Detection of vulnerabilities in computer systems
First Claim
1. A method for detecting a presence of at least one vulnerability in an application, the method comprising:
- modifying instructions of the application to include at least one monitor adapted to generate an action snapshot of an action performed by the application when executed by one or more processors, wherein the action snapshot includes at least some data associated with the action;
storing the action snapshot with other stored action snapshots generated by the at least one monitor during the execution of the application when respective actions were performed by the application;
analyzing, from within the application and while the application is running, the stored action snapshots;
detecting the presence of at least one vulnerability in the application based on the analysis of the stored action snapshots, each of the at least one vulnerability is a pattern of application execution that is subject to abuse by a user of the application when the application is being executed by the same one or more processors; and
reporting the presence of at least one vulnerability in the application as detected based on the analysis of the stored action snapshots.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and apparatus, including computer program products, for detecting a presence of at least one vulnerability in an application. The method is provided that includes modifying instructions of the application to include at least one sensor that is configurable to generate an event indicator, wherein the event indicator includes at least some data associated with the event; storing the event indicator with other stored event indicators generated by the at least one sensor during the execution of the application; analyzing the stored event indicators; detecting a presence of at least one vulnerability in the application based on the analysis of the stored event indicators; and reporting the presence of at least one vulnerability.
-
Citations
20 Claims
-
1. A method for detecting a presence of at least one vulnerability in an application, the method comprising:
-
modifying instructions of the application to include at least one monitor adapted to generate an action snapshot of an action performed by the application when executed by one or more processors, wherein the action snapshot includes at least some data associated with the action; storing the action snapshot with other stored action snapshots generated by the at least one monitor during the execution of the application when respective actions were performed by the application; analyzing, from within the application and while the application is running, the stored action snapshots; detecting the presence of at least one vulnerability in the application based on the analysis of the stored action snapshots, each of the at least one vulnerability is a pattern of application execution that is subject to abuse by a user of the application when the application is being executed by the same one or more processors; and reporting the presence of at least one vulnerability in the application as detected based on the analysis of the stored action snapshots. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification