专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US08671397B2 Selective data flow analysis of bounded regions of computer software applications 有权
标题翻译：计算机软件应用有限区域的选择性数据流分析
公开(公告)号：US08671397B2
公开(公告)日：2014-03-11
申请号：US13246260
申请日：2011-09-27
申请人： Daniel Kalman , Dmitri Pikus , Omer Tripp , Omri Weisman
发明人： Daniel Kalman , Dmitri Pikus , Omer Tripp , Omri Weisman
IPC分类号： G06F9/44
CPC分类号： G06F21/52 , G06F8/51 , G06F8/75 , G06F11/3604
摘要： Performing data flow analysis of a computer software application, including, for a data flow analysis type, identifying within a computer software application code base a plurality of seeds relating to the data flow analysis type, for each of the plurality of seeds, defining a portion of the computer software application code base to a predefined depth of calls backward from the seed and to a predefined depth of calls forward from the seed, thereby resulting in a plurality of bounded portions of the computer software application code base, detecting a change in the computer software application code base, and performing, on any of the bounded portions affected by the change, a data flow analysis relating to the data flow analysis type.
摘要翻译：执行计算机软件应用的数据流分析，包括对于数据流分析类型，在计算机软件应用程序代码库内识别与数据流分析类型相关的多个种子，为多个种子中的每一个定义一部分的计算机软件应用程序代码库的预定深度从种子返回到预定义的深度，并且从种子转发到预定义的呼叫深度，从而导致计算机软件应用程序代码库的多个有界部分，计算机软件应用程序代码库，并在受变更影响的任何有界部分执行与数据流分析类型相关的数据流分析。

12. 发明申请

US20130174262A1 TARGETED SECURITY TESTING 有权
公开(公告)号：US20130174262A1
公开(公告)日：2013-07-04
申请号：US13431808
申请日：2012-03-27
申请人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
发明人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
IPC分类号： G06F21/00 , G06F17/00
CPC分类号： G06F21/577 , G06F2221/033
摘要： Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.

13. 发明授权

US09971897B2 Targeted security testing 有权
公开(公告)号：US09971897B2
公开(公告)日：2018-05-15
申请号：US13431808
申请日：2012-03-27
申请人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
发明人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
IPC分类号： G06F21/00 , G06F21/57
CPC分类号： G06F21/577 , G06F2221/033
摘要： Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.

14. 发明授权

US09971896B2 Targeted security testing 有权
公开(公告)号：US09971896B2
公开(公告)日：2018-05-15
申请号：US13341426
申请日：2011-12-30
申请人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
发明人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
IPC分类号： G06F21/00 , G06F21/57
CPC分类号： G06F21/577 , G06F2221/033
摘要： Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.

15. 发明申请

US20130174260A1 TARGETED SECURITY TESTING 有权
标题翻译：目标安全测试
公开(公告)号：US20130174260A1
公开(公告)日：2013-07-04
申请号：US13341426
申请日：2011-12-30
申请人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
发明人： Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
IPC分类号： G06F21/00 , G06F17/00
CPC分类号： G06F21/577 , G06F2221/033
摘要： Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.
摘要翻译：静态分析包含脚本代码的多个网页的源代码。基于静态分析识别包含潜在漏洞的页面。基于静态分析，确定不包含潜在漏洞的页面。使用一组测试有效载荷动态分析包含潜在漏洞的网页。不包括潜在漏洞的页面使用测试有效负载集合的子集进行动态分析，该子集包含比测试有效负载集更少的测试有效负载。

16. 发明申请

US20130139267A1 DETECTING VULNERABILITIES IN WEB APPLICATIONS 审中-公开
标题翻译：检测WEB应用程序中的漏洞
公开(公告)号：US20130139267A1
公开(公告)日：2013-05-30
申请号：US13440416
申请日：2012-04-05
申请人： Yair Amit , Daniel Kalman , Omer Tripp
发明人： Yair Amit , Daniel Kalman , Omer Tripp
IPC分类号： G06F21/00
CPC分类号： H04L63/1433 , H04L63/145 , H04L67/02 , H04W12/12
摘要： A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or more potentially vulnerable portions of the response data based upon, at least in part, the one or more values modifiable by the unreliable input that flow to the response data associated with the web application, and the representation of the response data associated with the web application.
摘要翻译：描述了一种用于检测Web应用程序中的漏洞的方法，计算机程序产品和系统。方法可以包括确定与web应用程序相关联的一个或多个值，其流向与web应用相关联的响应数据。一个或多个值可能由不可靠的输入修改。该方法还可以包括生成与web应用相关联的响应数据的表示。该方法可以另外包括至少部分地基于流向与web应用相关联的响应数据的不可靠输入可修改的一个或多个值来确定响应数据的一个或多个潜在易受攻击的部分，以及与Web应用程序相关联的响应数据。

17. 发明授权

US09124624B2 Detecting vulnerabilities in web applications 有权
标题翻译：检测Web应用程序中的漏洞
公开(公告)号：US09124624B2
公开(公告)日：2015-09-01
申请号：US13440416
申请日：2012-04-05
申请人： Yair Amit , Daniel Kalman , Omer Tripp
发明人： Yair Amit , Daniel Kalman , Omer Tripp
IPC分类号： H04L29/06 , H04W12/12 , H04L29/08
CPC分类号： H04L63/1433 , H04L63/145 , H04L67/02 , H04W12/12
摘要： A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or more potentially vulnerable portions of the response data based upon, at least in part, the one or more values modifiable by the unreliable input that flow to the response data associated with the web application, and the representation of the response data associated with the web application.
摘要翻译：描述了一种用于检测Web应用程序中的漏洞的方法，计算机程序产品和系统。方法可以包括确定与web应用程序相关联的一个或多个值，其流向与web应用相关联的响应数据。一个或多个值可能由不可靠的输入修改。该方法还可以包括生成与web应用相关联的响应数据的表示。该方法可以另外包括至少部分地基于流向与web应用相关联的响应数据的不可靠输入可修改的一个或多个值来确定响应数据的一个或多个潜在易受攻击的部分，以及与Web应用程序相关联的响应数据。

18. 发明申请

US20130139266A1 DETECTING VULNERABILITIES IN WEB APPLICATIONS 有权
公开(公告)号：US20130139266A1
公开(公告)日：2013-05-30
申请号：US13307780
申请日：2011-11-30
申请人： Yair Amit , Daniel Kalman , Omer Tripp
发明人： Yair Amit , Daniel Kalman , Omer Tripp
IPC分类号： G06F11/00
CPC分类号： H04L63/1433 , H04L63/145 , H04L67/02 , H04W12/12
摘要： A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or more potentially vulnerable portions of the response data based upon, at least in part, the one or more values modifiable by the unreliable input that flow to the response data associated with the web application, and the representation of the response data associated with the web application.

19. 发明授权

US09032529B2 Detecting vulnerabilities in web applications 有权
公开(公告)号：US09032529B2
公开(公告)日：2015-05-12
申请号：US13307780
申请日：2011-11-30
申请人： Yair Amit , Daniel Kalman , Omer Tripp
发明人： Yair Amit , Daniel Kalman , Omer Tripp
IPC分类号： H04L29/06 , H04L29/08 , H04W12/12
CPC分类号： H04L63/1433 , H04L63/145 , H04L67/02 , H04W12/12
摘要： A method, computer program product, and system for detecting vulnerabilities in web applications is described. A method may comprise determining one or more values associated with a web application that flow to response data associated with the web application. The one or more values may be modifiable by unreliable input. The method may further comprise generating a representation of the response data associated with the web application. The method may additionally comprise determining one or more potentially vulnerable portions of the response data based upon, at least in part, the one or more values modifiable by the unreliable input that flow to the response data associated with the web application, and the representation of the response data associated with the web application.

20. 发明申请

US20110274651A1 Noscapine and Noscapine Analogs and Their Use in treating Infectious Diseases by Tubulin Binding Inhibition 审中-公开
标题翻译：诺斯卡品和诺斯卡品类似物及其用于通过微管蛋白结合抑制治疗传染病
公开(公告)号：US20110274651A1
公开(公告)日：2011-11-10
申请号：US13061447
申请日：2009-09-04
申请人： Cory Acuff , Daniel Kalman
发明人： Cory Acuff , Daniel Kalman
IPC分类号： A61K31/4355 , A61K31/5377 , A61K31/4725 , A61K31/506 , A61K39/395 , A61K31/7088 , A61K31/7105 , A61K38/21 , A61K31/7028 , A61K31/4353 , A61K31/407 , A61K31/545 , A61K38/02 , A61K31/397 , A61K31/43 , A61K31/65 , A61K31/7048 , A61K31/513 , A61P31/00 , A61P31/14 , A61P31/12 , A61P31/20 , A61P31/22 , A61P31/16 , A61P31/18 , A61P31/04 , A61P31/10 , A61K31/496
CPC分类号： A61K31/4355 , A61K31/4741 , A61K31/495 , A61K31/505 , A61K31/5375 , A61K45/06 , Y02A50/401 , Y02A50/402 , Y02A50/47 , Y02A50/473 , Y02A50/475 , Y02A50/481 , A61K2300/00
摘要： Compositions and methods for treating or preventing infectious diseases, and inhibiting the ability of microbes to travel within mammalian cells, and inhibiting microbial replication, are disclosed. The compositions include various noscapine analogs, which are capable of blocking the movement of viruses and other microbes within mammalian and other cells by inhibiting the cytoplasmic transport mechanisms within the cells. The compositions described herein include an effective amount of the noscapine analogues described herein, along with a pharmaceutically acceptable carrier or excipient. The compositions can also include one or more additional antimicrobial compounds.
摘要翻译：公开了用于治疗或预防感染性疾病和抑制微生物在哺乳动物细胞内行进的能力以及抑制微生物复制的组合物和方法。组合物包括各种诺斯卡品类似物，其能够通过抑制细胞内的细胞质运输机制来阻断哺乳动物和其它细胞内的病毒和其它微生物的运动。本文描述的组合物包括有效量的本文所述的诺斯卡品类似物以及药学上可接受的载体或赋形剂。组合物还可以包括一种或多种另外的抗微生物化合物。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式