Non-regressive injection of deception decoys

US 10,789,159 B2
Filed: 12/05/2018
Issued: 09/29/2020
Est. Priority Date: 12/05/2018
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method comprising:

receiving, by one or more processors of an application development environment, functional requirements for an application;

generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions;

receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker;

inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code;

generating, by a test engine of the application development environment, one or more functional tests of the application code;

generating, by the test engine, one or more decoy tests of the decoy code;

executing, by the test engine, the one or more functional tests on the application code;

executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and

comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods, as well as computing architecture for implementing the same, for decoy injection into an application. The systems and methods include splitting a standard test phase operation into two complementary phases, and add new unit tests to the process, dedicated to testing the proper coverage of the decoys and avoiding non-regression of the original code.

19 Citations

21 Claims

1. A computer implemented method comprising:
- receiving, by one or more processors of an application development environment, functional requirements for an application;
  
  generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions;
  
  receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker;
  
  inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code;
  
  generating, by a test engine of the application development environment, one or more functional tests of the application code;
  
  generating, by the test engine, one or more decoy tests of the decoy code;
  
  executing, by the test engine, the one or more functional tests on the application code;
  
  executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and
  
  comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer implemented method in accordance with claim 1, further comprising generating, by the verifier, a report of the results from the from the number of combinations of the one or more functional tests and the one or more decoy tests.
  - 3. The computer implemented method in accordance with claim 1, wherein the comparing results from the number of combinations of the one or more functional tests and the one or more decoy tests further determines whether the decoy code of the modified source code is triggered.
  - 4. The computer implemented method in accordance with claim 1, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the application code.
  - 5. The computer implemented method in accordance with claim 1, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code.
  - 6. The computer implemented method in accordance with claim 1, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the decoy code.
  - 7. The computer implemented method in accordance with claim 1, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on one or more of the application code, the modified source code, and the decoy code.
  - 8. The computer implemented method of claim 1, wherein the decoy code is a lure to detect an attack of a system executing the application code.

9. A computer program product comprising a non-transitory machine-readable medium storing instructions that, when executed by at least one programmable processor, cause the at least one programmable processor to perform operations comprising:
- receiving, by one or more processors of an application development environment, functional requirements for an application;
  
  generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions;
  
  receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker;
  
  inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code;
  
  generating, by a test engine of the application development environment, one or more functional tests of the application code;
  
  generating, by the test engine, one or more decoy tests of the decoy code;
  
  executing, by the test engine, the one or more functional tests on the application code;
  
  executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and
  
  comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The computer program product in accordance with claim 9, wherein the operations further comprise generating a report of the results from the from the number of combinations of the one or more functional tests and the one or more decoy tests.
  - 11. The computer program product in accordance with claim 9, wherein the comparing results from the number of combinations of the one or more functional tests and the one or more decoy tests further determines whether the decoy code of the modified source code is triggered.
  - 12. The computer program product in accordance with claim 9, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the application code.
  - 13. The computer program product in accordance with claim 9, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code.
  - 14. The computer program product in accordance with claim 10, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the decoy code.
  - 15. The computer program product in accordance with claim 11, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on one or more of the application code, the modified source code, and the decoy code.

16. A system comprising:
- one or more programmable processors forming an application development environment comprising a weaving engine, a test engine, and a verifier; and
  
  a machine-readable medium storing instructions that, when executed by the one or more programmable processors, cause the one or more programmable processors to perform operations comprising;
  
  receiving, by one or more processors of an application development environment, functional requirements for an application;
  
  generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions;
  
  receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker;
  
  inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code;
  
  generating, by a test engine of the application development environment, one or more functional tests of the application code;
  
  generating, by the test engine, one or more decoy tests of the decoy code;
  
  executing, by the test engine, the one or more functional tests on the application code;
  
  executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and
  
  comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The computer program product in accordance with claim 16, wherein the comparing results from the number of combinations of the one or more functional tests and the one or more decoy tests further determines whether the decoy code of the modified source code is triggered.
  - 18. The computer program product in accordance with claim 16, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the application code.
  - 19. The computer program product in accordance with claim 16, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code.
  - 20. The computer program product in accordance with claim 16, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the decoy code.
  - 21. The computer program product in accordance with claim 16, wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on one or more of the application code, the modified source code, and the decoy code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Hebert, Cedric, Plate, Henrik
Primary Examiner(s)
Rivera, Anibal

Application Number

US16/211,126
Publication Number

US 20200183820A1
Time in Patent Office

664 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/3664   Environments for testing or...

G06F 11/3672   Test management

G06F 11/3684   for test design, e.g. gener...

G06F 11/3688   for test execution, e.g. sc...

G06F 11/3692   for test results analysis

G06F 21/54   by adding security routines...

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

G06F 8/10   Requirements analysis; Spec...

G06F 8/20   Software design

G06F 8/30   Creation or generation of s...

G06F 8/316   Aspect-oriented programming...

Non-regressive injection of deception decoys

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Non-regressive injection of deception decoys

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links