Non-regressive injection of deception decoys
First Claim
Patent Images
1. A computer implemented method comprising:
- receiving, by one or more processors of an application development environment, functional requirements for an application;
generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions;
receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker;
inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code;
generating, by a test engine of the application development environment, one or more functional tests of the application code;
generating, by the test engine, one or more decoy tests of the decoy code;
executing, by the test engine, the one or more functional tests on the application code;
executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and
comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods, as well as computing architecture for implementing the same, for decoy injection into an application. The systems and methods include splitting a standard test phase operation into two complementary phases, and add new unit tests to the process, dedicated to testing the proper coverage of the decoys and avoiding non-regression of the original code.
19 Citations
21 Claims
-
1. A computer implemented method comprising:
-
receiving, by one or more processors of an application development environment, functional requirements for an application; generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions; receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker; inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code; generating, by a test engine of the application development environment, one or more functional tests of the application code; generating, by the test engine, one or more decoy tests of the decoy code; executing, by the test engine, the one or more functional tests on the application code; executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product comprising a non-transitory machine-readable medium storing instructions that, when executed by at least one programmable processor, cause the at least one programmable processor to perform operations comprising:
-
receiving, by one or more processors of an application development environment, functional requirements for an application; generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions; receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker; inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code; generating, by a test engine of the application development environment, one or more functional tests of the application code; generating, by the test engine, one or more decoy tests of the decoy code; executing, by the test engine, the one or more functional tests on the application code; executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
one or more programmable processors forming an application development environment comprising a weaving engine, a test engine, and a verifier; and a machine-readable medium storing instructions that, when executed by the one or more programmable processors, cause the one or more programmable processors to perform operations comprising; receiving, by one or more processors of an application development environment, functional requirements for an application; generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions; receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker; inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code; generating, by a test engine of the application development environment, one or more functional tests of the application code; generating, by the test engine, one or more decoy tests of the decoy code; executing, by the test engine, the one or more functional tests on the application code; executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification