会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 21. 发明申请
    • Static Analysis Of Validator Routines
    • 验证程序的静态分析
    • US20120297372A1
    • 2012-11-22
    • US13109170
    • 2011-05-17
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F9/44
    • G06F11/3612G06F8/436G06F11/3604
    • A method includes accessing a validator routine having an input string and one or more return points, each return point returning a return value having two possible values; finding the return points in the validator routine; for each of the return points, performing a backwards traversal from a return point through a code section and determining constraints on the input string based at least on one or both of the two possible return values for the return point; using the determined constraints for the input string, determining whether all of the return values returned from the one or more return points meet validation constraints; and outputting one or more indications of whether all of the returned values returned from the return points meet the validation constraints for the one or both of the two possible return values. Apparatus and computer program products are also disclosed.
    • 一种方法包括访问具有输入字符串和一个或多个返回点的验证器程序,每个返回点返回具有两个可能值的返回值; 找到验证程序的返回点; 对于每个返回点,通过代码部分从返回点执行向后遍历,并且基于返回点的两个可能返回值中的至少一个或两个来确定对输入字符串的约束; 使用确定的输入字符串的约束,确定从一个或多个返回点返回的所有返回值是否满足验证约束; 并且输出一个或多个指示是否从返回点返回的所有返回值是否满足两个可能返回值中的一个或两个的验证约束。 还公开了装置和计算机程序产品。
    • 22. 发明申请
    • Automatic Inference Of Whitelist-Based Validation As Part Of Static Analysis For Security
    • 基于白名单的验证的自动推理作为安全性静态分析的一部分
    • US20120266247A1
    • 2012-10-18
    • US13088711
    • 2011-04-18
    • Lotem GuyMarco PistoiaTakaaki TateishiOmer Tripp
    • Lotem GuyMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F21/00
    • G06F21/577G06F11/3604G06F2221/033
    • A method includes performing taint analysis of a computer program and determining an original set of paths from sources to sinks. Each path corresponds to a vulnerability. The method includes determining for each variable whose type is a collection and is accessed in one of the paths in the original set of paths whether the variable points to a concrete value whose internal state is not tainted according to the taint analysis. The method further includes, for each of the variables whose type is a collection found not to be tainted according to the taint analysis, determining all points in the computer program where a membership check against the collection is performed. The method also includes, for each of the points, determining corresponding paths and removing those paths from the original set of paths to create a reduced set of paths. Apparatus and computer readable program products are also disclosed.
    • 一种方法包括执行计算机程序的污点分析和确定从源到汇的原始路径集合。 每个路径对应于一个漏洞。 该方法包括为类型是集合的每个变量确定,并且在原始路径集合中的一个路径中访问,无论变量是否根据污点分析指向其内部状态不被污染的具体值。 该方法还包括对于根据污点分析发现其不被污染的类型的每个变量,确定计算机程序中针对集合进行成员资格检查的所有点。 该方法还包括对于每个点,确定相应的路径并且从原始路径集合去除那些路径以创建减少的路径集合。 还公开了装置和计算机可读程序产品。
    • 23. 发明申请
    • Determining whether method of computer program is a validator
    • 确定计算机程序的方法是否为验证程序
    • US20120131669A1
    • 2012-05-24
    • US12950432
    • 2010-11-19
    • Takaaki TateishiMarco PistoiaOmer TrippRyan BergRobert Wiener
    • Takaaki TateishiMarco PistoiaOmer TrippRyan BergRobert Wiener
    • G06F21/00
    • G06F21/50G06F21/563
    • An illegal pattern and a computer program having a method are received. The method has one or more return statements, and a number of basic blocks. The method is normalized so that each return statement of the target method relating to the illegal pattern returns a constant Boolean value. A first path condition and a second path condition for one or more corresponding paths is determined such that one or more corresponding basic blocks return a constant Boolean value of true for the first path condition and a constant Boolean value of false for the second path condition. An unsatisfiability of each path condition is determined using a monadic second-order logic (M2L) technique. Where the unsatisfiability of either path condition is false, the method is reported as not being a validator. Where the unsatisfiability of either path condition is true, the method is reported as being a validator.
    • 接收到具有方法的非法模式和计算机程序。 该方法具有一个或多个返回语句和一些基本块。 该方法被归一化,使得与非法模式相关的目标方法的每个返回语句返回一个常量布尔值。 确定用于一个或多个对应路径的第一路径条件和第二路径条件,使得一个或多个对应的基本块返回针对第一路径条件的常数布尔值为true,对于第二路径条件返回常量布尔值为假。 使用一元二阶逻辑(M2L)技术确定每个路径条件的不满足性。 如果任一路径条件的不满足性为假,则将该方法报告为不是验证器。 如果任一路径条件的不满足性为真,则将该方法报告为验证器。
    • 24. 发明授权
    • Using a heuristically-generated policy to dynamically select string analysis algorithms for client queries
    • 使用启发式生成的策略来动态选择客户端查询的字符串分析算法
    • US08751422B2
    • 2014-06-10
    • US13270732
    • 2011-10-11
    • Marco PistoiaTakaaki TateishiOmer Tripp
    • Marco PistoiaTakaaki TateishiOmer Tripp
    • G06N5/00
    • G06N5/00
    • A method for dynamically selecting string analysis algorithms can begin with the training of the dynamic string analysis handler of a string analysis module to effectively handle a subset of string queries having contextual metadata received from a client application in an instructional environment. The effectiveness of the training module can be based upon feedback from the client application. Upon completion of the training, a string analysis algorithm selection policy can be synthesized. The string analysis algorithm selection policy can correlate a context of a string query in the subset to the usage of a string analysis algorithm. When in the operational environment, the dynamic string analysis handler can dynamically handle string queries having contextual metadata received from the client application in accordance with the string analysis algorithm selection policy. The string analysis algorithm to be used for a string query can be dynamically and independently determined.
    • 用于动态选择字符串分析算法的方法可以开始于字符串分析模块的动态字符串分析处理程序的训练,以有效地处理在教学环境中从客户端应用程序接收的具有上下文元数据的字符串查询的子集。 培训模块的有效性可以基于客户端应用程序的反馈。 完成培训后,可以合成字符串分析算法选择策略。 字符串分析算法选择策略可以将子集中的字符串查询的上下文与字符串分析算法的使用相关联。 在操作环境中,动态字符串分析处理程序可以根据字符串分析算法选择策略来动态地处理具有从客户端应用程序接收的上下文元数据的字符串查询。 用于字符串查询的字符串分析算法可以动态和独立地确定。
    • 26. 发明授权
    • Identification of read/write chains during static analysis of computer software
    • 在计算机软件的静态分析期间识别读/写链
    • US08533694B2
    • 2013-09-10
    • US12129894
    • 2008-05-30
    • Marco PistoiaTakaaki TateishiOmer TrippOmri Weisman
    • Marco PistoiaTakaaki TateishiOmer TrippOmri Weisman
    • G06F9/45G06F7/00G06F17/30
    • G06F8/433
    • A system for identifying read/write chains in computer software, including a static analysis engine identifying within computer software logical container accesses, a string analyzer configured to at least partly resolve any variables identifying the logical container in any of the accesses by determining a set of potential values of any of the variables, and a Logical Container Access Virtualization component (LCAV) configured to identify the type and scope of any permutations of the accesses, where each of the permutations is defined by substituting any of the potential values for any of the access variables, and identify any read/write chains within the computer software by matching any of the access permutations that read from the logical container with any of the access permutations that write to the logical container if there is an intersection between the scopes of the read and write access permutations.
    • 一种用于识别计算机软件中的读/写链的系统,包括在计算机软件逻辑容器访问内识别的静态分析引擎,串行分析器,其被配置为至少部分地解析任何访问中识别逻辑容器的任何变量, 任何变量的潜在值和逻辑容器访问虚拟化组件(LCAV),其被配置为识别访问的任何排列的类型和范围,其中每个排列通过将任何潜在值替换为任何 访问变量,并通过将从逻辑容器读取的任何访问排列与写入逻辑容器的任何访问排列进行匹配,以识别计算机软件中的任何读/写链,如果读取范围之间存在交集 并写入访问排列。
    • 29. 发明授权
    • Static analysis of validator routines
    • 验证程序的静态分析
    • US08726246B2
    • 2014-05-13
    • US13109170
    • 2011-05-17
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F9/44
    • G06F11/3612G06F8/436G06F11/3604
    • A method includes accessing a validator routine having an input string and one or more return points, each return point returning a return value having two possible values; finding the return points in the validator routine; for each of the return points, performing a backwards traversal from a return point through a code section and determining constraints on the input string based at least on one or both of the two possible return values for the return point; using the determined constraints for the input string, determining whether all of the return values returned from the one or more return points meet validation constraints; and outputting one or more indications of whether all of the returned values returned from the return points meet the validation constraints for the one or both of the two possible return values. Apparatus and computer program products are also disclosed.
    • 一种方法包括访问具有输入字符串和一个或多个返回点的验证器程序,每个返回点返回具有两个可能值的返回值; 找到验证程序的返回点; 对于每个返回点,通过代码部分从返回点执行向后遍历,并且基于返回点的两个可能返回值中的至少一个或两个来确定对输入字符串的约束; 使用确定的输入字符串的约束,确定从一个或多个返回点返回的所有返回值是否满足验证约束; 并且输出一个或多个指示是否从返回点返回的所有返回值是否满足两个可能返回值中的一个或两个的验证约束。 还公开了装置和计算机程序产品。