×

Framework for efficient security coverage of mobile software applications using symbolic execution to reach regions of interest within an application

  • US 9,367,681 B1
  • Filed: 02/23/2013
  • Issued: 06/14/2016
  • Est. Priority Date: 02/23/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • determining, by an explorer engine, a first state of an application;

    identifying, by the explorer engine, a region of interest of the application, the region of interest comprises a portion of code of the application that is identified in response to either (i) a first rule-based analysis of the code of the application that identifies whether the portion of code of the application may correspond to improperly behaving code or (ii) a second rule-based analysis of the code of the application that identifies the portion of code of the application as being directed to a particular operation that is associated with malware; and

    reaching the region of interest by at least (a) determining a path from the first state of the application to the region of interest, (b) representing states of the application along the path as one or more logic expressions, (c) solving the one or more logic expressions associated with the states of the application to generate at least one stimulus to the expressions, and (d) causing the at least one stimulus to be provided to the application to drive the application during runtime to the region of interest while monitoring behaviors of the application.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×