructions, thereby identifying the security vulnerability associated with the client-side instructions.
  - 8. The system of claim 7 wherethe interpreter is configured to track any variable that ultimately depends from any variable within the client-side instructions that directly points to a tainted object within the client-side instructions.
  - 9. The system of claim 7 wherethe interpreter is configured to use a predefined security specification to determine which objects within the client-side instructions are tainted and how taint propagates from variable to variable within the client-side instructions.
  - 10. The system of claim 4 and further comprisinga symbolic analyzer configured to perform symbolic analysis of the client-side instructions to determine at least one value for at least one variable within the client-side instructions that would result in a control flow target being reached within the client-side instructions during execution of the client-side instructions, wherethe client-side evaluator is configured to use any value determined by the symbolic analyzer when performing the dynamic taint analysis on the client-side instructions to cause the target control flow.

11. A computer program product for detecting security vulnerabilities in web applications, the computer program product comprising:
- a computer-readable storage medium; and
  
  computer-readable program code embodied in the computer-readable storage medium, where the computer-readable program code is configured tointeract with a web application at a computer server during its execution at the computer server,identify client-side instructions provided by the web application responsive to an interaction with the web application, wherethe client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server,evaluate the client-side instructions, andidentify a security vulnerability associated with the client-side instructions, whereinthe computer-readable storage medium is not a transitory, propagating signal per se.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer program product of claim 11 wherethe computer-readable program code is configured to identify a security vulnerability associated with the web application.
  - 13. The computer program product of claim 11 wherethe computer-readable program code is configured to perform static analysis of the client-side instructions to identify the security vulnerability associated with the client-side instructions.
  - 14. The computer program product of claim 11 wherethe computer-readable program code is configured to perform dynamic taint analysis on the client-side instructions to track taint propagation within the client-side instructions, thereby identifying the security vulnerability associated with the client-side instructions.
  - 15. The computer program product of claim 14 wherethe computer-readable program code is configured tomodify the client-side instructions to store information indicating whether variables within the client-side instructions point to tainted objects, andperform dynamic taint analysis on the modified client-side instructions to track taint propagation within the modified client-side instructions, thereby identifying the security vulnerability associated with the client-side instructions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Finjan Blue, Inc. (FIG LLC (d/b/a Fortress Investment Group LLC))
Original Assignee
International Business Machines Corporation
Inventors
Haviv, Yinnon A., Kalman, Daniel, Pikus, Dmitri, Tripp, Omer, Weisman, Omri
Primary Examiner(s)
McNally, Michael S

Application Number

US13/170,839
Publication Number

US 20130007885A1
Time in Patent Office

1,414 Days
Field of Search

726/22, 726/25
US Class Current

726/25
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

Black-box testing of web applications with client-side code evaluation

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Black-box testing of web applications with client-side code evaluation

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links