公开(公告)号：US20140053029A1

公开(公告)日：2014-02-20

申请号：US13614671

申请日：2012-09-13

申请人： Marco Pistoia ,  Omer Tripp

发明人： Marco Pistoia ,  Omer Tripp

IPC分类号： G06F11/07

CPC分类号： G06F11/0751

摘要： A useful embodiment of the invention is directed to a method associated with a computer program comprising one or more basic blocks, wherein the program defines and uses multiple data structures, such as the list of all customers of a bank along with their account information. The method includes identifying one or more invariants, wherein each invariant is associated with one of the data structures. The method further includes determining at specified times whether an invariant has been violated. Responsive to detecting a violation of one of the invariants, the detected violation is flagged as an anomaly.

公开(公告)号：US08544104B2

公开(公告)日：2013-09-24

申请号：US12776465

申请日：2010-05-10

申请人： Michael George Burke ,  Igor Peshansky ,  Marco Pistoia ,  Omer Tripp

发明人： Michael George Burke ,  Igor Peshansky ,  Marco Pistoia ,  Omer Tripp

IPC分类号： G06F21/00

CPC分类号： G06F21/60 ,  G06F19/00 ,  G06F21/6245 ,  G16H10/60

摘要： A computer-readable medium is disclosed that tangibly embodies a program of machine-readable instructions executable by a digital processing apparatus to perform operations including determining whether data to be released from a database is associated with one or more confidential mappings between sets of data in the database. The operations also include, in response to the data being associated with the one or more confidential mappings, determining whether release of the data meets one or more predetermined anonymity requirements of an anonymity policy. Methods and apparatus are also disclosed.

公开(公告)号：US08533659B2

公开(公告)日：2013-09-10

申请号：US12511506

申请日：2009-07-29

申请人： Nikolai A. Joukov ,  Birgit M. Pfitzmann ,  Marco Pistoia ,  Vasily Tarasov ,  Takaaki Tateishi ,  Norbert G. Vogl

发明人： Nikolai A. Joukov ,  Birgit M. Pfitzmann ,  Marco Pistoia ,  Vasily Tarasov ,  Takaaki Tateishi ,  Norbert G. Vogl

IPC分类号： G06F9/44

CPC分类号： G06F11/3692 ,  G06F8/70

摘要： Calls to stop functions are identified in a computer program file. The stop functions are functions that interact with external resources. Parameters of the calls to the stop functions that are references to the external resources are identified. An analysis is performed over the computer program file to find out possible values of the parameters of the calls.

公开(公告)号：US08453125B2

公开(公告)日：2013-05-28

申请号：US12966556

申请日：2010-12-13

申请人： Shay Artzi ,  Julian Dolby ,  Marco Pistoia ,  Frank Tip

发明人： Shay Artzi ,  Julian Dolby ,  Marco Pistoia ,  Frank Tip

IPC分类号： G06F9/44

CPC分类号： G06F11/3684 ,  H04L69/40

摘要： The present invention provides a system, computer program product, and a computer implemented method for analyzing a set of two or more communicating applications. The method begins with receiving a first second application that communicates with each other during execution. Next, an initial input for executing the first application and the second application is received. The initial input is added to a set of inputs. An iterative execution loop is performed at least once. The loop begins with selecting inputs out of the set of inputs for execution. Next, using the selected inputs, the first and/or the second application is executed while information regarding the execution and information communicated to the other application are recorded. A set of one or more new application inputs for either applications is generated based the second application recorded information and the first application information. These new inputs are added to the set of inputs.

摘要翻译： 本发明提供了一种系统，计算机程序产品和用于分析一组两个或多个通信应用的计算机实现的方法。 该方法开始于在执行期间接收彼此通信的第一个第二应用程序。 接下来，接收用于执行第一应用和第二应用的初始输入。 初始输入被添加到一组输入。 执行迭代执行循环至少一次。 循环从选择输入集合中的输入开始执行。 接下来，使用所选择的输入，执行第一和/或第二应用，同时记录关于执行的信息和传送给其他应用的信息。 基于第二应用记录信息和第一应用信息生成用于任一应用的一组或多个新的应用输入。 这些新的输入被添加到该组输入。

公开(公告)号：US20130091079A1

公开(公告)日：2013-04-11

申请号：US13412121

申请日：2012-03-05

申请人： Marco Pistoia ,  Takaaki Tateishi ,  Omer Tripp

发明人： Marco Pistoia ,  Takaaki Tateishi ,  Omer Tripp

IPC分类号： G06F15/18

CPC分类号： G06N5/00

摘要： A method for dynamically selecting string analysis algorithms can begin with the training of the dynamic string analysis handler of a string analysis module to effectively handle a subset of string queries having contextual metadata received from a client application in an instructional environment. The effectiveness of the training module can be based upon feedback from the client application. Upon completion of the training, a string analysis algorithm selection policy can be synthesized. The string analysis algorithm selection policy can correlate a context of a string query in the subset to the usage of a string analysis algorithm. When in the operational environment, the dynamic string analysis handler can dynamically handle string queries having contextual metadata received from the client application in accordance with the string analysis algorithm selection policy. The string analysis algorithm to be used for a string query can be dynamically and independently determined.

摘要翻译： 用于动态选择字符串分析算法的方法可以开始于字符串分析模块的动态字符串分析处理程序的训练，以有效地处理在教学环境中从客户端应用程序接收的具有上下文元数据的字符串查询的子集。 培训模块的有效性可以基于客户端应用程序的反馈。 完成培训后，可以合成字符串分析算法选择策略。 字符串分析算法选择策略可以将子集中的字符串查询的上下文与字符串分析算法的使用相关联。 在操作环境中，动态字符串分析处理程序可以根据字符串分析算法选择策略来动态地处理具有从客户端应用程序接收的上下文元数据的字符串查询。 用于字符串查询的字符串分析算法可以动态和独立地确定。

公开(公告)号：US08365281B2

公开(公告)日：2013-01-29

申请号：US12950432

申请日：2010-11-19

申请人： Takaaki Tateishi ,  Marco Pistoia ,  Omer Tripp ,  Ryan Berg ,  Robert Wiener

发明人： Takaaki Tateishi ,  Marco Pistoia ,  Omer Tripp ,  Ryan Berg ,  Robert Wiener

IPC分类号： G06F11/00 ,  G06F11/30 ,  H04L29/06 ,  H04L9/32

CPC分类号： G06F21/50 ,  G06F21/563

摘要： An illegal pattern and a computer program having a method are received. The method has one or more return statements, and a number of basic blocks. The method is normalized so that each return statement of the target method relating to the illegal pattern returns a constant Boolean value. A first path condition and a second path condition for one or more corresponding paths is determined such that one or more corresponding basic blocks return a constant Boolean value of true for the first path condition and a constant Boolean value of false for the second path condition. An unsatisfiability of each path condition is determined using a monadic second-order logic (M2L) technique. Where the unsatisfiability of either path condition is false, the method is reported as not being a validator. Where the unsatisfiability of either path condition is true, the method is reported as being a validator.

摘要翻译： 接收到具有方法的非法模式和计算机程序。 该方法具有一个或多个返回语句和一些基本块。 该方法被归一化，使得与非法模式相关的目标方法的每个返回语句返回一个常量布尔值。 确定用于一个或多个对应路径的第一路径条件和第二路径条件，使得一个或多个对应的基本块返回针对第一路径条件的常数布尔值为true，对于第二路径条件返回常量布尔值为假。 使用一元二阶逻辑（M2L）技术确定每个路径条件的不满足性。 如果任一路径条件的不满足性为假，则将该方法报告为不是验证器。 如果任一路径条件的不满足性为真，则将该方法报告为验证器。

公开(公告)号：US08296722B2

公开(公告)日：2012-10-23

申请号：US12246065

申请日：2008-10-06

申请人： Sachiko Yoshihama ,  Shinya Kawanaka ,  Takaaki Tateishi ,  Ory Segal ,  Adi Sharabani ,  Marco Pistoia ,  Guy Podjarny

发明人： Sachiko Yoshihama ,  Shinya Kawanaka ,  Takaaki Tateishi ,  Ory Segal ,  Adi Sharabani ,  Marco Pistoia ,  Guy Podjarny

IPC分类号： G06F9/44

CPC分类号： G06F8/10

摘要： A transformation tree for an object model (OM) is defined. The transformation tree has nodes interconnected by edges, where each node is connected to at most one other tree node. Each node corresponds to a state of the OM; each edge corresponds to an event causing the OM to transition from the state of one node to the state of another node. A transformation graph for the OM is constructed by simulating the transformation tree. The transformation graph has nodes interconnected by edges, and is a directed graph in which each node is connected to one or more other nodes. Each node corresponds to a state of the OM; each edge corresponds to an event causing the OM to transition from the state of one node to the state of another node. Crawling-oriented actions are performed in relation to the OM by being performed in relation to the transformation graph.

摘要翻译： 定义了对象模型（OM）的转换树。 转换树具有通过边缘互连的节点，其中每个节点连接到最多一个其他树节点。 每个节点都对应于OM的状态; 每个边缘对应于导致OM从一个节点的状态转变到另一个节点的状态的事件。 通过模拟转换树构建OM的变换图。 转换图具有通过边缘互连的节点，并且是有向图，其中每个节点连接到一个或多个其他节点。 每个节点对应于OM的状态; 每个边缘对应于导致OM从一个节点的状态转变到另一个节点的状态的事件。 通过相对于变换图执行针对OM执行针对爬行的动作。

公开(公告)号：US20120216177A1

公开(公告)日：2012-08-23

申请号：US13033024

申请日：2011-02-23

申请人： Stephen Fink ,  Yinnon A. Haviv ,  Marco Pistoia ,  Omer Tripp ,  Omri Weisman

发明人： Stephen Fink ,  Yinnon A. Haviv ,  Marco Pistoia ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F9/44

CPC分类号： G06F8/75 ,  G06F8/77

摘要： A method is disclosed that includes, using a static analysis, analyzing a software program to determine a number of paths from sources accepting information to sinks using that information or a modified version of that information and to determine multiple paths from the number of paths. The determined multiple paths have a same transition from an application portion of the software program to a library portion of the software program and require a same downgrading action to address a vulnerability associated with source-sink pairs in the multiple paths. The analyzing includes determining the multiple paths using a path-sensitive analysis. The method includes, for the determined multiple paths, grouping the determined multiple paths into a single representative indication of the determined multiple paths. The method includes outputting the single representative indication. Computer program products and apparatus are also disclosed.

摘要翻译： 公开了一种方法，其包括使用静态分析来分析软件程序以使用该信息或该信息的修改版本从接收信息的信源到汇点确定多个路径，并且从路径数确定多条路径。 所确定的多个路径具有从软件程序的应用部分到软件程序的库部分的相同转换，并且需要相同的降级动作来解决与多个路径中的源 - 汇对相关联的漏洞。 分析包括使用路径敏感分析来确定多个路径。 该方法包括对于所确定的多个路径，将所确定的多个路径分组成所确定的多个路径的单个代表性指示。 该方法包括输出单个代表性指示。 还公开了计算机程序产品和装置。

公开(公告)号：US20120159619A1

公开(公告)日：2012-06-21

申请号：US12968646

申请日：2010-12-15

申请人： Ryan J. Berg ,  Marco Pistoia ,  Takaaki Tateishi ,  Stephen D. Teilhet ,  Omer Tripp

发明人： Ryan J. Berg ,  Marco Pistoia ,  Takaaki Tateishi ,  Stephen D. Teilhet ,  Omer Tripp

IPC分类号： G06F21/00 ,  G06F9/44

CPC分类号： G06F21/50 ,  G06F21/577

摘要： Mechanisms for evaluating downgrader code in application code with regard to one or more security guidelines are provided. Downgrader code in application code is identified, where the downgrader code is a portion of code in the application code that operates on an information flow of the application code to ensure confidentiality of information input to the downgrader code, in the output of the downgrader code. Processes of the downgrader code are evaluated against security guidelines to determine if the processes violate the security guidelines. A notification is generated in response to the evaluation indicating that the processes of the downgrader code violate the security guidelines. The notification is output to a computing device for consideration.

摘要翻译： 提供了关于一个或多个安全指南的应用程序代码评估降级代码的机制。 识别应用代码中的降级代码，其中降级代码是应用代码中的代码的一部分，其在应用代码的信息流上操作，以确保降级代码的输出中输入降级代码的信息的机密性。 根据安全准则评估降级代码的过程，以确定进程是否违反安全性准则。 产生响应于评估的通知，指示降级代码的处理违反安全准则。 该通知被输出到计算设备以供考虑。

公开(公告)号：US20120023486A1

公开(公告)日：2012-01-26

申请号：US12843308

申请日：2010-07-26

申请人： Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

发明人： Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F9/44

CPC分类号： G06F21/577 ,  H04L63/105

摘要： A method includes determining grammar for output of an information-flow downgrader in a software program. The software program directs the output of the information-flow downgrader to a sink. The method includes determining whether the grammar of the output conforms to one or more predetermined specifications of the sink. The method includes, in response to a determination the grammar of the output conforms to the one or more predetermined specifications of the sink, determining the information-flow downgrader is verified for the sink, wherein determining grammar, determining whether the grammar, and determining the information-flow downgrader are performed via static analysis of the software program. Apparatus and computer program products are also disclosed. An apparatus includes a user interface providing a result of whether or not output of an information-flow downgrader in the software program conforms to one or more predetermined specifications of a sink in the software program.

摘要翻译： 一种方法包括在软件程序中确定信息流降级器的输出的语法。 软件程序将信息流降级器的输出引导到宿。 该方法包括确定输出的语法是否符合汇的一个或多个预定规范。 该方法包括响应于确定，输出的语法符合信宿的一个或多个预定规范，确定信宿流降级器对于汇点进行验证，其中确定语法，确定语法，并确定 信息流降级器通过软件程序的静态分析来执行。 还公开了装置和计算机程序产品。 一种装置，包括提供软件程序中的信息流下载器的输出是否符合软件程序中的接收器的一个或多个预定规格的结果的用户界面。